Scanned pages/files
Request | Server response | Status |
http://argo.com.co/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 13 Aug 2015 13:15:27 GMT Location: http://argo.com.co/2014 Server: nginx/1.8.0 Content-Length: 292 Content-Type: text/html; charset=iso-8859-1 | clean |
http://argo.com.co/2014 | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 13 Aug 2015 13:15:27 GMT Location: http://argo.com.co/2014/ Server: nginx/1.8.0 Content-Length: 293 Content-Type: text/html; charset=iso-8859-1 | clean |
http://argo.com.co/2014/ | 200 OK Content-Length: 18828 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HaCkeD By ...[4687 bytes skipped]... t></head> <center><font style="color:white;font size:8px;text-align: center;font-family:Pirata One;text-shadow: 0 0 10px #000000, 0px 0px 10px #000000,0 0 10px #000000,0 0 10px #000000;"><font face="Pirata One" color=red size=5><center><br> <div class=dd-postmetadataheader><h2 class=dd-postheader> </title><font size=10 face="Keania One" color=red>HaCkeD By <font color=white><font color="#38df21"> Big_BlaCk_DZ </font> <center> <font size=4 face=Narkisim color=red>If you're good <font color=white> at Something Never<font color=38df21> do it for Free!! ^^</font> <script language=JavaScript></script> <!--Simply copy and paste to the <HEAD> section of your page.--> <SCRIPT LANGUAGE=JavaScript>var n4=(document.layers);var ...[15282 bytes skipped]... | ||
http://shop4brides.ru/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 95807 Content-Type: application/x-javascript | clean |
http://shop4brides.ru/wp-content/themes/irex-lite/SketchBoard/functions/sketch-background-gallery/inc/front/js/skebggallery.js?ver=4.0.1 | 200 OK Content-Length: 14297 Content-Type: application/x-javascript | clean |
http://apitheswiftrecor-a.akamaihd.net/gsrs?is=&bp=PB3&g=46a3e7b4-1dba-4869-88c3-ccd8d0045333 | 200 OK Content-Length: 11335 Content-Type: application/javascript | clean |
http://argo.com.co/test404page.js | 404 Not Found Content-Length: 12839 Content-Type: text/html | clean |
http://code.jquery.com/jquery-1.9.1.js | 200 OK Content-Length: 268381 Content-Type: application/javascript | clean |
http://suspended.hostgator.com/js/simple-expand.min.js | 200 OK Content-Length: 2782 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: argo.com.co
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 13 Aug 2015 13:15:27 GMT
Location: http://argo.com.co/2014
Server: nginx/1.8.0
Content-Length: 292
Content-Type: text/html; charset=iso-8859-1
...292 bytes of data.
GET / HTTP/1.1
Host: argo.com.co
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 13 Aug 2015 13:15:27 GMT
Location: http://argo.com.co/2014
Server: nginx/1.8.0
Content-Length: 292
Content-Type: text/html; charset=iso-8859-1
...292 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: argo.com.co
Referer: http://www.google.com/search?q=argo.com.co
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: argo.com.co
Referer: http://www.google.com/search?q=argo.com.co
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=argo.com.co
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://argo.com.co/
Result: argo.com.co is not infected or malware details are not published yet.
Result: argo.com.co is not infected or malware details are not published yet.