Scanned pages/files
| Request | Server response | Status |
http://batcho.info/ | 200 OK Content-Length: 11745 Content-Type: text/html | clean |
http://batcho.info/frontend/js/jquery/jquery-min.js?30713 | 200 OK Content-Length: 57254 Content-Type: application/javascript | clean |
http://batcho.info/frontend/js/jquery/jquery-ui-min.js?30713 | 200 OK Content-Length: 192161 Content-Type: application/javascript | clean |
http://batcho.info/frontend/js/thickbox.js?30713 | 200 OK Content-Length: 15104 Content-Type: application/javascript | suspicious |
Deface/Content modification. The following signature was found: * Slightly hacked by phlyLabs staff /** * Thickbox 3.1 - One Box To Rule Them All. * By Cody Lindley (http://www.codylindley.com) * Copyright (c) 2007 cody lindley * Licensed under the MIT License: http://www.opensource.org/licenses/mit-license.php * * Slightly hacked by phlyLabs staff <mso@phlylabs.de> to allow image handling even when * these are delivered from a PHP script, thus lacking the typical file extension * Some more hacking was necessary to have Thickbox still run with jQuery 1.3.1+ */ var tb_pathToImage = "images/loadingAnimation.gif"; /*!!!!!!!!!!!!!!!!! edit below this line at your own risk !!!!!!!!!!!!!!!!!!!!!!!*/ //on page load call tb_init $(docum ...[16076 bytes skipped]... | ||
http://batcho.info/frontend/js/menus.js?30713 | 200 OK Content-Length: 19090 Content-Type: application/javascript | clean |
http://batcho.info/frontend/js/floatwin.js?30713 | 200 OK Content-Length: 5038 Content-Type: application/javascript | clean |
http://batcho.info/frontend/js/combobox.js?30713 | 200 OK Content-Length: 2021 Content-Type: application/javascript | clean |
http://batcho.info/index.php?PHPSESSID=4d8ec1d2ab065fa9d787ce3da151b1e2&special=lost_pw | 200 OK Content-Length: 2582 Content-Type: text/html | clean |
http://batcho.info/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: batcho.info
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=1, s-maxage=1, no-cache, must-revalidate
Connection: close
Date: Tue, 24 Feb 2015 07:01:06 GMT
Pragma: no-cache
ETag: PUB1424761266
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset="UTF-8"
Expires: Tue, 24 Feb 2015 07:01:11 GMT
Last-Modified: Tue, 24 Feb 2015 07:00:56 GMT
GET / HTTP/1.1
Host: batcho.info
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=1, s-maxage=1, no-cache, must-revalidate
Connection: close
Date: Tue, 24 Feb 2015 07:01:06 GMT
Pragma: no-cache
ETag: PUB1424761266
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset="UTF-8"
Expires: Tue, 24 Feb 2015 07:01:11 GMT
Last-Modified: Tue, 24 Feb 2015 07:00:56 GMT
Second query (visit from search engine):
GET / HTTP/1.1
Host: batcho.info
Referer: http://www.google.com/search?q=batcho.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: batcho.info
Referer: http://www.google.com/search?q=batcho.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=batcho.info
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://batcho.info/
Result: batcho.info is not infected or malware details are not published yet.
Result: batcho.info is not infected or malware details are not published yet.