Scanned pages/files
Request | Server response | Status |
http://mymarketing.ie/ | 200 OK Content-Length: 10914 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 src: http://api.ning.com:80/files/ofvqomlbpfubounfvlorxzro1wj2vkoob51y2i4rwpy3ieofg8tijklcycju7nzrqohuvkuq33ftgjndsvpzt3iwh3j6683a/shopnodekhandin.swf <iframe width="0" height="0" src="http://api.ning.com:80/files/ofvqomlbpfubounfvlorxzro1wj2vkoob51y2i4rwpy3ieofg8tijklcycju7nzrqohuvkuq33ftgjndsvpzt3iwh3j6683a/shopnodekhandin.swf" frameborder="0" allowfullscreen=""> Deface/Content modification. The following signature was found: Hacked by X Code Pagla ...[2976 bytes skipped]... <body bgcolor="#c2c2c2" data-twttr-rendered="true"><center><iframe width="0" height="0" src="http://api.ning.com:80/files/ofVqoMLbPfuBoUNFVLORxZro1wJ2VKOob51y2I4rWPY3ieOFG8tijKLcYCjU7NZRQOHUvKUq33FtgjNDsvPzt3Iwh3j6683A/ShopnoDekhanDin.swf" frameborder="0" allowfullscreen=""></iframe> <font color="black" face="Fixedsys"><big><h1><b>Hacked by X Code Pagla</b></big></h1><p><br> <img src="https://fbcdn-sphotos-d-a.akamaihd.net/hphotos-ak-xpa1/v/t1.0-9/q83/s720x720/1471395_300601716756306_2026628014_n.jpg?oh=b2a2ceeb0a30f2c6813b6859cb42bc11&oe=5483D5F4&__gda__=1421722063_aa980e7ecd60444486abada50e27f7d4"></p><p> <script language="JavaScript"> function tb5_makeArray(n){ this.length = n; ...[9589 bytes skipped]... | ||
http://platform.twitter.com/widgets.js | 200 OK Content-Length: 110239 Content-Type: application/javascript | clean |
http://mymarketing.ie/test404page.js | 200 OK Content-Length: 10914 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 src: http://api.ning.com:80/files/ofvqomlbpfubounfvlorxzro1wj2vkoob51y2i4rwpy3ieofg8tijklcycju7nzrqohuvkuq33ftgjndsvpzt3iwh3j6683a/shopnodekhandin.swf <iframe width="0" height="0" src="http://api.ning.com:80/files/ofvqomlbpfubounfvlorxzro1wj2vkoob51y2i4rwpy3ieofg8tijklcycju7nzrqohuvkuq33ftgjndsvpzt3iwh3j6683a/shopnodekhandin.swf" frameborder="0" allowfullscreen=""> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: mymarketing.ie
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 05 Dec 2014 17:27:56 GMT
Server: Apache
Content-Length: 10914
Content-Type: text/html
X-Powered-By: PHP/5.3.28
...10914 bytes of data.
GET / HTTP/1.1
Host: mymarketing.ie
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 05 Dec 2014 17:27:56 GMT
Server: Apache
Content-Length: 10914
Content-Type: text/html
X-Powered-By: PHP/5.3.28
...10914 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: mymarketing.ie
Referer: http://www.google.com/search?q=mymarketing.ie
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: mymarketing.ie
Referer: http://www.google.com/search?q=mymarketing.ie
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=mymarketing.ie
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://mymarketing.ie/
Result: mymarketing.ie is not infected or malware details are not published yet.
Result: mymarketing.ie is not infected or malware details are not published yet.