Scanned pages/files
Request | Server response | Status |
http://sp1x.com/ | 200 OK Content-Length: 3370 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By : h44zard.al - Wizart Injector ...[785 bytes skipped]... ></span></b></button></a><span class="wglow" style="font-family: Courier;"><b></b></span><a href="https://www.facebook.com/haazard.al.3"target="blank"><button class="evil" onclick="meow()"><b><span style="color: RED;">Facebook</span></b></button></a><center><font size="5" color="RED" face="Wallpoet">Hacked By : h44zard.al - Wizart Injector</font><br><font size="4" color="WHITE" face="Wallpoet">Albania - Kosova Hackers</font></center><br></head><body text="#FF0000" bgcolor="#000000"><p align="center"><img border="0" src="http://i.imgur.com/sP7ofrl.png" width="550" height="260"></p><p align="center"> </p><SCRIPT TYPE="text/javascript"> <!-- //Disable right click script //visit http://www.rainbow.arch.scr ...[2106 bytes skipped]... | ||
http://sp1x.com/test404page.js | 404 Not Found Content-Length: 302 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: sp1x.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 01 Aug 2015 00:00:08 GMT
Server: nginx/1.9.2
Vary: Accept-Encoding
Content-Length: 3370
Content-Type: text/html
X-Powered-By: PHP/5.3.29
...3370 bytes of data.
GET / HTTP/1.1
Host: sp1x.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 01 Aug 2015 00:00:08 GMT
Server: nginx/1.9.2
Vary: Accept-Encoding
Content-Length: 3370
Content-Type: text/html
X-Powered-By: PHP/5.3.29
...3370 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: sp1x.com
Referer: http://www.google.com/search?q=sp1x.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: sp1x.com
Referer: http://www.google.com/search?q=sp1x.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=sp1x.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://sp1x.com/
Result: sp1x.com is not infected or malware details are not published yet.
Result: sp1x.com is not infected or malware details are not published yet.