Scanned pages/files
Request | Server response | Status |
http://wehmanneurosurgery.com/ | 200 OK Content-Length: 3091 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 src: http://www.youtube.com/embed/eg1vof0zqag?feature=player_embedded&_s&loop=1&autoplay=1 <iframe frameborder="0" height="0" src="http://www.youtube.com/embed/eg1vof0zqag?feature=player_embedded&_s&loop=1&autoplay=1" width="0"> Deface/Content modification. The following signature was found: Hacked by KkK1337 <!DOCTYPE html>
<html lang="en"> <title>Hacked by KkK1337</title> <head> <link href='http://fonts.googleapis.com/css?family=Electrolize' rel='stylesheet' type='text/css'> <link rel="stylesheet" href="http://www.israelc.com/wp-content/plugins/wp-construction-mode/inc/style/style.css"> <link rel="stylesheet" href="http://www.israelc.com/wp-content/plugins/wp-construction-mode/inc/style/font-awesome.min.css"> <iframe frameborder="0" ...[3064 bytes skipped]... | ||
http://wehmanneurosurgery.com/test404page.js | 404 Not Found Content-Length: 464 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: wehmanneurosurgery.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=60
Connection: close
Date: Sun, 21 Jun 2015 13:12:01 GMT
Accept-Ranges: bytes
ETag: "2121d5-c13-5149219315f00"
Server: Apache/2.2.24 (Unix) DAV/2 PHP/5.3.26 mod_ssl/2.2.24 OpenSSL/0.9.8y
Content-Length: 3091
Content-Type: text/html
Expires: Sun, 21 Jun 2015 13:13:01 GMT
Last-Modified: Sat, 25 Apr 2015 20:10:04 GMT
MS-Author-Via: DAV
X-Frame-Options: SameOrigin
...3091 bytes of data.
GET / HTTP/1.1
Host: wehmanneurosurgery.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=60
Connection: close
Date: Sun, 21 Jun 2015 13:12:01 GMT
Accept-Ranges: bytes
ETag: "2121d5-c13-5149219315f00"
Server: Apache/2.2.24 (Unix) DAV/2 PHP/5.3.26 mod_ssl/2.2.24 OpenSSL/0.9.8y
Content-Length: 3091
Content-Type: text/html
Expires: Sun, 21 Jun 2015 13:13:01 GMT
Last-Modified: Sat, 25 Apr 2015 20:10:04 GMT
MS-Author-Via: DAV
X-Frame-Options: SameOrigin
...3091 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: wehmanneurosurgery.com
Referer: http://www.google.com/search?q=wehmanneurosurgery.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: wehmanneurosurgery.com
Referer: http://www.google.com/search?q=wehmanneurosurgery.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=wehmanneurosurgery.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://wehmanneurosurgery.com/
Result: wehmanneurosurgery.com is not infected or malware details are not published yet.
Result: wehmanneurosurgery.com is not infected or malware details are not published yet.