Scanned pages/files
Request | Server response | Status |
http://motel.com.au/ | HTTP/1.1 200 OK Connection: close Date: Wed, 13 May 2015 13:53:20 GMT Accept-Ranges: bytes ETag: "1ce984-e8-45b970cc0e4c0" Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Content-Length: 232 Content-Type: text/html Last-Modified: Thu, 13 Nov 2008 19:23:39 GMT | clean |
http://www.motel.com.au/rent/tpl/visit/index.html | 200 OK Content-Length: 3438 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://202host.com/w.soundcloud.com/player/index.html?url=https:%252f%252fapi.soundcloud.com%252ftracks%252f43341899&auto_play=true&hide_related=false&show_comments=true&show_user=true&show_reposts=false&visual=true <iframe width="1" height="1" scrolling="no" frameborder="no" src="http://202host.com/w.soundcloud.com/player/index.html?url=https:%252f%252fapi.soundcloud.com%252ftracks%252f43341899&auto_play=true&hide_related=false&show_comments=true&show_user=true&show_reposts=false&visual=true"> Deface/Content modification. The following signature was found: Hacked By Rexal Scooterist <!--
Code by Rexal Scooterist Contact : Rexal Scooterist@gmail.com FB : Rexal Scooterist Blog : --!> <!DOCTYPE HTML> <html lang="en-US"> <head> <meta name="keywords" content="Hacked By Rexal Scooterist"> <meta name="description" content="./~hack"><meta content=Hacked By Rexal Scooterist, Rexal Scooterist indonesian hacker,defacer' name='keywords'/> <meta content='Hacked By Rexal Scooterist' name='subject'/> <meta content='Hacked By Rexal Scooterist' name='Abstract'/> <meta content='Hacked By Rexal Scooterist' name='copyright'/> <meta content='Hacked By ...[3586 bytes skipped]... | ||
http://www.motel.com.au/test404page.js | 404 Not Found Content-Length: 511 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: motel.com.au
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 13 May 2015 13:53:20 GMT
Accept-Ranges: bytes
ETag: "1ce984-e8-45b970cc0e4c0"
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Length: 232
Content-Type: text/html
Last-Modified: Thu, 13 Nov 2008 19:23:39 GMT
...232 bytes of data.
GET / HTTP/1.1
Host: motel.com.au
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 13 May 2015 13:53:20 GMT
Accept-Ranges: bytes
ETag: "1ce984-e8-45b970cc0e4c0"
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/0.9.8m DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Length: 232
Content-Type: text/html
Last-Modified: Thu, 13 Nov 2008 19:23:39 GMT
...232 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: motel.com.au
Referer: http://www.google.com/search?q=motel.com.au
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: motel.com.au
Referer: http://www.google.com/search?q=motel.com.au
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=motel.com.au
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://motel.com.au/
Result: motel.com.au is not infected or malware details are not published yet.
Result: motel.com.au is not infected or malware details are not published yet.