Scanned pages/files
| Request | Server response | Status |
http://www.demotivator.hu/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 19 Aug 2015 04:05:13 GMT Location: http://demotivator.hu/ Server: Apache Vary: Accept-Encoding Content-Length: 230 Content-Type: text/html; charset=iso-8859-1 | clean |
http://demotivator.hu/ | 200 OK Content-Length: 2466 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Gunz_Berry <Script Language='Javascript'>
<!-- Contact Me : gunz_berry@yahoo.com | Indonesian 2015 -end <!-- </Script> <html> <center> <head> <link rel="SHORTCUT ICON" href="http://s4.postimg.org/e8jxwkiex/favicon.png"> <body bgcolor="black"> <meta name="robots" content="index, follow"> <meta name="description" content="Hacked By Gunz_Berry"/> <meta name="googlebot" content="index,follow"/> <meta name="robots" content="all"/> <meta name="robots schedule" content="auto"/> <meta name="distribution" content="global"/> <base target='_blank'/> <meta http-equiv="content-type" content="text/html; charset=windows-1252"> <!-- Hacked By Gunz_Berry --> <title>Hacked By Gunz_Berry</ti ...[2130 bytes skipped]... | ||
http://demotivator.hu/test404page.js | 404 Not Found Content-Length: 17619 Content-Type: text/html | clean |
http://demotivator.hu/paginator3000.js | 200 OK Content-Length: 12005 Content-Type: application/javascript | clean |
https://apis.google.com/js/plusone.js | 200 OK Content-Length: 13047 Content-Type: application/javascript | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js | 200 OK Content-Length: 93868 Content-Type: text/javascript | clean |
http://demotivator.hu/jquery-blink.js | 200 OK Content-Length: 441 Content-Type: application/javascript | clean |
http://connect.facebook.net/hu_HU/all.js | 200 OK Content-Length: 175236 Content-Type: application/x-javascript | clean |
http://demotivator.hu/waypoints.min.js | 200 OK Content-Length: 3871 Content-Type: application/javascript | clean |
http://s7.addthis.com/js/250/addthis_widget.js | 200 OK Content-Length: 261102 Content-Type: text/javascript | clean |
http://demotivator.hu/main_login.php | 200 OK Content-Length: 18296 Content-Type: text/html | clean |
http://demotivator.hu/elfelejtettjelszo.php | 200 OK Content-Length: 17947 Content-Type: text/html | clean |
http://demotivator.hu/rolunk.php | 200 OK Content-Length: 26667 Content-Type: text/html | clean |
http://demotivator.hu/profil.php?profil= | 200 OK Content-Length: 16001 Content-Type: text/html | clean |
http://demotivator.hu/logout.php | HTTP/1.1 302 Moved Temporarily Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Wed, 19 Aug 2015 04:05:20 GMT Pragma: no-cache Location: index.php Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=CClH4OVwi7YKa7FHhpMM61; path=/ Set-Cookie: Nev=1439957110 Set-Cookie: Pass=1439957110 | clean |
http://demotivator.hu/index.php | 200 OK Content-Length: 2466 Content-Type: text/html | clean |
http://demotivator.hu/partner.php | 200 OK Content-Length: 17849 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: demotivator.hu
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 19 Aug 2015 04:05:14 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 2466
Content-Type: text/html
...2466 bytes of data.
GET / HTTP/1.1
Host: demotivator.hu
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 19 Aug 2015 04:05:14 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 2466
Content-Type: text/html
...2466 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: demotivator.hu
Referer: http://www.google.com/search?q=demotivator.hu
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: demotivator.hu
Referer: http://www.google.com/search?q=demotivator.hu
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=demotivator.hu
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://demotivator.hu/
Result: demotivator.hu is not infected or malware details are not published yet.
Result: demotivator.hu is not infected or malware details are not published yet.