Scanned pages/files
Request | Server response | Status |
http://nightflyent.com/ | 200 OK Content-Length: 15239 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED BY B0oM L!BY4N T34M ...[214 bytes skipped]... 0M L!BY4N T34M [+]</a></div> <div style="display: none;"><a href="BO0M">[+] H4ck3d By BO0M L!BY4N T34M [+]</a></div> <script> //mouse //Circling text trail- Tim Tilton //Website: http://www.tempermedia.com/ //Visit http://www.dynamicdrive.com/ for this script and more function cursor_text_circle(){ // your message here var msg=' HACKED BY B0oM L!BY4N T34M '.split('').reverse().join(''); var font='Verdana,Arial'; var size=3; // up to seven var color='#ffffff'; // This is not the rotation speed, its the reaction speed, keep low! // Set this to 1 for just plain rotation w/out drag var speed=.3; // This is the rotation speed, set it negative if you want // it to spin clockwise var rotation=-.2; // Alter no variables past here!, unless you are good //------------------ ...[16912 bytes skipped]... | ||
https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js | 200 OK Content-Length: 94840 Content-Type: text/javascript | clean |
http://nightflyent.com/BO0M | 404 Not Found Content-Length: 12839 Content-Type: text/html | clean |
http://code.jquery.com/jquery-1.9.1.js | 200 OK Content-Length: 268381 Content-Type: application/x-javascript | clean |
http://suspended.hostgator.com/js/simple-expand.min.js | 200 OK Content-Length: 2782 Content-Type: application/javascript | clean |
http://nightflyent.com/test404page.js | 404 Not Found Content-Length: 12839 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: nightflyent.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 23 Jul 2014 02:21:35 GMT
Server: nginx/1.6.0
Content-Type: text/html
GET / HTTP/1.1
Host: nightflyent.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 23 Jul 2014 02:21:35 GMT
Server: nginx/1.6.0
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: nightflyent.com
Referer: http://www.google.com/search?q=nightflyent.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: nightflyent.com
Referer: http://www.google.com/search?q=nightflyent.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=nightflyent.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://nightflyent.com/
Result: nightflyent.com is not infected or malware details are not published yet.
Result: nightflyent.com is not infected or malware details are not published yet.