Scanned pages/files
Request | Server response | Status |
http://aquaterradir.com/ | 200 OK Content-Length: 898 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By ...[316 bytes skipped]... >background-color:black; color:white; font-family: Orbitron !important; } </style> </head> <body> <div align="center"> <div><img src="http://i52.photobucket.com/albums/g5/roodecks/xshot.gif"/></div><h1><strong><br/><br/><br/><br/><br/><br/><br/><br/>[ <font color="428bcb">Hacked By <font color="red">riki</font></font> ]</strong></h1><br/><h5><a href="http://forum.3xp1r3.com" target="_blank">forum.3xp1r3.com</a></h5></div> <iframe width="0" height="0" scrolling="no" frameborder="no" src="https://w.soundcloud.com/player/?url=https%3A%2F%2Fapi.soundcloud.com%2Ftracks%2F154600889&auto_play=true&show_artwork=false"></iframe> </body></html> | ||
http://aquaterradir.com/test404page.js | 404 Not Found Content-Length: 959 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: aquaterradir.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 17 Oct 2015 08:34:22 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
X-Powered-By: PleskLin
GET / HTTP/1.1
Host: aquaterradir.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 17 Oct 2015 08:34:22 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
X-Powered-By: PleskLin
Second query (visit from search engine):
GET / HTTP/1.1
Host: aquaterradir.com
Referer: http://www.google.com/search?q=aquaterradir.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: aquaterradir.com
Referer: http://www.google.com/search?q=aquaterradir.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=aquaterradir.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://aquaterradir.com/
Result: aquaterradir.com is not infected or malware details are not published yet.
Result: aquaterradir.com is not infected or malware details are not published yet.