Scanned pages/files
Request | Server response | Status |
http://rwrites.com/ | 200 OK Content-Length: 14878 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By KingSam ...[5590 bytes skipped]... <span style="font-weight: bold; text-shadow: 0px 0px 20px;"><br> Long Live Muslims<br> Long Live Pakistan<br> Pakistan ZindaBad<br> </span> </span></span><br> <span style="font-size: large;"><span style="color: rgb(255, 255, 255);"><span style="font-weight: bold; text-shadow: 0px 0px 10px;"><br>Hacked By KingSam</span></span></span> <br> <p><br> <br> <span style="font-size: large;"><span style="color: rgb(255, 255, 255);"><span style="font-weight: bold; text-shadow: 0px 0px 10px;">WE ARE MONITORING YOUR ACTIVITIES AND WE HAVE NOTICED THAT YOUR ARMY WON'T STOP KILLING INNOCENT PEOPLE OF KASHMIR NOW MUSLIM HACKERS UNITED UNDER THE FLAG TO SAVE KASHMIR FROM YOUR EVIL MINDS ...[10338 bytes skipped]... | ||
http://rwrites.com/test404page.js | 200 OK Content-Length: 14878 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: rwrites.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Dec 2015 14:44:37 GMT
Server: nginx/1.8.0
Content-Type: text/html
GET / HTTP/1.1
Host: rwrites.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 02 Dec 2015 14:44:37 GMT
Server: nginx/1.8.0
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: rwrites.com
Referer: http://www.google.com/search?q=rwrites.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: rwrites.com
Referer: http://www.google.com/search?q=rwrites.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=rwrites.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://rwrites.com/
Result: rwrites.com is not infected or malware details are not published yet.
Result: rwrites.com is not infected or malware details are not published yet.