Scanned pages/files
| Request | Server response | Status |
http://www.booboogone.com/ | 200 OK Content-Length: 4901 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by Harimau Malaya Cyber Army <!-- 100% Coded by Luffy HMCA. Copy-Pasters are gays because they don't even know how to code. Copyright HARIMAU MALAYA CYBER ARMY 2011-2014. All Rights Reserved Fuck Those Who Steal This Script and Make It Their Own! Official Only! --> <title>Hacked by Harimau Malaya Cyber Army</title><link href='http://i.imgur.com/dPUJiFx.png ' rel='shortcut icon'/> <head> <meta name="description" content="You Have Been Hacked by Harimau Malaya Cyber Army"> <meta name="keywords" content="HMCA, Harimau, Malaya, Cyber, Army, Luffy"> <meta name="author" content="D4rk Shadow"> <meta charset="UTF-8"> <link rel="stylesheet" type="text/css" href="ht ...[5077 bytes skipped]... | ||
https://www.blogger.com/static/v1/common/js/1912144495-csitail.js | 200 OK Content-Length: 2306 Content-Type: text/javascript | clean |
http://www.booboogone.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Sat, 31 May 2014 03:35:07 GMT Location: http://www.gogvo.com/404.html Server: Apache Content-Length: 213 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.gogvo.com/404.html | HTTP/1.1 200 OK Connection: close Date: Sat, 31 May 2014 03:35:09 GMT Accept-Ranges: bytes Server: Apache Content-Length: 214 Content-Type: text/html Last-Modified: Fri, 25 Oct 2013 15:15:55 GMT | clean |
http://www.joeltherien.com/go/pureleverage | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 31 May 2014 03:35:17 GMT Location: http://www.launchv.com/cashapp Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.2.13 | clean |
http://www.launchv.com/cashapp | HTTP/1.1 302 Found Connection: close Date: Sat, 31 May 2014 03:35:10 GMT Location: http://www.launchv.com/index.php?ref=cashapp Server: Apache/2.4.9 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Content-Length: 228 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.launchv.com/index.php?ref=cashapp | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 31 May 2014 03:35:10 GMT Location: http://launchv.com/?ref=cashapp Server: Apache/2.4.9 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Set-Cookie: ref=cashapp; expires=Mon, 30-Jun-2014 03:35:10 GMT; path=/ X-Pingback: http://launchv.com/xmlrpc.php X-Powered-By: PHP/5.3.28 | clean |
http://launchv.com/?ref=cashapp | 200 OK Content-Length: 20554 Content-Type: text/html | clean |
http://launchv.com/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 96402 Content-Type: application/javascript | clean |
http://launchv.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://launchv.com/wp-content/themes/optimizePressTheme/lib/js/jquery/jquery.noconflict.min.js?ver=2.2.0.2 | 200 OK Content-Length: 1142 Content-Type: application/javascript | clean |
http://launchv.com/wp-content/themes/optimizePressTheme/lib/js/jquery/jquery.loadScript.min.js?ver=2.2.0.2 | 200 OK Content-Length: 301 Content-Type: application/javascript | clean |
http://launchv.com/wp-content/themes/optimizePressTheme/lib/modules/blog/video/flowplayerHTML5/flowplayer.min.js?ver=2.2.0.2 | 200 OK Content-Length: 34245 Content-Type: application/javascript | clean |
http://launchv.com/wp-content/themes/optimizePressTheme/lib/modules/blog/video/mediaelement/mediaelement-and-player.min.js?ver=2.2.0.2 | 200 OK Content-Length: 69770 Content-Type: application/javascript | clean |
http://launchv.com/wp-content/themes/optimizePressTheme/lib/modules/blog/video/video-audio-player.min.js?ver=2.2.0.2 | 200 OK Content-Length: 3676 Content-Type: application/javascript | clean |
http://launchv.com/wp-content/themes/optimizePressTheme/lib/js/jquery/jquery.placeholder.min.js?ver=2.2.0.2 | 200 OK Content-Length: 1960 Content-Type: application/javascript | clean |
http://launchv.com/wp-content/themes/optimizePressTheme/lib/js/fancybox/jquery.fancybox.pack.min.js?ver=2.2.0.2 | 200 OK Content-Length: 15844 Content-Type: application/javascript | clean |
http://launchv.com/wp-includes/js/comment-reply.min.js?ver=3.9.1 | 200 OK Content-Length: 757 Content-Type: application/javascript | clean |
http://launchv.com/wp-content/themes/optimizePressTheme/lib/js/menus.min.js?ver=2.2.0.2 | 200 OK Content-Length: 661 Content-Type: application/javascript | clean |
http://launchv.com/wp-content/themes/optimizePressTheme/lib/js/tooltipster.min.js?ver=2.2.0.2 | 200 OK Content-Length: 13816 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: booboogone.com
Result:
GET / HTTP/1.1
Host: booboogone.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: booboogone.com
Referer: http://www.google.com/search?q=booboogone.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: booboogone.com
Referer: http://www.google.com/search?q=booboogone.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=booboogone.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://booboogone.com/
Result: booboogone.com is not infected or malware details are not published yet.
Result: booboogone.com is not infected or malware details are not published yet.