Scanned pages/files
Request | Server response | Status |
http://tpl.club/ | 200 OK Content-Length: 5261 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By V3n7ur3 ^_^ ...[56 bytes skipped]... /w515/raafi_teja/bcmmn0k4axvw.gif"> <style> h1:hover, h1:focus,h1:after,h1:before,h1:visited,h1:active{ -webkit-transition:500ms; -transition:500ms; -moz-transition:500ms; text-shadow:100px 10px 100px lightgrey; } </style> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> <title>Hacked By V3n7ur3 ^_^ </title> <meta name="Keywords" content="Hacked By V3n7ur3 ^_^"> <script type="text/javascript"> //<![CDATA[ try{if (!window.CloudFlare) {var CloudFlare=[{verbose:0,p:0,byc:0,owlid:"cf",bag2:1,mirage2:0,oracle:0,paths:{cloudflare:"/cdn-cgi/nexp/dok3v=1613a3a185/"},atok:"c7c7ae7a9af5e05f553a54d01cbd15c5",petok:"8e728ff54ed9e3352ffeb1e805eba5e53ec849d6-1427322558-1800",zone:"tpl.club",rocket:"0",apps:{}}];Clo ...[6130 bytes skipped]... | ||
http://tpl.club/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tpl.club
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 25 Mar 2015 22:29:18 GMT
Server: cloudflare-nginx
Vary: Accept-Encoding
Content-Type: text/html
CF-RAY: 1cce0dc1c1e505db-WAW
Set-Cookie: __cfduid=d8ca239601d73c04bbf4277734eac6c6c1427322557; expires=Thu, 24-Mar-16 22:29:17 GMT; path=/; domain=.tpl.club; HttpOnly
GET / HTTP/1.1
Host: tpl.club
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 25 Mar 2015 22:29:18 GMT
Server: cloudflare-nginx
Vary: Accept-Encoding
Content-Type: text/html
CF-RAY: 1cce0dc1c1e505db-WAW
Set-Cookie: __cfduid=d8ca239601d73c04bbf4277734eac6c6c1427322557; expires=Thu, 24-Mar-16 22:29:17 GMT; path=/; domain=.tpl.club; HttpOnly
Second query (visit from search engine):
GET / HTTP/1.1
Host: tpl.club
Referer: http://www.google.com/search?q=tpl.club
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tpl.club
Referer: http://www.google.com/search?q=tpl.club
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tpl.club
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tpl.club/
Result: tpl.club is not infected or malware details are not published yet.
Result: tpl.club is not infected or malware details are not published yet.