Scanned pages/files
Request | Server response | Status |
http://thin-lizard.net/ | 200 OK Content-Length: 897 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By HydrA <HTML> <HEAD> <TITLE>Hacked By HydrA</TITLE> </head> <BODY TEXT="#9C9C9C" BGCOLOR="#000000" LINK="#8B51FF" ALINK="#FFF8FF" <P><TABLE BORDER=0 WIDTH="100%" HEIGHT="100%"> <TR> <TD> <center><img src=http://img232.imageshack.us/img232/7793/nsdef.png> ...[888 bytes skipped]... | ||
http://thin-lizard.net/test404page.js | 404 Not Found Content-Length: 3766 Content-Type: text/html | clean |
http://thin-lizard.net/hosting_static_404/modernizr.js | 200 OK Content-Length: 6296 Content-Type: application/javascript | clean |
http://thin-lizard.net/hosting_static_404/script.js | 200 OK Content-Length: 96238 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: thin-lizard.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 27 Feb 2015 21:46:07 GMT
Accept-Ranges: bytes
ETag: W/"1700ec1-381-4a26f4d7dc400"
Server: nginx/1.7.4
Content-Type: text/html
Last-Modified: Wed, 04 May 2011 08:47:12 GMT
Set-Cookie: uid_zxcv=258cc05554f0e59f26b2502f03867b02; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/
GET / HTTP/1.1
Host: thin-lizard.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 27 Feb 2015 21:46:07 GMT
Accept-Ranges: bytes
ETag: W/"1700ec1-381-4a26f4d7dc400"
Server: nginx/1.7.4
Content-Type: text/html
Last-Modified: Wed, 04 May 2011 08:47:12 GMT
Set-Cookie: uid_zxcv=258cc05554f0e59f26b2502f03867b02; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: thin-lizard.net
Referer: http://www.google.com/search?q=thin-lizard.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: thin-lizard.net
Referer: http://www.google.com/search?q=thin-lizard.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=thin-lizard.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://thin-lizard.net/
Result: thin-lizard.net is not infected or malware details are not published yet.
Result: thin-lizard.net is not infected or malware details are not published yet.