Scanned pages/files
Request | Server response | Status |
http://freeapartmentcash.com/ | 200 OK Content-Length: 16831 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by Lulz53c ...[110 bytes skipped]... vascript'></script> <img src="/pic1.gif" alt="" oncontextmenu="alert('No saving or copying my images!');return false"> <a href="javascript:window.open('thepage.htm', 'toolbar=no')"> <meta name="generator" content=".Lulz53c" /> <meta name="author" content="Lulz53c" /> <meta name="keywords" content="Lulz53c" /> <meta name="description" content="Hacked by Lulz53c" /> <meta content='Crazy dog' name='author'/> <body bgcolor="#000000" background="http://files.mothhelah.com/img/gBN59333.gif"> <meta name="keywords" content=" Hacked by Lulz53c , Newbie Hacker, Defacer, Anonymous, Indonesian"/> </script> <embed align="CENTER" autostart="TRUE" height="1" loop="TRUE" src="http://divine-music.info/musicfiles/akon-mrlonely.swf" width="1"></embed> <title>Hacked b ...[18417 bytes skipped]... | ||
http://adithya.googlecode.com/files/Apctrl%2Bu.js | 404 Not Found Content-Length: 1580 Content-Type: text/html | clean |
http://adithya.googlecode.com//www.google.com/ | 404 Not Found Content-Length: 1561 Content-Type: text/html | clean |
http://adithya.googlecode.com/test404page.js | 404 Not Found Content-Length: 1575 Content-Type: text/html | clean |
http://freeapartmentcash.com//www.blogger.com/static/v1/common/js/4181124240-csitail.js/ | 404 Article not found Content-Length: 1399 Content-Type: text/html | clean |
http://freeapartmentcash.com/index.php | 200 OK Content-Length: 16831 Content-Type: text/html | clean |
https://count.carrierzone.com/app/count_server/count.js | 200 OK Content-Length: 36029 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: freeapartmentcash.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Wed, 28 Oct 2015 20:31:29 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 5afa1f527fbf58fc42c7277e7c24be12=6gqv3h9cne6p7efcns1v0pgs85; path=/
GET / HTTP/1.1
Host: freeapartmentcash.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Wed, 28 Oct 2015 20:31:29 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 5afa1f527fbf58fc42c7277e7c24be12=6gqv3h9cne6p7efcns1v0pgs85; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: freeapartmentcash.com
Referer: http://www.google.com/search?q=freeapartmentcash.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: freeapartmentcash.com
Referer: http://www.google.com/search?q=freeapartmentcash.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=freeapartmentcash.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://freeapartmentcash.com/
Result: freeapartmentcash.com is not infected or malware details are not published yet.
Result: freeapartmentcash.com is not infected or malware details are not published yet.