Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://barendrechtverkoopt.nl/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: barendrechtverkoopt.nl Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Sat, 05 Sep 2015 15:58:18 GMT Location: http://underbuild.net/cgi-bin/r.cgi?p=15004&i=562f4189&j=333&m=14b59c5e65b9bacc8d477080358c2edf&h=barendrechtverkoopt.nl&u=/&q=&t=20150905175818 Server: Apache/2 Content-Length: 430 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: xccgtswgokoe=1; path=/; domain=barendrechtverkoopt.nl; expires=Sat, 12-Sep-2015 15:58:18 GMT | malicious |
Scanned pages/files
Request | Server response | Status |
http://barendrechtverkoopt.nl/ | 200 OK Content-Length: 9620 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED BY HACKINGTHUNDER <h3 align="center"><font face="Orbitron" size="7" style="background: url("http://i106.photobucket.com/albums/m280/YukioKenshin/chopnhay.gif") repeat scroll 0% 0% transparent; color:Yellow; text-shadow: 0pt 0pt 0.9em red, 0pt 2pt 0.9em red;"><b> HACKINGTHUNDER WAS HERE </b></font></h2>
<html> <head> <title> HACKED BY HACKINGTHUNDER </title> <script language="JavaScript1.2"> var speed=1 var currentpos=0,alt=1,curpos1=0,curpos2=-1 function initialize(){ startit() } function scrollwindow(){ if (document.all) temp=document.body.scrollTop else ...[10995 bytes skipped]... | ||
http://htmlfreecodes.com/userdata/heart.js | 200 OK Content-Length: 226 Content-Type: application/javascript | clean |
http://barendrechtverkoopt.nl/test404page.js | 404 Not Found Content-Length: 405 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=barendrechtverkoopt.nl
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://barendrechtverkoopt.nl/
Result: barendrechtverkoopt.nl is not infected or malware details are not published yet.
Result: barendrechtverkoopt.nl is not infected or malware details are not published yet.