Scanned pages/files
Request | Server response | Status |
http://avprwanda.org/ | 200 OK Content-Length: 2302 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by rooterror ...[935 bytes skipped]... tform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script> <!-- twitter fin --> <center> <br><br><br><br> <img src="http://i.imgur.com/brF7RUo.png" width="900" height="140"> <br><br> <font face="Share Tech Mono" size="4" color="white"><font color="red">[</font>Hacked by rooterror<font color="red">]</font> <br><br> <font size="7" face="Share Tech Mono" color='white'>BREAK SECURITY HACKERS</font> <br><br> </font><font size='5' face="Share Tech Mono" color='red'>the network security is a myth</font> <br><br> <font size="4" face="Share Tech Mono" color='white'><font color='red'>[</font> Mexican Defacer <font color='red'> ...[986 bytes skipped]... | ||
http://avprwanda.org/test404page.js | 404 Not Found Content-Length: 11812 Content-Type: text/html | clean |
http://code.jquery.com/jquery-1.9.1.js | 200 OK Content-Length: 268381 Content-Type: application/x-javascript | clean |
http://avprwanda.org/cgi-sys/js/simple-expand.min.js | 200 OK Content-Length: 2782 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: avprwanda.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 16 Sep 2014 17:44:26 GMT
Server: nginx/1.6.2
Content-Length: 2302
Content-Type: text/html
...2302 bytes of data.
GET / HTTP/1.1
Host: avprwanda.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 16 Sep 2014 17:44:26 GMT
Server: nginx/1.6.2
Content-Length: 2302
Content-Type: text/html
...2302 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: avprwanda.org
Referer: http://www.google.com/search?q=avprwanda.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: avprwanda.org
Referer: http://www.google.com/search?q=avprwanda.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=avprwanda.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://avprwanda.org/
Result: avprwanda.org is not infected or malware details are not published yet.
Result: avprwanda.org is not infected or malware details are not published yet.