Scanned pages/files
Request | Server response | Status |
http://mydes.co/ | 200 OK Content-Length: 4458 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by [IN]SecInjection <html>
<script> var rev = "fwd"; function titlebar(val) { var msg = "Hacked by [IN]SecInjection"; var res = " "; var speed = 100; var pos = val; msg = " !~ "+msg+" ~!"; var le = msg.length; if(rev == "fwd"){ if(pos < le){ pos = pos+1; scroll = msg.substr(0,pos); document.title = scroll; timer = window.setTimeout("titlebar("+pos+")",speed); } else{ rev = "bwd"; timer = window.setTimeout("titlebar("+pos+")",speed) ...[4711 bytes skipped]... | ||
http://mydes.co/irc.lc/anonnet | 404 Not Found Content-Length: 4418 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js | 200 OK Content-Length: 92629 Content-Type: text/javascript | clean |
https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js | 200 OK Content-Length: 200104 Content-Type: text/javascript | clean |
http://mydes.co/test404page.js | 404 Not Found Content-Length: 4418 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: mydes.co
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 07 May 2014 02:34:21 GMT
Accept-Ranges: bytes
ETag: "116a-4f88b0510a834"
Server: Apache
Vary: Accept-Encoding
Content-Length: 4458
Content-Type: text/html
Last-Modified: Sun, 04 May 2014 03:57:55 GMT
X-Pad: avoid browser bug
...4458 bytes of data.
GET / HTTP/1.1
Host: mydes.co
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 07 May 2014 02:34:21 GMT
Accept-Ranges: bytes
ETag: "116a-4f88b0510a834"
Server: Apache
Vary: Accept-Encoding
Content-Length: 4458
Content-Type: text/html
Last-Modified: Sun, 04 May 2014 03:57:55 GMT
X-Pad: avoid browser bug
...4458 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: mydes.co
Referer: http://www.google.com/search?q=mydes.co
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: mydes.co
Referer: http://www.google.com/search?q=mydes.co
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=mydes.co
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://mydes.co/
Result: mydes.co is not infected or malware details are not published yet.
Result: mydes.co is not infected or malware details are not published yet.