Scanned pages/files
Request | Server response | Status |
http://jobnews.co.id/ | 200 OK Content-Length: 3248 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by ./MrJ ...[1928 bytes skipped]... '); font-weight: normal; font-style: normal; } h1 { font-family:'Conv_HACKED_Title',Sans-Serif; color:#ffffff; } </style> <div style="text-shadow: 0px 0px 5px Red;"/> <center/> <br> <br> <br> <br> <br> <font color="Blue" face="resident evil" size="10"/>Hacked by ./MrJ</font> <h1><font color="Blue"/>Hacked Lol</h1> <center/> <font face="Orbtron" size="6" color="red">We Are Garuda Cyber Attacker<font face="tahoma" size="5" color="red">!</font><marquee behavior="alternate" scrollamount="10" width="60%"><font color="blue" face="Orbitron" size="4">r00_c0d3r - Cyber.DC - ./MrJ - 4DN1N_YK - BOT _FUK4 - Byte-007 - Magelang6etar - xml98 - cpanel404 - Mr. ...[1048 bytes skipped]... | ||
http://jobnews.co.id/test404page.js | 404 Not Found Content-Length: 389 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: jobnews.co.id
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Connection: close
Date: Wed, 22 Oct 2014 12:20:31 GMT
Accept-Ranges: bytes
ETag: "cb0-50600470b8040"
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Length: 3248
Content-Type: text/html
Expires: Fri, 21 Nov 2014 12:20:31 GMT
Last-Modified: Wed, 22 Oct 2014 10:19:05 GMT
...3248 bytes of data.
GET / HTTP/1.1
Host: jobnews.co.id
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Connection: close
Date: Wed, 22 Oct 2014 12:20:31 GMT
Accept-Ranges: bytes
ETag: "cb0-50600470b8040"
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Length: 3248
Content-Type: text/html
Expires: Fri, 21 Nov 2014 12:20:31 GMT
Last-Modified: Wed, 22 Oct 2014 10:19:05 GMT
...3248 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: jobnews.co.id
Referer: http://www.google.com/search?q=jobnews.co.id
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: jobnews.co.id
Referer: http://www.google.com/search?q=jobnews.co.id
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jobnews.co.id
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://jobnews.co.id/
Result: jobnews.co.id is not infected or malware details are not published yet.
Result: jobnews.co.id is not infected or malware details are not published yet.