Scanned pages/files
Request | Server response | Status |
http://ezigarettetest.com/ | 200 OK Content-Length: 26272 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://pingomatic.com/ping/?title=e+zigarette+test%3a+bericht+%c3%bcber+mehr+gesundheit+im+vergleich+zum+rauchen&blogurl=http://www.google.de/url?sa=t&rct=j&q=&esrc=s&source=web&cd=10&ved=0cgoqfjaj&url=http%3a%2f%2fezigarettetest.com%2f&ei=j-ttuyrtiyjjsgburihqcw&usg=afqjcnfx5tbuqfnm7xbb6fzolc9kb8ndha&sig2=zry5dl4fd9czgj1el4keza&bvm=bv.48705608,d.yms&rssurl=http://www.google.de/url?sa=t&rct=j&q=&esrc=s&source=web&cd=10&ved=0cgoqfjaj&url=http%3a%2f%2fezigarettetest.com%2f&ei=j-ttuyrtiyjjsgburihqcw&usg=afqjcnfx5tbuqfnm7xbb6fzolc9kb8ndha&sig2=zry5dl4fd9czgj1el4keza&bvm=bv.48705608,d.yms&chk_weblogscom=on&chk_blogs=on&chk_technorati=on&chk_feedburner=on&chk_syndic8=on&chk_newsgator=on&chk_feedster=on&chk_myyahoo=on&chk_pubsubcom=on&chk_blogdigger=on&chk_blogrolling=on&chk_blogstreet=on&chk_moreover=on&chk_weblogalot=on&chk_icerocket=on&chk_audioweblogs=on&chk_rubhub=on&chk_geourl=on&chk_a2b=on&chk_blogshares=on <iframe src="http://pingomatic.com/ping/?title=e+zigarette+test%3a+bericht+%c3%bcber+mehr+gesundheit+im+vergleich+zum+rauchen&blogurl=http://www.google.de/url?sa=t&rct=j&q=&esrc=s&source=web&cd=10&ved=0cgoqfjaj&url=http%3a%2f%2fezigarettetest.com%2f&ei=j-ttuyrtiyjjsgburihqcw&usg=afqjcnfx5tbuqfnm7xbb6fzolc9kb8ndha&sig2=zry5dl4fd9czgj1el4keza&bvm=bv.48705608,d.yms&rssurl=http://www.google.de/url?sa=t&rct=j&q=&esrc=s&source=web&cd=10&ved=0cgoqfjaj&url=http%3a%2f%2fezigarettetest.com%2f&ei=j-ttuyrtiyjjsgburihqcw&usg=afqjcnfx5tbuqfnm7xbb6fzolc9kb8ndha&sig2=zry5dl4fd9czgj1el4keza&bvm=bv.48705608,d.yms&chk_weblogscom=on&chk_blogs=on&chk_technorati=on&chk_feedburner=on&chk_syndic8=on&chk_newsgator=on&chk_feedster=on&chk_myyahoo=on&chk_pubsubcom=on&chk_blogdigger=on&chk_blogrolling=on&chk_blogstreet=on&chk_moreover=on&chk_weblogalot=on&chk_icerocket=on&chk_audioweblogs=on&chk_rubhub=on&chk_geourl=on&chk_a2b=on&chk_blogshares=on" border="0" width="1" height="1"> | ||
https://platform.twitter.com/widgets.js | 200 OK Content-Length: 97861 Content-Type: application/javascript | clean |
http://ezigarettetest.com//connect.facebook.net/de_DE/all.js/ | 200 OK Content-Length: 8170 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Muslim Corporation Cyber ...[404 bytes skipped]... -shockwave-flash" wmode="transparent" width="1" height="1"></embed> <body bgcolor=black></center> <br/> </head> <script src='http://misbahudin-dcaesga.googlecode.com/files/efek-salju.js'/></script> <script src='https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js' type='text/javascript'/> <meta name="google-site-verification" content="Hacked By Muslim Corporation Cyber"/> <meta name="google-site-verification" content="Hacked By Muslim Corporation Cyber"/> <meta name="google-site-verification" content="Hacked By Muslim Corporation Cyber"/> <meta name="google-site-verification" content="Hacked By Muslim Corporation Cyber"/> <meta http-equiv="Content-Language" content="en-us-id"> <meta http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta http-equiv="Content-Type" content="te ...[7524 bytes skipped]... | ||
http://misbahudin-dcaesga.googlecode.com/files/efek-salju.js | 200 OK Content-Length: 15988 Content-Type: text/x-c++ | clean |
http://misbahudin-dcaesga.googlecode.com/test404page.js | 404 Not Found Content-Length: 1439 Content-Type: text/html | clean |
http://misbahudin-dcaesga.googlecode.com//www.google.com/ | 404 Not Found Content-Length: 1425 Content-Type: text/html | clean |
https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js | 200 OK Content-Length: 91342 Content-Type: text/javascript | clean |
http://ezigarettetest.com//www.google.com/ | 200 OK Content-Length: 8170 Content-Type: text/html | clean |
https://apis.google.com/js/plusone.js | 200 OK Content-Length: 11798 Content-Type: application/javascript | clean |
https://platform.linkedin.com/in.js | 200 OK Content-Length: 3711 Content-Type: text/javascript | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js | 200 OK Content-Length: 72174 Content-Type: text/javascript | clean |
http://ezigarettetest.com/wp-content/themes/socrates/scripts/myStuff.js | 200 OK Content-Length: 1143 Content-Type: application/javascript | clean |
http://ezigarettetest.com/wp-content/themes/socrates/scripts/supersleight.plugin.js | 200 OK Content-Length: 1506 Content-Type: application/javascript | clean |
http://s.skimresources.com/js/48891X1242077.skimlinks.js | 200 OK Content-Length: 70061 Content-Type: application/javascript | clean |
http://ezigarettetest.com/wp-includes/js/comment-reply.min.js?ver=3.5.2 | 200 OK Content-Length: 786 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ezigarettetest.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=3, must-revalidate
Connection: close
Date: Thu, 12 Jun 2014 12:21:10 GMT
Accept-Ranges: bytes
Server: nginx/1.6.0
Vary: Accept-Encoding,Cookie
Content-Length: 26272
Content-Type: text/html; charset=UTF-8
Expires: Thu, 12 Jun 2014 12:21:13 GMT
Last-Modified: Wed, 03 Jul 2013 09:03:42 GMT
...26272 bytes of data.
GET / HTTP/1.1
Host: ezigarettetest.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=3, must-revalidate
Connection: close
Date: Thu, 12 Jun 2014 12:21:10 GMT
Accept-Ranges: bytes
Server: nginx/1.6.0
Vary: Accept-Encoding,Cookie
Content-Length: 26272
Content-Type: text/html; charset=UTF-8
Expires: Thu, 12 Jun 2014 12:21:13 GMT
Last-Modified: Wed, 03 Jul 2013 09:03:42 GMT
...26272 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ezigarettetest.com
Referer: http://www.google.com/search?q=ezigarettetest.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ezigarettetest.com
Referer: http://www.google.com/search?q=ezigarettetest.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ezigarettetest.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ezigarettetest.com/
Result: ezigarettetest.com is not infected or malware details are not published yet.
Result: ezigarettetest.com is not infected or malware details are not published yet.