Scanned pages/files
Request | Server response | Status |
http://nd-oro-plata-platino.com/ | 200 OK Content-Length: 1361 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By svboyw <html> <head> </p><center><font size="9" color="red" face="Wallpoet"> https://www.facebook.com/svboyw.phtml </font></center> <title>Hacked By svboyw </title> <embed src="https://www.youtube.com/v/yx7PKfnz3pE%26autoplay=1" type="application/x-shockwave-flash" wmode="transparent" height="1" width="1"> <center><body background="https://writergirlkp.files.wordpress.com/2013/11/black-windows_542931.jpg"height="900" width="750" <font color="#000000"> <center> <img src="http://zone-h.org/images/star.gif" ...[1075 bytes skipped]... | ||
http://nd-oro-plata-platino.com/test404page.js | 404 Not Found Content-Length: 302 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: nd-oro-plata-platino.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 19 Jun 2015 06:47:36 GMT
Server: Apache/2.2.22 (Debian)
Vary: Accept-Encoding
Content-Length: 1361
Content-Type: text/html
X-Powered-By: PHP/5.4.39-0+deb7u2
...1361 bytes of data.
GET / HTTP/1.1
Host: nd-oro-plata-platino.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 19 Jun 2015 06:47:36 GMT
Server: Apache/2.2.22 (Debian)
Vary: Accept-Encoding
Content-Length: 1361
Content-Type: text/html
X-Powered-By: PHP/5.4.39-0+deb7u2
...1361 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: nd-oro-plata-platino.com
Referer: http://www.google.com/search?q=nd-oro-plata-platino.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: nd-oro-plata-platino.com
Referer: http://www.google.com/search?q=nd-oro-plata-platino.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=nd-oro-plata-platino.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://nd-oro-plata-platino.com/
Result: nd-oro-plata-platino.com is not infected or malware details are not published yet.
Result: nd-oro-plata-platino.com is not infected or malware details are not published yet.