Scanned pages/files
Request | Server response | Status |
http://www.bdd.bt/ | 200 OK Content-Length: 30577 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: +ADw-/title+AD4APA-title+AD4-HackED By Albania Coder Group+ADw-/title+AD4 ...[141 bytes skipped]... t; <html class="ie ie8" lang="en-US"> <![endif]--> <!--[if !(IE 7) | !(IE 8) ]><!--> <html lang="en-US"> <!--<![endif]--> <head> <meta charset="UTF-7" /> <meta name="viewport" content="width=device-width" /> <link rel="pingback" href="http://www.bdd.bt/xmlrpc.php" /> <title>+ADw-/title+AD4APA-title+AD4-HackED By Albania Coder Group+ADw-/title+AD4 +ADw-body alink+AD0AIw-FFFFFF+AD4 +ADw-body vlink+AD0AIw-FFFFFF+AD4 +ADw-style type+AD0AIg-text/css+ACIAPg body,html +AHs margin: 0+ADs padding: 0+ADs outline: 0+ADs +AH0 .cont a+AHs text-decoration: none+ADs color:rgb(0, 0, 0)+ADs font-family: Tahoma, Arial, sans-serif +ADs font-size: 16px+ADs text-shadow: 0px 0px 3px +ADs +AH0 ...[34691 bytes skipped]... | ||
http://apis.google.com/js/plusone.js | 200 OK Content-Length: 13269 Content-Type: application/javascript | clean |
http://www.bdd.bt/wp-includes/js/hoverIntent.min.js?ver=r7 | 200 OK Content-Length: 1116 Content-Type: application/javascript | clean |
http://www.bdd.bt/wp-admin/js/common.min.js?ver=4.1.8 | 200 OK Content-Length: 12533 Content-Type: application/javascript | clean |
http://www.bdd.bt/wp-content/plugins/calpress-event-calendar/js/jquery.tinyscrollbar.min.js?ver=4.1.8 | 200 OK Content-Length: 5343 Content-Type: application/javascript | clean |
http://www.bdd.bt/wp-content/plugins/lazyest-gallery/js/lazyest-gallery.js?ver=1.1.20 | 200 OK Content-Length: 10306 Content-Type: application/javascript | clean |
http://www.bdd.bt/index.php | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Wed, 07 Oct 2015 20:49:28 GMT Pragma: no-cache Location: http://www.bdd.bt/ Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Content-Length: 0 Content-Type: text/html; charset=UTF-7 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=638274ba942de508fefb3ca18b89b6ac; path=/ X-Pingback: http://www.bdd.bt/xmlrpc.php X-Powered-By: PHP/5.4.36 | clean |
http://www.bdd.bt/test404page.js | 404 Not Found Content-Length: 458 Content-Type: text/html | clean |
http://www.bdd.bt/?page_id=32 | 200 OK Content-Length: 32671 Content-Type: text/html | clean |
http://platform.twitter.com/widgets.js | 200 OK Content-Length: 90514 Content-Type: application/javascript | clean |
http://platform.linkedin.com/in.js | 200 OK Content-Length: 3768 Content-Type: text/javascript | clean |
http://www.stumbleupon.com/hostedbadge.php?s=1&r=http://www.bdd.bt/?page_id=32 | 200 OK Content-Length: 464 Content-Type: text/html | clean |
http://s7.addthis.com/js/250/addthis_widget.js | 200 OK Content-Length: 256059 Content-Type: text/javascript | clean |
http://www.bdd.bt/wp-includes/js/comment-reply.min.js?ver=4.1.8 | 200 OK Content-Length: 757 Content-Type: application/javascript | clean |
http://www.bdd.bt/?page_id=39 | 200 OK Content-Length: 30319 Content-Type: text/html | clean |
http://www.stumbleupon.com/hostedbadge.php?s=1&r=http://www.bdd.bt/?page_id=39 | 200 OK Content-Length: 464 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: bdd.bt
Result:
GET / HTTP/1.1
Host: bdd.bt
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: bdd.bt
Referer: http://www.google.com/search?q=bdd.bt
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: bdd.bt
Referer: http://www.google.com/search?q=bdd.bt
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bdd.bt
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bdd.bt/
Result: bdd.bt is not infected or malware details are not published yet.
Result: bdd.bt is not infected or malware details are not published yet.