Scanned pages/files
| Request | Server response | Status |
http://pensionen-badkissingen.de/ | 200 OK Content-Length: 54163 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Mr. Xenophobic ...[2423 bytes skipped]... t; <script> (function() { var html5 = ("abbr,article,aside,audio,canvas,datalist,details," + "figure,footer,header,hgroup,mark,menu,meter,nav,output," + "progress,section,time,video").split(','); for (var i = 0; i < html5.length; i++) { document.createElement(html5[i]); } try { document.execCommand('BackgroundImageCache', false, true); } catch(e) {} })(); </script> <![endif]--> <title>Hacked By Mr. Xenophobic</title> <link type='text/css' rel='stylesheet' href='//www.blogger.com/static/v1/widgets/1519970877-widget_css_bundle.css' /> <style id='page-skin-1' type='text/css'><!-- /* ------------------------------------------------------------- Thanks For Our Source Code :* Enjoy My Simple Blog -------------------------------------------------------------- */ /*---HTML RESET---*/ html, body, div, span, object, iframe, ...[56526 bytes skipped]... | ||
http://www.febriancyber.com/js/jquery-1.6.4.min.js | 500 Can't connect to www.febriancyber.com:80 (Bad hostname) Content-Length: 172 Content-Type: text/plain | clean |
http://www.febriancyber.com/test404page.js | 500 Can't connect to www.febriancyber.com:80 (Bad hostname) Content-Length: 172 Content-Type: text/plain | clean |
http://www.febriancyber.com/js/cufon-yui.js | 500 Can't connect to www.febriancyber.com:80 (Bad hostname) Content-Length: 172 Content-Type: text/plain | clean |
http://www.febriancyber.com/js/Yanone_Kaffeesatz_400-700.font.js | 500 Can't connect to www.febriancyber.com:80 (Bad hostname) Content-Length: 172 Content-Type: text/plain | clean |
http://www.febriancyber.com/js/jquery.prettyPhoto.js | 500 Can't connect to www.febriancyber.com:80 (Bad hostname) Content-Length: 172 Content-Type: text/plain | clean |
http://www.febriancyber.com/js/jquery.form.js | 500 Can't connect to www.febriancyber.com:80 (Bad hostname) Content-Length: 172 Content-Type: text/plain | clean |
http://www.febriancyber.com/js/jquery.ufvalidator-1.0.5.js | 500 Can't connect to www.febriancyber.com:80 (Bad hostname) Content-Length: 172 Content-Type: text/plain | clean |
http://www.febriancyber.com/js/jquery.easing.1.3.js | 500 Can't connect to www.febriancyber.com:80 (Bad hostname) Content-Length: 172 Content-Type: text/plain | clean |
http://www.febriancyber.com/js/jquery.mousewheel.js | 500 Can't connect to www.febriancyber.com:80 (Bad hostname) Content-Length: 172 Content-Type: text/plain | clean |
http://www.febriancyber.com/js/jquery.jscrollpane.js | 500 Can't connect to www.febriancyber.com:80 (Bad hostname) Content-Length: 172 Content-Type: text/plain | clean |
http://www.febriancyber.com/js/jquery.progression.1.3.js | 500 Can't connect to www.febriancyber.com:80 (Bad hostname) Content-Length: 172 Content-Type: text/plain | clean |
http://www.febriancyber.com/js/jquery.text-effects.js | 500 Can't connect to www.febriancyber.com:80 (Bad hostname) Content-Length: 172 Content-Type: text/plain | clean |
http://www.febriancyber.com/js/custom.js | 500 Can't connect to www.febriancyber.com:80 (Bad hostname) Content-Length: 172 Content-Type: text/plain | clean |
http://pensionen-badkissingen.de//www.blogger.com/static/v1/widgets/3934819169-widgets.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Wed, 20 Aug 2014 21:30:32 GMT Pragma: no-cache Location: http://pensionen-badkissingen.de/www.blogger.com/static/v1/widgets/3934819169-widgets.js/ Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Last-Modified: Wed, 20 Aug 2014 21:30:33 GMT Set-Cookie: PHPSESSID=8aa7ad27798db6c4291b7b8033182555; path=/ X-Pingback: http://www.xn--kissfhrer-u9a.de/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://pensionen-badkissingen.de/www.blogger.com/static/v1/widgets/3934819169-widgets.js/ | 404 Not Found Content-Length: 13606 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: pensionen-badkissingen.de
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 20 Aug 2014 21:30:31 GMT
Accept-Ranges: bytes
ETag: "c8aef777-d393-4dcb07d5df41d"
Server: Apache
Content-Length: 54163
Content-Type: text/html
Last-Modified: Tue, 14 May 2013 16:54:42 GMT
...54163 bytes of data.
GET / HTTP/1.1
Host: pensionen-badkissingen.de
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 20 Aug 2014 21:30:31 GMT
Accept-Ranges: bytes
ETag: "c8aef777-d393-4dcb07d5df41d"
Server: Apache
Content-Length: 54163
Content-Type: text/html
Last-Modified: Tue, 14 May 2013 16:54:42 GMT
...54163 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: pensionen-badkissingen.de
Referer: http://www.google.com/search?q=pensionen-badkissingen.de
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: pensionen-badkissingen.de
Referer: http://www.google.com/search?q=pensionen-badkissingen.de
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=pensionen-badkissingen.de
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://pensionen-badkissingen.de/
Result: pensionen-badkissingen.de is not infected or malware details are not published yet.
Result: pensionen-badkissingen.de is not infected or malware details are not published yet.