Scanned pages/files
Request | Server response | Status |
http://watmedgulf.org/ | 200 OK Content-Length: 3638 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 src: http://www.youtube.com/v/qd8onpc1fli&autoplay=1 ?autoplay=1&cc_load_policy=1 <iframe allowfullscreen="" src="http://www.youtube.com/v/qd8onpc1fli&autoplay=1
?autoplay=1&cc_load_policy=1" frameborder="0" height="0" width="0"> Deface/Content modification. The following signature was found: Hacked By Mzabi Ghost & Mr.Black Ghost Dz <html><title>Hacked By Mzabi Ghost & Mr.Black Ghost Dz </title><head><meta name="ROBOTS" content="INDEX, NOFOLLOW">
<meta name="ROBOTS" content="INDEX, NOFOLLOW"> <script src="//i.skimresources.com/api/?callback=skimwordsSettingsCallback&data=%7B%22instant%22%3A%221%22%2C%22page%22%3A%22http%3A%2F%2Fwww.immobiliervalenciennes.fr%2F%22%2C%22pref%22%3A%22%22%2C%22pubcode%22%3A% ...[4050 bytes skipped]... | ||
http://watmedgulf.org//i.skimresources.com/api/?callback=skimwordsSettingsCallback&data=%7B%22instant%22%3A%221%22%2C%22page%22%3A%22http%3A%2F%2Fwww.immobiliervalenciennes.fr%2F%22%2C%22pref%22%3A%22%22%2C%22pubcode%22%3A%2262117X1389296%22%7D&version=10&js=1/ | 404 Not Found Content-Length: 1245 Content-Type: text/html | clean |
http://watmedgulf.org/test404page.js | 404 Not Found Content-Length: 1245 Content-Type: text/html | clean |
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js | 200 OK Content-Length: 93868 Content-Type: text/javascript | clean |
http://watmedgulf.org//s.skimresources.com/js/62117X1389296.skimlinks.js/ | 404 Not Found Content-Length: 1245 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: watmedgulf.org
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Tue, 16 Jun 2015 04:17:58 GMT
Server: Microsoft-IIS/8.5
Content-Length: 3638
Content-Type: text/html; charset=utf-8
Set-Cookie: ASP.NET_SessionId=jjq4q5zp5wqu5qjf5cmommix; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
...3638 bytes of data.
GET / HTTP/1.1
Host: watmedgulf.org
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Tue, 16 Jun 2015 04:17:58 GMT
Server: Microsoft-IIS/8.5
Content-Length: 3638
Content-Type: text/html; charset=utf-8
Set-Cookie: ASP.NET_SessionId=jjq4q5zp5wqu5qjf5cmommix; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
...3638 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: watmedgulf.org
Referer: http://www.google.com/search?q=watmedgulf.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: watmedgulf.org
Referer: http://www.google.com/search?q=watmedgulf.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=watmedgulf.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://watmedgulf.org/
Result: watmedgulf.org is not infected or malware details are not published yet.
Result: watmedgulf.org is not infected or malware details are not published yet.