Scanned pages/files
Request | Server response | Status |
http://preguntatu.com/ | 200 OK Content-Length: 1616 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Prosox <html>
<head> <title>Hacked By Prosox</title> <script type="text/javascript" src="" ></script></head> <iframe width="1" height="1" src="https://www.youtube.com/v/Kb8F2NOye5U&autoplay=1" frameborder="0" allowfullscreen=""></iframe> <body bgcolor="#fffff0"> <font color="#000000"> <center> <img src="http://zone-h.org/images/star.gif"> <img src="http://zone-h.org/ima ...[1566 bytes skipped]... | ||
http://preguntatu.com/test404page.js | 404 Not Found Content-Length: 502 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: preguntatu.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 03 Jul 2015 23:20:16 GMT
Accept-Ranges: bytes
ETag: "12808ff-650-51920df445ac0"
Server: Apache
Content-Length: 1616
Content-Type: text/html
Last-Modified: Mon, 22 Jun 2015 20:10:59 GMT
...1616 bytes of data.
GET / HTTP/1.1
Host: preguntatu.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 03 Jul 2015 23:20:16 GMT
Accept-Ranges: bytes
ETag: "12808ff-650-51920df445ac0"
Server: Apache
Content-Length: 1616
Content-Type: text/html
Last-Modified: Mon, 22 Jun 2015 20:10:59 GMT
...1616 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: preguntatu.com
Referer: http://www.google.com/search?q=preguntatu.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: preguntatu.com
Referer: http://www.google.com/search?q=preguntatu.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=preguntatu.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://preguntatu.com/
Result: preguntatu.com is not infected or malware details are not published yet.
Result: preguntatu.com is not infected or malware details are not published yet.