Scanned pages/files
Request | Server response | Status |
http://4ids.in/ | 200 OK Content-Length: 20469 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 src: http://www.youtube.com/embed/aeytbvanfme?autoplay=1&loop=5 <iframe width="0" height="0" scrolling="no" frameborder="no" src="http://www.youtube.com/embed/aeytbvanfme?autoplay=1&loop=5"> Deface/Content modification. The following signature was found: Hacked by BlackHeart <!DOCTYPE html> <!--[if lt IE 7 ]><html class="ie ie6" lang="en"> <![endif]--> <!--[if IE 7 ]><html class="ie ie7" lang="en"> <![endif]--> <!--[if IE 8 ]><html class="ie ie8" lang="en"> <![endif]--> <!--[if (gte IE 9)|!(IE)]><!--> <html lang="en"> <!--<![endif]--> <head> <meta charset="utf-8"> <title> Hacked by BlackHeart </title> <meta http-equiv="Content-Type" content="text/html; charset=utf8" /> <meta name="Author" content="BlackHeart"/> <meta name="copyright" content="#TheBlackList"/> <meta name="description" content="A List of Geniuses"/> <meta name="keywords" content="BlackHeart, Hacked By BlackHeart, #TheBlackList"/> <meta name="robots" content="ARCHIVE"/> &l ...[24629 bytes skipped]... | ||
http://www.11-76.com/themes/sky/js/jquery-1.11.2.min.js | 200 OK Content-Length: 95931 Content-Type: application/javascript | clean |
http://www.11-76.com/themes/sky/js/jquery.nicescroll.3.5.4.js | 200 OK Content-Length: 115641 Content-Type: application/javascript | clean |
http://www.11-76.com/themes/sky/js/sky.js | 200 OK Content-Length: 7539 Content-Type: application/javascript | clean |
http://4ids.in/index.php?jsvars=true | 200 OK Content-Length: 5008 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 src: http://www.youtube.com/embed/aeytbvanfme?autoplay=1&loop=5 <iframe width="0" height="0" scrolling="no" frameborder="no" src="http://www.youtube.com/embed/aeytbvanfme?autoplay=1&loop=5"> | ||
http://4ids.in/test404page.js | 200 OK Content-Length: 10439 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 src: http://www.youtube.com/embed/aeytbvanfme?autoplay=1&loop=5 <iframe width="0" height="0" scrolling="no" frameborder="no" src="http://www.youtube.com/embed/aeytbvanfme?autoplay=1&loop=5"> | ||
http://4ids.in/wp-includes/js/jquery/jquery.js?ver=1.8.3 | 200 OK Content-Length: 93658 Content-Type: application/javascript | clean |
http://4ids.in/wp-content/themes/silicon/inc/revslider/rs-plugin/js/jquery.themepunch.plugins.min.js?ver=3.5.1 | 200 OK Content-Length: 17128 Content-Type: application/javascript | clean |
http://4ids.in/wp-content/themes/silicon/inc/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=3.5.1 | 200 OK Content-Length: 55205 Content-Type: application/javascript | clean |
http://4ids.in/wp-content/themes/silicon/js/modernizr.custom.js | 200 OK Content-Length: 9989 Content-Type: application/javascript | clean |
http://4ids.in/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.9.2 | 200 OK Content-Length: 4693 Content-Type: application/javascript | clean |
http://4ids.in/wp-content/themes/silicon/js/jquery.easing.1.3.js | 200 OK Content-Length: 8097 Content-Type: application/javascript | clean |
http://4ids.in/wp-content/themes/silicon/js/selectnav.js | 200 OK Content-Length: 3750 Content-Type: application/javascript | clean |
http://4ids.in/wp-content/themes/silicon/js/jquery.masonry.min.js | 200 OK Content-Length: 5467 Content-Type: application/javascript | clean |
http://4ids.in/wp-content/themes/silicon/js/gsap/easing/EasePack.min.js | 200 OK Content-Length: 4149 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 4ids.in
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=600, private, must-revalidate
Connection: close
Date: Mon, 07 Sep 2015 01:03:19 GMT
Server: Apache Phusion_Passenger/4.0.10 mod_bwlimited/1.4 mod_fcgid/2.3.9
Vary: Accept-Encoding
Content-Type: text/html
Expires: Mon, 07 Sep 2015 01:13:19 GMT
X-Powered-By: PHP/5.4.44
GET / HTTP/1.1
Host: 4ids.in
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=600, private, must-revalidate
Connection: close
Date: Mon, 07 Sep 2015 01:03:19 GMT
Server: Apache Phusion_Passenger/4.0.10 mod_bwlimited/1.4 mod_fcgid/2.3.9
Vary: Accept-Encoding
Content-Type: text/html
Expires: Mon, 07 Sep 2015 01:13:19 GMT
X-Powered-By: PHP/5.4.44
Second query (visit from search engine):
GET / HTTP/1.1
Host: 4ids.in
Referer: http://www.google.com/search?q=4ids.in
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 4ids.in
Referer: http://www.google.com/search?q=4ids.in
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=4ids.in
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://4ids.in/
Result: 4ids.in is not infected or malware details are not published yet.
Result: 4ids.in is not infected or malware details are not published yet.