Scanned pages/files
| Request | Server response | Status |
http://blacluv.com/ | 200 OK Content-Length: 8050 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Sorry Admin Hacked By Turkish Hacker (: ...[2767 bytes skipped]... ss="layer" data-depth="0.05"> <!-- CONTENT BLOCK --> <div class="content-block animated"> <div class="container animated"> <center></font color=blue><font face="Thoma" size="8" color="#d30808"> Sorry Admin Hacked By Turkish Hacker (: <br> <div class="slider"> <div class="slide"> <h1>Bismillahirrahmanirrahim <span>! </span></h1> </div> <div class="slide"> <h1><br><span>Hacked By Pars162</span></h1></div> <div class="slide"&g ...[5915 bytes skipped]... | ||
http://ayt-wgt.hostingsiteforfree.com/assets/js/jquery-1.11.1.min.js | 200 OK Content-Length: 95788 Content-Type: application/javascript | clean |
http://ayt-wgt.hostingsiteforfree.com/assets/js/bootstrap.min.js | 200 OK Content-Length: 34653 Content-Type: application/javascript | clean |
http://ayt-wgt.hostingsiteforfree.com/assets/js/jquery.cycle.min.js | 200 OK Content-Length: 24150 Content-Type: application/javascript | clean |
http://ayt-wgt.hostingsiteforfree.com/assets/js/jquery.parallax.min.js | 200 OK Content-Length: 9449 Content-Type: application/javascript | clean |
http://ayt-wgt.hostingsiteforfree.com/assets/js/jquery.backstretch.min.js | 200 OK Content-Length: 4238 Content-Type: application/javascript | clean |
http://www.korhandfm.com/resimler/scripts.js | HTTP/1.1 404 Not Found Connection: close Date: Wed, 09 Dec 2015 16:38:37 GMT Accept-Ranges: bytes Server: LiteSpeed Content-Length: 1263 Content-Type: text/html | clean |
http://www.korhandfm.com/ | 200 OK Content-Length: 1006 Content-Type: text/html | clean |
http://www.korhandfm.com/okulsayaci | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 09 Dec 2015 16:38:38 GMT Accept-Ranges: bytes Location: http://www.korhandfm.com/okulsayaci/ Server: LiteSpeed Content-Length: 1147 Content-Type: text/html | clean |
http://www.korhandfm.com/okulsayaci/ | 200 OK Content-Length: 303621 Content-Type: text/html | clean |
http://www.korhandfm.com//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/ | HTTP/1.1 404 Not Found Connection: close Date: Wed, 09 Dec 2015 16:38:40 GMT Accept-Ranges: bytes Server: LiteSpeed Content-Length: 1263 Content-Type: text/html | clean |
http://www.korhandfm.com/test404page.js | HTTP/1.1 404 Not Found Connection: close Date: Wed, 09 Dec 2015 16:38:40 GMT Accept-Ranges: bytes Server: LiteSpeed Content-Length: 1263 Content-Type: text/html | clean |
http://www.korhandfm.com/metro-fm.html | 200 OK Content-Length: 5003 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: blacluv.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 09 Dec 2015 16:38:33 GMT
Pragma: no-cache
Accept-Ranges: bytes
Age: 0
Server: Apache/2
Content-Length: 8050
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Wed, 09 Dec 2015 16:38:33 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 37f863e62838584739ae8ada3d2ed2f2=8aabf7657a668c80dec3ca7cc6702061; path=/; HttpOnly
X-Logged-In: False
X-Powered-By: PHP/5.3.29
...8050 bytes of data.
GET / HTTP/1.1
Host: blacluv.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 09 Dec 2015 16:38:33 GMT
Pragma: no-cache
Accept-Ranges: bytes
Age: 0
Server: Apache/2
Content-Length: 8050
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Wed, 09 Dec 2015 16:38:33 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 37f863e62838584739ae8ada3d2ed2f2=8aabf7657a668c80dec3ca7cc6702061; path=/; HttpOnly
X-Logged-In: False
X-Powered-By: PHP/5.3.29
...8050 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: blacluv.com
Referer: http://www.google.com/search?q=blacluv.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: blacluv.com
Referer: http://www.google.com/search?q=blacluv.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=blacluv.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://blacluv.com/
Result: blacluv.com is not infected or malware details are not published yet.
Result: blacluv.com is not infected or malware details are not published yet.