Scanned pages/files
Request | Server response | Status |
http://duitsland-kredieten.nl/ | 200 OK Content-Length: 4600 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By KingSam ...[1195 bytes skipped]... <span style="font-weight: bold; text-shadow: 0px 0px 20px;"><br> Long Live Muslims<br> Long Live Pakistan<br> Pakistan ZindaBad<br> </span> </span></span><br> <span style="font-size: large;"><span style="color: rgb(255, 255, 255);"><span style="font-weight: bold; text-shadow: 0px 0px 10px;"><br>Hacked By KingSam</span></span></span> <br> <p><br> <br> <span style="font-size: large;"><span style="color: rgb(255, 255, 255);"><span style="font-weight: bold; text-shadow: 0px 0px 10px;">WE ARE MONITORING YOUR ACTIVITIES AND WE HAVE NOTICED THAT YOUR ARMY WON'T STOP KILLING INNOCENT PEOPLE OF KASHMIR NOW MUSLIM HACKERS UNITED UNDER THE FLAG TO SAVE KASHMIR FROM YOUR EVIL MINDS ...[3988 bytes skipped]... | ||
http://duitsland-kredieten.nl/test404page.js | 404 Not Found Content-Length: 12839 Content-Type: text/html | clean |
http://code.jquery.com/jquery-1.9.1.js | 200 OK Content-Length: 268381 Content-Type: application/javascript | clean |
http://suspended.hostgator.com/js/simple-expand.min.js | 200 OK Content-Length: 2782 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: duitsland-kredieten.nl
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 11 Oct 2015 22:51:30 GMT
Server: nginx/1.8.0
Content-Type: text/html
GET / HTTP/1.1
Host: duitsland-kredieten.nl
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 11 Oct 2015 22:51:30 GMT
Server: nginx/1.8.0
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: duitsland-kredieten.nl
Referer: http://www.google.com/search?q=duitsland-kredieten.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: duitsland-kredieten.nl
Referer: http://www.google.com/search?q=duitsland-kredieten.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=duitsland-kredieten.nl
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://duitsland-kredieten.nl/
Result: duitsland-kredieten.nl is not infected or malware details are not published yet.
Result: duitsland-kredieten.nl is not infected or malware details are not published yet.