Scanned pages/files
Request | Server response | Status |
http://lolumo.com/ | 200 OK Content-Length: 7903 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Ayyıldız tim <html><head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1254"> <link rel="SHORTCUT ICON" href="http://g1302.hizliresim.com/16/1/jmynp.png"> <title>Hacked By Ayyıldız tim</title> <style type="text/css"> body { background-image: url("http://d1303.hizliresim.com/17/k/l52pm.gif"); background-repeat: repeat; } body,td,th { color: #FFF; } </style> <style type="text/css" media="all"> #text-shadow-box { position: fixed; left: 0; right: 0; top: 0; bottom: 0; width: 100%; height: 100%; ...[9280 bytes skipped]... | ||
http://hbhost.googlecode.com/files/snow.js | 404 Not Found Content-Length: 1438 Content-Type: text/html | clean |
http://hbhost.googlecode.com//www.google.com/ | 404 Not Found Content-Length: 1425 Content-Type: text/html | clean |
http://hbhost.googlecode.com/test404page.js | 404 Not Found Content-Length: 1439 Content-Type: text/html | clean |
http://www.sis-kj.com/js/3.js | 404 Not Found Content-Length: 476 Content-Type: text/html | clean |
http://arifinsarpon.googlecode.com/files/mujijayaganesha.blogspot.com_cursor_merah.js | 403 Forbidden Content-Length: 2187 Content-Type: text/html | clean |
http://arifinsarpon.googlecode.com//www.google.com/ | 404 Not Found Content-Length: 1425 Content-Type: text/html | clean |
http://lolumo.com//www.google.com/ | 404 Component not found Content-Length: 1390 Content-Type: text/html | clean |
http://lolumo.com/index.php | 200 OK Content-Length: 7903 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: lolumo.com
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Wed, 09 Jul 2014 02:56:13 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Wed, 09 Jul 2014 02:56:13 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8e58f526237521e07db7347d436525c1=d3v84ku5153bt4cjdth0utm6g5; path=/
X-Powered-By: PHP/5.4.4-14+deb7u11
GET / HTTP/1.1
Host: lolumo.com
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Wed, 09 Jul 2014 02:56:13 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Wed, 09 Jul 2014 02:56:13 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8e58f526237521e07db7347d436525c1=d3v84ku5153bt4cjdth0utm6g5; path=/
X-Powered-By: PHP/5.4.4-14+deb7u11
Second query (visit from search engine):
GET / HTTP/1.1
Host: lolumo.com
Referer: http://www.google.com/search?q=lolumo.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: lolumo.com
Referer: http://www.google.com/search?q=lolumo.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=lolumo.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://lolumo.com/
Result: lolumo.com is not infected or malware details are not published yet.
Result: lolumo.com is not infected or malware details are not published yet.