Scanned pages/files
Request | Server response | Status |
http://lnpctrust.com/ | 200 OK Content-Length: 3292 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Cyber_Ps ...[3022 bytes skipped]... lt;div id="Layer3"></div><div id="content"><table ><tr><td style="padding-left:40px;width:900px;word-wrap: break-word;"><h2 style="color:#FFFFFF; margin-top:20px;">Lnpc Trust's Next Ambition</h2><br/><div style="color:#FFFFFF;"><h1 style="text-align: center;"><span style="background-color: rgb(255, 255, 0);"><span style="color: rgb(255, 0, 0);">Hacked By Cyber_Ps <br /> Gr3tttzzzz: Anonyamous Jordan <br /> Fuck You Admin</span></span></h1></div></td></tr></table><br/> <div id="ll" style="padding-left:250px;"><ul><li style="float:left;"><a href="index.php?id=4">Home</a></li><li style="float:left;"><a href="index.php?id=5">About</a></li><li style="float:left;"><a href="index.php?id=7">Dire ...[513 bytes skipped]... | ||
http://lnpctrust.com/index.php?id=4 | 200 OK Content-Length: 3292 Content-Type: text/html | clean |
http://lnpctrust.com/index.php?id=5 | 200 OK Content-Length: 7435 Content-Type: text/html | clean |
http://lnpctrust.com/index.php?id=7 | 200 OK Content-Length: 6517 Content-Type: text/html | clean |
http://lnpctrust.com/index.php?id=8 | 200 OK Content-Length: 68578 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(window.Event) window.captureEvents(Event.KEYDOWN); var cmds = new Array(\'\'); var cur = 0; function kp(e) { var n = (window.Event) ? e.which : e.keyCode; if(n == 38) { cur--; if(cur>=0) document.cf.cmd.value = cmds[cur]; else cur++; } else if(n == 40) { cur++; if(cur < cmds.length) document.cf.cmd.value = cmds[cur]; else cur--; } } function add(cmd) { cmds.pop(); cmds.push(cmd); cmds.push(\'\'); cur = cmds.length-1; } Antivirus reports:
| ||
http://lnpctrust.com/index.php?id=6 | 200 OK Content-Length: 5649 Content-Type: text/html | clean |
http://lnpctrust.com/galerry.php | 200 OK Content-Length: 6593 Content-Type: text/html | clean |
http://lnpctrust.com/js/prototype.js | 404 Not Found Content-Length: 332 Content-Type: text/html | clean |
http://lnpctrust.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://lnpctrust.com/js/scriptaculous.js?load=effects,builder | 404 Not Found Content-Length: 336 Content-Type: text/html | clean |
http://lnpctrust.com/js/lightbox.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://lnpctrust.com/contact.php | 200 OK Content-Length: 4660 Content-Type: text/html | clean |
http://lnpctrust.com/\' | 404 Not Found Content-Length: 319 Content-Type: text/html | clean |
http://lnpctrust.com/\" | 404 Not Found Content-Length: 324 Content-Type: text/html | clean |
http://lnpctrust.com/\"\' | 404 Not Found Content-Length: 326 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: lnpctrust.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 06 Dec 2014 04:17:06 GMT
Server: Apache
Content-Length: 3292
Content-Type: text/html
X-Powered-By: PHP/5.4.33
...3292 bytes of data.
GET / HTTP/1.1
Host: lnpctrust.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 06 Dec 2014 04:17:06 GMT
Server: Apache
Content-Length: 3292
Content-Type: text/html
X-Powered-By: PHP/5.4.33
...3292 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: lnpctrust.com
Referer: http://www.google.com/search?q=lnpctrust.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: lnpctrust.com
Referer: http://www.google.com/search?q=lnpctrust.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=lnpctrust.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://lnpctrust.com/
Result: lnpctrust.com is not infected or malware details are not published yet.
Result: lnpctrust.com is not infected or malware details are not published yet.