Scanned pages/files
Request | Server response | Status |
http://whenwemakeahome.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 16 Dec 2015 04:53:31 GMT Location: http://www.whenwemakeahome.com/fusionwedding Server: nginx Content-Length: 252 Content-Type: text/html; charset=iso-8859-1 Ngpass_ngall: 1 | clean |
http://www.whenwemakeahome.com/fusionwedding | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 16 Dec 2015 04:53:32 GMT Location: http://www.whenwemakeahome.com/fusionwedding/ Server: nginx Content-Length: 253 Content-Type: text/html; charset=iso-8859-1 Ngpass_ngall: 1 | clean |
http://www.whenwemakeahome.com/fusionwedding/ | 200 OK Content-Length: 1764 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HaCKeD By_aGReSiF [ - TurkisH AttackeR - ] <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office"> <head> <meta http-equiv="Content-Language" content="tr" /> ...[1896 bytes skipped]... | ||
http://www.whenwemakeahome.com/test404page.js | 404 Not Found Content-Length: 108 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: whenwemakeahome.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 16 Dec 2015 04:53:31 GMT
Location: http://www.whenwemakeahome.com/fusionwedding
Server: nginx
Content-Length: 252
Content-Type: text/html; charset=iso-8859-1
Ngpass_ngall: 1
...252 bytes of data.
GET / HTTP/1.1
Host: whenwemakeahome.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 16 Dec 2015 04:53:31 GMT
Location: http://www.whenwemakeahome.com/fusionwedding
Server: nginx
Content-Length: 252
Content-Type: text/html; charset=iso-8859-1
Ngpass_ngall: 1
...252 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: whenwemakeahome.com
Referer: http://www.google.com/search?q=whenwemakeahome.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: whenwemakeahome.com
Referer: http://www.google.com/search?q=whenwemakeahome.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=whenwemakeahome.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://whenwemakeahome.com/
Result: whenwemakeahome.com is not infected or malware details are not published yet.
Result: whenwemakeahome.com is not infected or malware details are not published yet.