Scanned pages/files
| Request | Server response | Status |
http://youngsvilla.com/ | 200 OK Content-Length: 4734 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: zonehmirrors.org ...[1647 bytes skipped]... r/> <center><link href="http://fonts.googleapis.com/css?family=Iceland" rel="stylesheet" type="text/css"> <style type="text/css">.cf-hidden { display: none; } .cf-invisible { visibility: hidden; }</style><font face="Iceland" style="color:#rgb;text-shadow:0px 1px 5px #000;font-size:40px">==-[ Spain ]-== </font></center> <p align="center"><br> <img src="http://zonehmirrors.org/defaced/2014/06/13/syntaxteam.eu/i.imgur.com/xRvBrpa.gif" onerror="this.onerror=null;this.src='http://i.imgur.com/R8reM.jpg';" width="500" height="250" alt=""> </p><center><link href="http://fonts.googleapis.com/css?family=Iceland" rel="stylesheet" type="text/css"> <style type="text/css">.cf-hidden { display: none; } .cf-invisible { visibility: hidden; }</style><font face="Iceland" style="color:#FFFFFF;text-shadow:0px 1px 5p ...[2911 bytes skipped]... Deface/Content modification. The following signature was found: Hacked By Decode <html><head><title>Hacked By Decode</title>
<style type="text/css">body{background:#000000;scrollbar-track-color:#000000;scrollbar-darkshadow-color:#000000;scrollbar-face-color:#000000;scrollbar-shadow-color:#FFFFFF;scrollbar-highlight-color:#FFFFFF;scrollbar-3dlight-color:#000000;scrollbar-arrow-color:#FFFFFF;color:#8E959E}.name{text-decoration:none;}@-moz-keyframes roll { 100% { -moz-transform: rotate(360deg); } } @-o-keyframes roll { 1 ...[5014 bytes skipped]... | ||
http://platform.twitter.com/widgets.js | 200 OK Content-Length: 108407 Content-Type: application/javascript | clean |
http://youngsvilla.com/test404page.js | 404 Not Found Content-Length: 1245 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: youngsvilla.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Tue, 18 Nov 2014 02:32:16 GMT
Server: Microsoft-IIS/7.5
Content-Length: 4734
Content-Type: text/html
Set-Cookie: ASPSESSIONIDAQATRBAR=DDNHBGFBKNNGEDKIGFNMBBFH; path=/
X-Powered-By: ASP.NET
...4734 bytes of data.
GET / HTTP/1.1
Host: youngsvilla.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Tue, 18 Nov 2014 02:32:16 GMT
Server: Microsoft-IIS/7.5
Content-Length: 4734
Content-Type: text/html
Set-Cookie: ASPSESSIONIDAQATRBAR=DDNHBGFBKNNGEDKIGFNMBBFH; path=/
X-Powered-By: ASP.NET
...4734 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: youngsvilla.com
Referer: http://www.google.com/search?q=youngsvilla.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: youngsvilla.com
Referer: http://www.google.com/search?q=youngsvilla.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=youngsvilla.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://youngsvilla.com/
Result: youngsvilla.com is not infected or malware details are not published yet.
Result: youngsvilla.com is not infected or malware details are not published yet.