Scanned pages/files
Request | Server response | Status |
http://buxaxique.com.br/ | 200 OK Content-Length: 669 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HackeD By A.O.R <html> <head oncontextmenu="return false;" onkeydown="return false;" onmousedown="return false;"> <title>HackeD By A.O.R</title> </head> <body oncontextmenu="return false;" onkeydown="return false;" onmousedown="return false;" style="background-color: black;"> <center> <br> <font style="arial" size="10" color="red" ">ARMIES OF REPRESSION</font> <br> <br> <br> <img src="http://im85.gulfup.com/oPFl2x.png"> <br><br> <br><br> ...[301 bytes skipped]... | ||
http://buxaxique.com.br/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: buxaxique.com.br
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 21 May 2015 16:23:54 GMT
Server: Apache
Content-Length: 669
Content-Type: text/html
...669 bytes of data.
GET / HTTP/1.1
Host: buxaxique.com.br
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 21 May 2015 16:23:54 GMT
Server: Apache
Content-Length: 669
Content-Type: text/html
...669 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: buxaxique.com.br
Referer: http://www.google.com/search?q=buxaxique.com.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: buxaxique.com.br
Referer: http://www.google.com/search?q=buxaxique.com.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=buxaxique.com.br
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://buxaxique.com.br/
Result: buxaxique.com.br is not infected or malware details are not published yet.
Result: buxaxique.com.br is not infected or malware details are not published yet.