Scanned pages/files
Request | Server response | Status |
http://t-and-r.com/ | HTTP/1.1 200 OK Date: Wed, 29 Jul 2015 00:08:13 GMT Accept-Ranges: bytes ETag: "98b48e2897a7cf1:69743" Server: Microsoft-IIS/6.0 Content-Length: 2860 Content-Location: http://t-and-r.com/Index.htm Content-Type: text/html Last-Modified: Thu, 24 Jul 2014 23:29:47 GMT MicrosoftOfficeWebServer: 5.0_Pub Set-Cookie: cookiesession1=G1JLFMXU3V0OMSHWYD0G2EQSVNHDMC0H;Path=/;HttpOnly X-Powered-By: PleskWin X-Powered-By: ASP.NET | clean |
http://t-and-r.com/index.htm | 200 OK Content-Length: 2860 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: hacked by3xroot | op_israel Turkey <title>hacked by3xroot | op_israel Turkey</title>
<body bgcolor="000000"> <div style="position: fixed; z-index: -99; width: 100%; height: 100%"> <iframe frameborder="0" height="100%" width="100%" src="https://www.youtube.com/embed/589W0gECEMs?autoplay=1&controls=0&loop=1&rel=0&showinfo=0&autohide=1&wmode=transparent&hd=1"></iframe> </div> <center><br ...[3147 bytes skipped]... | ||
http://t-and-r.com/test404page.js | 404 Not Found Content-Length: 1039 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: t-and-r.com
Result:
HTTP/1.1 200 OK
Date: Wed, 29 Jul 2015 00:08:13 GMT
Accept-Ranges: bytes
ETag: "98b48e2897a7cf1:69743"
Server: Microsoft-IIS/6.0
Content-Length: 2860
Content-Location: http://t-and-r.com/Index.htm
Content-Type: text/html
Last-Modified: Thu, 24 Jul 2014 23:29:47 GMT
MicrosoftOfficeWebServer: 5.0_Pub
Set-Cookie: cookiesession1=G1JLFMXU3V0OMSHWYD0G2EQSVNHDMC0H;Path=/;HttpOnly
X-Powered-By: PleskWin
X-Powered-By: ASP.NET
...2860 bytes of data.
GET / HTTP/1.1
Host: t-and-r.com
Result:
HTTP/1.1 200 OK
Date: Wed, 29 Jul 2015 00:08:13 GMT
Accept-Ranges: bytes
ETag: "98b48e2897a7cf1:69743"
Server: Microsoft-IIS/6.0
Content-Length: 2860
Content-Location: http://t-and-r.com/Index.htm
Content-Type: text/html
Last-Modified: Thu, 24 Jul 2014 23:29:47 GMT
MicrosoftOfficeWebServer: 5.0_Pub
Set-Cookie: cookiesession1=G1JLFMXU3V0OMSHWYD0G2EQSVNHDMC0H;Path=/;HttpOnly
X-Powered-By: PleskWin
X-Powered-By: ASP.NET
...2860 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: t-and-r.com
Referer: http://www.google.com/search?q=t-and-r.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: t-and-r.com
Referer: http://www.google.com/search?q=t-and-r.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=t-and-r.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://t-and-r.com/
Result: t-and-r.com is not infected or malware details are not published yet.
Result: t-and-r.com is not infected or malware details are not published yet.