Scanned pages/files
Request | Server response | Status |
http://discountlodger.com/ | 200 OK Content-Length: 2282 Content-Type: text/html | suspicious |
Malicious code - confirmed by antiviruses (see below) <!-- Dark-Devilz was here!! --> <!-- document.write(unescape('%3C%53%63%72%69%70%74%20%4C%61%6E%67%75%61%67%65%3D%27%4A%61%76%61%73%63%72%69%70%74%27%3E%0A%3C%21%2D%2D%20%44%61%72%6B%2D%44%65%76%69%6C%7A%20%77%61%73%20%68%65%72%65%21%21%20%2D%2D%3E%0A%3C%21%2D%2D%0A%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%28%75%6E%65%73%63%61%70%65%28%27%25%33%43%25%37%34%25%36%39%25%37%34%25%36%43%25%36%35%25%33%45%25%32%45%25%32%46%25%34%34%25%36%31%25%37%32%25%36%42%25%32%44%25%34%3 Antivirus reports:
Deface/Content modification. The following signature was found: Hacked by Dark-Devilz ...[1618 bytes skipped]... %32%25%37%32%25%33%45%25%30%41%25%36%34%25%36%31%25%37%32%25%36%42%25%32%44%25%36%34%25%36%35%25%37%36%25%36%39%25%36%43%25%37%41%25%34%30%25%36%38%25%36%31%25%36%33%25%36%42%25%36%35%25%37%32%25%36%44%25%36%31%25%36%39%25%36%43%25%32%45%25%36%33%25%36%46%25%36%44%27%29%29%3B%0A%2F%2F%2D%2D%3E%0A%3C%2F%53%63%72%69%70%74%3E')); //--> </Script><br><br> <font color='white'>Hacked by Dark-Devilz </font><br> <!--Dark-Devilz--><!--Dark-Devilz--><!--Dark-Devilz--><!--Dark-Devilz--><!--Dark-Devilz--><!--Dark-Devilz--><!--Dark-Devilz--><!--Dark-Devilz--><!--Dark-Devilz--><!--Dark-Devilz--> <!--Dark-Devilz--><!--Dark-Devilz--><!--Dark-Devilz--><!--Dark-Devilz--><!--Dark-Devilz--><!--Dark-Devilz--><!--Dark-Devilz--><!--Dar ...[71 bytes skipped]... | ||
http://discountlodger.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: discountlodger.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 13 Apr 2014 07:06:09 GMT
Accept-Ranges: bytes
ETag: "8ea-48385a65f6000"
Server: Apache
Vary: Accept-Encoding
Content-Length: 2282
Content-Type: text/html
Last-Modified: Mon, 05 Apr 2010 23:25:52 GMT
...2282 bytes of data.
GET / HTTP/1.1
Host: discountlodger.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 13 Apr 2014 07:06:09 GMT
Accept-Ranges: bytes
ETag: "8ea-48385a65f6000"
Server: Apache
Vary: Accept-Encoding
Content-Length: 2282
Content-Type: text/html
Last-Modified: Mon, 05 Apr 2010 23:25:52 GMT
...2282 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: discountlodger.com
Referer: http://www.google.com/search?q=discountlodger.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: discountlodger.com
Referer: http://www.google.com/search?q=discountlodger.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=discountlodger.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://discountlodger.com/
Result: discountlodger.com is not infected or malware details are not published yet.
Result: discountlodger.com is not infected or malware details are not published yet.