Scanned pages/files
Request | Server response | Status |
http://mongoltextile.com/ | 200 OK Content-Length: 7903 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Ayyıldız tim <html><head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1254"> <link rel="SHORTCUT ICON" href="http://g1302.hizliresim.com/16/1/jmynp.png"> <title>Hacked By Ayyıldız tim</title> <style type="text/css"> body { background-image: url("http://d1303.hizliresim.com/17/k/l52pm.gif"); background-repeat: repeat; } body,td,th { color: #FFF; } </style> <style type="text/css" media="all"> #text-shadow-box { position: fixed; left: 0; right: 0; top: 0; bottom: 0; width: 100%; height: 100%; ...[9280 bytes skipped]... | ||
http://hbhost.googlecode.com/files/snow.js | 404 Not Found Content-Length: 1438 Content-Type: text/html | clean |
http://hbhost.googlecode.com//www.google.com/ | 404 Not Found Content-Length: 1425 Content-Type: text/html | clean |
http://hbhost.googlecode.com/test404page.js | 404 Not Found Content-Length: 1439 Content-Type: text/html | clean |
http://www.sis-kj.com/js/3.js | 404 Not Found Content-Length: 476 Content-Type: text/html | clean |
http://arifinsarpon.googlecode.com/files/mujijayaganesha.blogspot.com_cursor_merah.js | 403 Forbidden Content-Length: 2187 Content-Type: text/html | clean |
http://arifinsarpon.googlecode.com//www.google.com/ | 404 Not Found Content-Length: 1425 Content-Type: text/html | clean |
http://mongoltextile.com//www.google.com/ | 404 Component not found Content-Length: 1390 Content-Type: text/html | clean |
http://mongoltextile.com/index.php | 200 OK Content-Length: 7903 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: mongoltextile.com
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Sun, 08 Jun 2014 01:42:04 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sun, 08 Jun 2014 01:42:04 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: ea2c6ce6ac5465e484a990d22002c10f=db156ddefc6ed3fd80a798c426ab7517; path=/
Set-Cookie: lang=deleted; expires=Sat, 08-Jun-2013 01:42:03 GMT; path=/
Set-Cookie: jfcookie=deleted; expires=Sat, 08-Jun-2013 01:42:03 GMT; path=/
Set-Cookie: jfcookie[lang]=deleted; expires=Sat, 08-Jun-2013 01:42:03 GMT; path=/
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: mongoltextile.com
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Sun, 08 Jun 2014 01:42:04 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sun, 08 Jun 2014 01:42:04 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: ea2c6ce6ac5465e484a990d22002c10f=db156ddefc6ed3fd80a798c426ab7517; path=/
Set-Cookie: lang=deleted; expires=Sat, 08-Jun-2013 01:42:03 GMT; path=/
Set-Cookie: jfcookie=deleted; expires=Sat, 08-Jun-2013 01:42:03 GMT; path=/
Set-Cookie: jfcookie[lang]=deleted; expires=Sat, 08-Jun-2013 01:42:03 GMT; path=/
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: mongoltextile.com
Referer: http://www.google.com/search?q=mongoltextile.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: mongoltextile.com
Referer: http://www.google.com/search?q=mongoltextile.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=mongoltextile.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://mongoltextile.com/
Result: mongoltextile.com is not infected or malware details are not published yet.
Result: mongoltextile.com is not infected or malware details are not published yet.