Scanned pages/files
Request | Server response | Status |
http://menorcavacations.com/ | 200 OK Content-Length: 24521 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Prosox ...[2415 bytes skipped]... ",p=(""+location).split("?")[0],l=e.exports={offset:i(),origin:p,features:{}};c[f]?(c[f]("DOMContentLoaded",o,!1),u[f]("load",n,!1)):(c[s]("onreadystatechange",r),u[s]("onload",n)),a("mark",["firstbyte",i()])},{handle:"D5DuLP"}]},{},["G9z0Bl"]);</script> <style></style> <meta content="text/html; charset=ISO-8859-1" http-equiv="content-type"> <title>Hacked By Prosox</title> <style type="text/css"> body{background-image:url(http://zupimages.net/up/15/25/xs7y.jpg);background-attachment: fixed} </style> <font size="5"> </head><body style="color: rgb(153, 0, 153); text-shadow: rgb(137, 191, 1) 0px -7px 15px; background-color: rgb(0, 0, 0);" alink="#990099" link="#990099" vlink="#990099"> <table height="100%" width="100%"> <br> <br> <br&g ...[25417 bytes skipped]... | ||
http://menorcavacations.com/test404page.js | 200 OK Content-Length: 24521 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: menorcavacations.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 19 Jun 2015 01:31:04 GMT
Server: nginx/1.6.2
Content-Type: text/html; charset=UTF-8
GET / HTTP/1.1
Host: menorcavacations.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 19 Jun 2015 01:31:04 GMT
Server: nginx/1.6.2
Content-Type: text/html; charset=UTF-8
Second query (visit from search engine):
GET / HTTP/1.1
Host: menorcavacations.com
Referer: http://www.google.com/search?q=menorcavacations.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: menorcavacations.com
Referer: http://www.google.com/search?q=menorcavacations.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=menorcavacations.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://menorcavacations.com/
Result: menorcavacations.com is not infected or malware details are not published yet.
Result: menorcavacations.com is not infected or malware details are not published yet.