Scanned pages/files
Request | Server response | Status |
http://vortechs.ca/ | 200 OK Content-Length: 1938 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by Black Atreides <title>Hacked by Black Atreides</title> <script>var g=35,f=new Array(\"#AAAACC\",\"#DDDDFF\",\"#CCCCDD\",\"#F3F3F3\",\"#F0FFFF\"),e=new Array(\"Arial Black\",\"Arial Narrow\",\"Times\",\"Comic Sans MS\"),d=\"*\",m=0.6,a=22,b=8,c=1,j=new Array(),k,l,x,n=new Array(),o=new Array(),p=new Array(),q=navigator.userAgent,r=document.all&&document.getElementById&&!q.match(/Opera/),s=document.getElementById&&!document.all,u=q.ma ...[1595 bytes skipped]... | ||
http://vortechs.ca/test404page.js | 404 Not Found Content-Length: 392 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: vortechs.ca
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Sun, 25 Jan 2015 21:14:44 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: f40971fdd2fa873795388df7988abd50=mbiu9savuhevvc5dg7ntroaa85; path=/
GET / HTTP/1.1
Host: vortechs.ca
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Sun, 25 Jan 2015 21:14:44 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: f40971fdd2fa873795388df7988abd50=mbiu9savuhevvc5dg7ntroaa85; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: vortechs.ca
Referer: http://www.google.com/search?q=vortechs.ca
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: vortechs.ca
Referer: http://www.google.com/search?q=vortechs.ca
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=vortechs.ca
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://vortechs.ca/
Result: vortechs.ca is not infected or malware details are not published yet.
Result: vortechs.ca is not infected or malware details are not published yet.