Scanned pages/files
| Request | Server response | Status |
http://buceomares.cl/ | 200 OK Content-Length: 16170 Content-Type: text/html | clean |
http://buceomares.cl/precio2010.xls | 200 OK Content-Length: 83456 Content-Type: application/vnd.ms-excel | clean |
http://buceomares.cl/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://buceomares.cl/pdf/fichaordenador.pdf | 200 OK Content-Length: 303523 Content-Type: application/pdf | clean |
http://buceomares.cl/pdf/fichatecnica.pdf | 200 OK Content-Length: 300625 Content-Type: application/pdf | clean |
http://buceomares.cl/productos.htm | 200 OK Content-Length: 6435 Content-Type: text/html | clean |
http://buceomares.cl/index.htm | 200 OK Content-Length: 16170 Content-Type: text/html | clean |
http://buceomares.cl/agenda.htm | 200 OK Content-Length: 13006 Content-Type: text/html | clean |
http://buceomares.cl/galeria.htm | 200 OK Content-Length: 5477 Content-Type: text/html | clean |
http://buceomares.cl/escuela.htm | 200 OK Content-Length: 15720 Content-Type: text/html | clean |
http://buceomares.cl/escuela1.htm | 200 OK Content-Length: 12166 Content-Type: text/html | clean |
http://buceomares.cl/contacto.htm | 200 OK Content-Length: 6001 Content-Type: text/html | clean |
http://buceomares.cl/foro | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 24 Jul 2015 17:53:19 GMT Location: http://buceomares.cl/foro/ Server: nginx Content-Length: 234 Content-Type: text/html; charset=iso-8859-1 X-Cache: HIT from Backend | clean |
http://buceomares.cl/foro/ | 200 OK Content-Length: 5889 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: ThIs server Has Been HaCkeD By ...[1473 bytes skipped]... // mensaje elite mensaje= '<p align="lef"><font size="2" face="Courier New">++++++++++++++++++++++++++++++++++++++ Connecting Server, Please Wait ............. </font></p>'+' <br>'+' <br>'+ '<p align="center"> <b><font size="4"> $: CONNECTED </font></b> <br>' + '<br> '+ 'ThIs server Has Been HaCkeD By <br>'+ ' <br>'+ '<p align="center"><font size="5" face="Courier New">--- { Cyber HaX0rS } ---- <br> '+ '<br>\\\ ApendiX -=- Sho0t3R -=- NET_SPY //'+ '<p align="center"><font size="3" face="Courier New"I am Here & There & Every were'+ ' <br>'+ ' <br>'+ 'I will Not stop Hacking ... <br>'+ ' & ...[4752 bytes skipped]... | ||
http://buceomares.cl/OFERTA.doc | 200 OK Content-Length: 19968 Content-Type: application/msword | clean |
http://buceomares.cl/escuela2.htm | 200 OK Content-Length: 11092 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: buceomares.cl
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 24 Jul 2015 17:53:07 GMT
Accept-Ranges: bytes
Server: nginx
Vary: Accept-Encoding
Content-Length: 16170
Content-Type: text/html
Last-Modified: Mon, 17 Dec 2012 20:41:25 GMT
X-Cache: HIT from Backend
...16170 bytes of data.
GET / HTTP/1.1
Host: buceomares.cl
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 24 Jul 2015 17:53:07 GMT
Accept-Ranges: bytes
Server: nginx
Vary: Accept-Encoding
Content-Length: 16170
Content-Type: text/html
Last-Modified: Mon, 17 Dec 2012 20:41:25 GMT
X-Cache: HIT from Backend
...16170 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: buceomares.cl
Referer: http://www.google.com/search?q=buceomares.cl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: buceomares.cl
Referer: http://www.google.com/search?q=buceomares.cl
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=buceomares.cl
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://buceomares.cl/
Result: buceomares.cl is not infected or malware details are not published yet.
Result: buceomares.cl is not infected or malware details are not published yet.