Scanned pages/files
| Request | Server response | Status |
http://peibol.es/ | 200 OK Content-Length: 1261 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: .:: Hacked By : T3RMiNaL ...[279 bytes skipped]... ursor: no-drop; onkeydown=" return="" false;'="" oncontextmenu="return false;" onkeydown="return false;" onmousedown="return false;" bgcolor="black"><center> <body background="http://www.uploadtak.com/images/h5427_bg.jpg" bgcolor="black"> <meta http-equiv="Content-Language" content="fa" /> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <title>.:: Hacked By : T3RMiNaL </title> <link href='http://auriol.free.fr/Images/drapeau-maroc.gif' rel='shortcut icon'/> <img src="http://www6.0zz0.com/2012/11/29/23/159175321.png"></p> <img src="http://www6.0zz0.com/2013/10/11/14/847218533.jpg"></p> <font size="10" face="Times New Roman"><font color="red">TERMINAL COMMAND<br> <font size="5" face="Times New Roman"><font color="Green">MoRoCCaiN HacKeR<br> ...[357 bytes skipped]... | ||
http://peibol.es/test404page.js | 404 Not Found Content-Length: 1363 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: peibol.es
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 05 Jul 2014 06:21:10 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sat, 05 Jul 2014 06:21:11 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: e2cde16525d81f2a3259ccf146f9d665=30d82104d780dfc55ef9084b0c13a834; path=/; HttpOnly
X-Powered-By: PHP/5.5.14
GET / HTTP/1.1
Host: peibol.es
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 05 Jul 2014 06:21:10 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sat, 05 Jul 2014 06:21:11 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: e2cde16525d81f2a3259ccf146f9d665=30d82104d780dfc55ef9084b0c13a834; path=/; HttpOnly
X-Powered-By: PHP/5.5.14
Second query (visit from search engine):
GET / HTTP/1.1
Host: peibol.es
Referer: http://www.google.com/search?q=peibol.es
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: peibol.es
Referer: http://www.google.com/search?q=peibol.es
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=peibol.es
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://peibol.es/
Result: peibol.es is not infected or malware details are not published yet.
Result: peibol.es is not infected or malware details are not published yet.