Scanned pages/files
Request | Server response | Status |
http://willemprinsloo.com/ | 200 OK Content-Length: 5484 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: :: Hacked by Cyber-71 :: <html>
<title>:: Hacked by Cyber-71 ::</title> <head> <EMBED SRC="http://divine-music.info/musicfiles/exorcist.swf" AUTOSTART="TRUE" LOOP="TRUE" WIDTH="1" HEIGHT="1" ALIGN="CENTER"></EMBED> <SCRIPT LANGUAGE="JavaScript"> <!-- var text=" [X Code Pagla T3st3d your Security]"; var delay=50; var currentChar=1; var destination="[not defined]"; function type() { if ...[6137 bytes skipped]... | ||
http://www.ip2phrase.com/ip2phrase.asp?template=Your IP: <IP> | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://www.ip2phrase.com/test404page.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://www.ip2phrase.com/ip2phrase.asp?template= <isp> | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://www.ip2phrase.com/ip2phrase.asp?template= <country> | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://www.ip2phrase.com/ip2phrase.asp?template= <flag> | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: willemprinsloo.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 07 Apr 2015 20:34:13 GMT
Server: Apache
Content-Type: text/html
X-Powered-By: PHP/5.4.37
GET / HTTP/1.1
Host: willemprinsloo.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 07 Apr 2015 20:34:13 GMT
Server: Apache
Content-Type: text/html
X-Powered-By: PHP/5.4.37
Second query (visit from search engine):
GET / HTTP/1.1
Host: willemprinsloo.com
Referer: http://www.google.com/search?q=willemprinsloo.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: willemprinsloo.com
Referer: http://www.google.com/search?q=willemprinsloo.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=willemprinsloo.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://willemprinsloo.com/
Result: willemprinsloo.com is not infected or malware details are not published yet.
Result: willemprinsloo.com is not infected or malware details are not published yet.