Scanned pages/files
Request | Server response | Status |
http://oemwicker.com/ | 200 OK Content-Length: 11126 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: [Hacked By PBG-SecurityDown] ...[2893 bytes skipped]... 5_speed; k = tb5_arr[n]; tb5_sts[k] = tb5_messages[tb5_currMsg].charAt(k); tb5_stsmsg = ""; for (var i=0; i<tb5_sts.length; i++) tb5_stsmsg += tb5_sts[i]; document.title = tb5_stsmsg; n++; } tb5_timerID = setTimeout("tb5_init("+n+")", tb5_sp); } function tb5_randomizetitle(){ tb5_init(0); } tb5_randomizetitle(); </script> <title>[Hacked By PBG-SecurityDown]</title> <object data='http://flash-mp3-player.net/medias/player_mp3.swf' height='0' type='application/x-shockwave-flash' width='0'> <param name='FlashVars' value='mp3=http://ook.weebly.com/uploads/4/6/5/2/465268/kiss_the_rain.mp3&loop=1&autoplay=1&volume=120'/></object> <style type="text/css"> .style { font-family: Orbitron; font-size: 30px; < ...[10530 bytes skipped]... | ||
http://masterendi.googlecode.com/files/salju.js | 200 OK Content-Length: 3302 Content-Type: text/plain | clean |
http://masterendi.googlecode.com/test404page.js | 404 Not Found Content-Length: 1439 Content-Type: text/html | clean |
http://masterendi.googlecode.com//www.google.com/ | 404 Not Found Content-Length: 1425 Content-Type: text/html | clean |
http://www.alanz.tk/js/typewriter.js | HTTP/1.1 203 Non-Authoritative Information Cache-Control: no-cache Connection: close Date: Tue, 27 May 2014 11:34:12 GMT Pragma: no-cache Server: nginx Content-Type: text/html;charset=UTF-8 Expires: Thu, 01 Jan 1970 00:00:00 GMT Set-Cookie: JSESSIONID=aIssaug02VZc; path=/ X-Server: napapoatafu.ams.taloha.net | clean |
http://domain.dot.tk/p/?d=alanz.tk&i=78.158.11.226&c=370&ro=0&ref=unknown&_=1401190452301 | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 27 May 2014 11:34:12 GMT Location: http://freedomains4all.tk/?&_=1401190453 Server: Apache/1.3.41 (Unix) mod_perl/1.30 Content-Length: 0 Content-Type: text/html; charset=ISO-8859-1 | clean |
http://freedomains4all.tk/?&_=1401190453 | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: oemwicker.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 27 May 2014 11:34:11 GMT
Server: nginx/1.6.0
Content-Type: text/html
GET / HTTP/1.1
Host: oemwicker.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 27 May 2014 11:34:11 GMT
Server: nginx/1.6.0
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: oemwicker.com
Referer: http://www.google.com/search?q=oemwicker.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: oemwicker.com
Referer: http://www.google.com/search?q=oemwicker.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=oemwicker.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://oemwicker.com/
Result: oemwicker.com is not infected or malware details are not published yet.
Result: oemwicker.com is not infected or malware details are not published yet.