Scanned pages/files
Request | Server response | Status |
http://50interviews.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 26 Sep 2014 18:42:25 GMT Location: http://www.50interviews.com/ Server: Apache Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 Set-Cookie: wfvt_3149091309=5425b391c6628; expires=Fri, 26-Sep-2014 19:12:25 GMT; path=/; httponly X-Pingback: http://www.50interviews.com/xmlrpc.php X-UA-Compatible: IE=EmulateIE7 | clean |
http://www.50interviews.com/ | 200 OK Content-Length: 27042 Content-Type: text/html | clean |
http://s25.sitemeter.com/js/counter.js?site=s25interviews | HTTP/1.1 302 Redirect Date: Fri, 26 Sep 2014 18:42:28 GMT Location: http://s25.sitemeter.com/js/counter.asp?site=s25interviews Server: Microsoft-IIS/6.0 Content-Length: 181 Content-Type: text/html X-Powered-By: ASP.NET | clean |
http://s25.sitemeter.com/js/counter.asp?site=s25interviews | 200 OK Content-Length: 7561 Content-Type: application/x-javascript | clean |
http://ws-na.amazon-adsystem.com/widgets/q?rt=tf_sw&ServiceVersion=20070822&MarketPlace=US&ID=V20070822%2FUS%2F50interv01-20%2F8002%2F3317afab-4837-4c66-81cd-e9618e5dcf35 | 200 OK Content-Length: 670 Content-Type: application/javascript | clean |
http://www.assoc-amazon.com/s/asw.js | 200 OK Content-Length: 221 Content-Type: text/javascript | clean |
http://50interviews.com/test404page.js | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Fri, 26 Sep 2014 18:42:30 GMT Pragma: no-cache Location: http://www.50interviews.com/test404page.js Server: Apache Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: wfvt_3149091309=5425b396a0c58; expires=Fri, 26-Sep-2014 19:12:30 GMT; path=/; httponly X-Pingback: http://www.50interviews.com/xmlrpc.php X-UA-Compatible: IE=EmulateIE7 | clean |
http://www.50interviews.com/test404page.js | 404 Not Found Content-Length: 15008 Content-Type: text/html | clean |
http://www.50interviews.com/blog/ | 200 OK Content-Length: 36422 Content-Type: text/html | clean |
http://www.50interviews.com/speaker/ | 200 OK Content-Length: 29495 Content-Type: text/html | clean |
http://www.50interviews.com/about/ | 200 OK Content-Length: 21829 Content-Type: text/html | clean |
http://www.50interviews.com/press/ | 200 OK Content-Length: 23122 Content-Type: text/html | clean |
http://www.50interviews.com/contact/ | 200 OK Content-Length: 16577 Content-Type: text/html | clean |
http://www.50interviews.com/getstarted/ | 200 OK Content-Length: 14758 Content-Type: text/html | clean |
http://www.50interviews.com/academy | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 26 Sep 2014 18:42:41 GMT Location: http://www.50interviews.com/academy/ Server: Apache Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 Set-Cookie: wfvt_3149091309=5425b3a22a965; expires=Fri, 26-Sep-2014 19:12:42 GMT; path=/; httponly X-Pingback: http://www.50interviews.com/xmlrpc.php X-UA-Compatible: IE=EmulateIE7 | clean |
http://www.50interviews.com/academy/ | 200 OK Content-Length: 27418 Content-Type: text/html | clean |
http://www.50interviews.com/wp-content/uploads/2010/04/academy.jpg | 200 OK Content-Length: 46157 Content-Type: image/jpeg | clean |
http://www.50interviews.com/wp-content/uploads/2010/04/10covers.png | 200 OK Content-Length: 173598 Content-Type: image/png | clean |
http://www.50interviews.com/excerpts | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 26 Sep 2014 18:42:46 GMT Location: http://www.50interviews.com/excerpts/ Server: Apache Content-Length: 315 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.50interviews.com/excerpts/ | 200 OK Content-Length: 7079 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By INDONESIAN CYBER FREEDOM ...[4885 bytes skipped]... .typingText.run()", this.interval); } else { this.currentText = ""; this.currentChar = 0; this.running = false; this.finishedCallback(); } } </script><font size="3"> <div style="text-shadow: 0px 0px 8px red" id="typing" align="center"><font face="Orbitron" color="White"> <h1>Hacked By INDONESIAN CYBER FREEDOM</h1>tak ada air mata yang menetes<BR>tanpa di dasari rasa sakit<BR>tak ada rasa amarah<BR>tanpa di dasari rasa kecewa<bR> WE ARE LEGION<BR>EXPECT US, RESPECT US<P> OFFICIAL MEMBER:<p> <font color="#58faf4"><div style="text-shadow: 0px 0px 5px white" id="typing" align="center">Mr.DellatioNx196 ~ dEnny_Attacker ~ SickPeoples ~ SvN_NeVerMore ~ Ardana_ID ~ Achan Dot ID ~ CaptSalkus48 ~ people_hurt ~ ...[2343 bytes skipped]... |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 50interviews.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 26 Sep 2014 18:42:25 GMT
Location: http://www.50interviews.com/
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Set-Cookie: wfvt_3149091309=5425b391c6628; expires=Fri, 26-Sep-2014 19:12:25 GMT; path=/; httponly
X-Pingback: http://www.50interviews.com/xmlrpc.php
X-UA-Compatible: IE=EmulateIE7
...0 bytes of data.
GET / HTTP/1.1
Host: 50interviews.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 26 Sep 2014 18:42:25 GMT
Location: http://www.50interviews.com/
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Set-Cookie: wfvt_3149091309=5425b391c6628; expires=Fri, 26-Sep-2014 19:12:25 GMT; path=/; httponly
X-Pingback: http://www.50interviews.com/xmlrpc.php
X-UA-Compatible: IE=EmulateIE7
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: 50interviews.com
Referer: http://www.google.com/search?q=50interviews.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 50interviews.com
Referer: http://www.google.com/search?q=50interviews.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=50interviews.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://50interviews.com/
Result: 50interviews.com is not infected or malware details are not published yet.
Result: 50interviews.com is not infected or malware details are not published yet.