Scanned pages/files
| Request | Server response | Status |
http://crazynet4u.net/ | 200 OK Content-Length: 6416 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By BlackhatCode ...[351 bytes skipped]... me(a)[0],c=/^http:/.test(f.location)?"http":"https";if(!f.getElementById(g)){e=f.createElement(a);e.id=g;e.src=c+"://platform.twitter.com/widgets.js";b.parentNode.insertBefore(e,b)}}(document,"script","twitter-wjs");</script> </p> <html><head><body oncontextmenu='return false' onkeydown='return false' onmousedown='return false'> <meta name="google-site-verification" content="Hacked By BlackhatCode"/> <meta name="google-site-verification" content="Hacked By BlackhatCode"/> <meta name="google-site-verification" content="Hacked By BlackhatCode"/> <meta name="google-site-verification" content="Hacked By BlackhatCode"/> <meta http-equiv="Content-Language" content="en-us-id"> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <meta http-equiv="Content-Type" content="text/html; cha ...[5805 bytes skipped]... | ||
http://tuyulz-blogspot.googlecode.com/files/Anti%20Klik.js | 404 Not Found Content-Length: 1581 Content-Type: text/html | clean |
http://tuyulz-blogspot.googlecode.com//www.google.com/ | 404 Not Found Content-Length: 1561 Content-Type: text/html | clean |
http://tuyulz-blogspot.googlecode.com/test404page.js | 404 Not Found Content-Length: 1575 Content-Type: text/html | clean |
https://googledrive.com/host/0B6KVua7D2SLCNDN2RW1ORmhZRWs/sp_tilang.js | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Sun, 20 Dec 2015 13:18:33 GMT Pragma: no-cache Accept-Ranges: none Location: https://97f96ce86e3ce912c790e99bca703b4cda51bc77.googledrive.com/host/0B6KVua7D2SLCNDN2RW1ORmhZRWs/sp_tilang.js Server: GSE Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Fri, 01 Jan 1990 00:00:00 GMT Access-Control-Allow-Credentials: false Access-Control-Allow-Headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, GData-Version, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, Want-Digest, X-ClientDetails, X-GData-Client, X-GData-Key, X-Goog-AuthUser, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, X-Goog-Visitor-Id, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Origin, X-Referer, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp Access-Control-Allow-Methods: GET,OPTIONS Access-Control-Allow-Origin: * Alt-Svc: quic=":443"; ma=604800; v="30,29,28,27,26,25" Alternate-Protocol: 443:quic,p=1 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block | clean |
https://97f96ce86e3ce912c790e99bca703b4cda51bc77.googledrive.com/host/0b6kvua7d2slcndn2rw1ormhzrws/sp_tilang.js | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Sun, 20 Dec 2015 13:18:33 GMT Pragma: no-cache Accept-Ranges: none Location: https://8a61fe9fb92b3f315450c7d6b5d8d6d63b7316a2-97f96ce86e3ce912c790e99bca703b4cda51bc77.googledrive.com/host/0b6kvua7d2slcndn2rw1ormhzrws/sp_tilang.js Server: GSE Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Fri, 01 Jan 1990 00:00:00 GMT Access-Control-Allow-Credentials: false Access-Control-Allow-Headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, GData-Version, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, Want-Digest, X-ClientDetails, X-GData-Client, X-GData-Key, X-Goog-AuthUser, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, X-Goog-Visitor-Id, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Origin, X-Referer, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp Access-Control-Allow-Methods: GET,OPTIONS Access-Control-Allow-Origin: * Alt-Svc: quic=":443"; ma=604800; v="30,29,28,27,26,25" Alternate-Protocol: 443:quic,p=1 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block | clean |
https://8a61fe9fb92b3f315450c7d6b5d8d6d63b7316a2-97f96ce86e3ce912c790e99bca703b4cda51bc77.googledrive.com/host/0b6kvua7d2slcndn2rw1ormhzrws/sp_tilang.js | 500 Can't connect to 8a61fe9fb92b3f315450c7d6b5d8d6d63b7316a2-97f96ce86e3ce912c790e99bca703b4cda51bc77.googledrive.com:443 Content-Length: 274 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: crazynet4u.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 20 Dec 2015 13:18:31 GMT
Server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html
X-Powered-By: PHP/5.5.29
GET / HTTP/1.1
Host: crazynet4u.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 20 Dec 2015 13:18:31 GMT
Server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html
X-Powered-By: PHP/5.5.29
Second query (visit from search engine):
GET / HTTP/1.1
Host: crazynet4u.net
Referer: http://www.google.com/search?q=crazynet4u.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: crazynet4u.net
Referer: http://www.google.com/search?q=crazynet4u.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=crazynet4u.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://crazynet4u.net/
Result: crazynet4u.net is not infected or malware details are not published yet.
Result: crazynet4u.net is not infected or malware details are not published yet.