Scanned pages/files
| Request | Server response | Status |
http://petronesia.co.id/ | 200 OK Content-Length: 40844 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Moroccan Hassan ...[11139 bytes skipped]... ===============================++++=======================================]--> <!--]:* MKD TEAM :* [--> <!--] Moroccan Kingdom contact www.facebook.com/moroccankingdom024 [--> <!--[===================================++++=======================================]--> <script src="http://masterendi.googlecode.com/files/salju.js"></script> <h1 style="text-align: center;">Hacked By Moroccan Hassan</h1> <!-- body {background:black; color:#FFFFFF; text-decoration:none; font-family:Concert One; font-size:16px;} img {opacity:0.5;} img:hover {opacity:1;} a {text-decoration:none; color:#FFFFFF;} a:hover {text-decoration:none; color:#666666;} --> <h1 style="text-align: center;"><strong><span style="font-family: monotype corsiva; color: white;"><span lang="fr">Hacked By</span> </span><span style="font-family: ...[35377 bytes skipped]... | ||
http://petronesia.co.id/media/system/js/caption.js | 200 OK Content-Length: 2150 Content-Type: text/javascript | clean |
http://petronesia.co.id/modules/mod_rokslideshow/tmpl/rokslideshow.js | 200 OK Content-Length: 7925 Content-Type: text/javascript | clean |
http://petronesia.co.id/modules/mod_bannerslider/tmpl/mod_bannerslider.js | 200 OK Content-Length: 4897 Content-Type: text/javascript | clean |
http://petronesia.co.id/modules/mod_hxdmoomenu/assets/js/hxdmoomenu.js | 200 OK Content-Length: 1891 Content-Type: text/javascript | clean |
http://petronesia.co.id/modules/mod_hxdmoomenu/assets/js/mootools.bgiframe.js | 200 OK Content-Length: 964 Content-Type: text/javascript | clean |
http://masterendi.googlecode.com/files/salju.js | 404 Not Found Content-Length: 1439 Content-Type: text/html | clean |
http://masterendi.googlecode.com//www.google.com/ | 404 Not Found Content-Length: 1425 Content-Type: text/html | clean |
http://masterendi.googlecode.com/test404page.js | 404 Not Found Content-Length: 1439 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.4.1/jquery.min.js | 200 OK Content-Length: 70843 Content-Type: text/javascript | clean |
http://petronesia.co.id//www.google.com/ | 404 Component not found Content-Length: 1390 Content-Type: text/html | clean |
http://petronesia.co.id/index.php | 200 OK Content-Length: 40853 Content-Type: text/html | clean |
http://petronesia.co.id/menu-company.html | 200 OK Content-Length: 12344 Content-Type: text/html | clean |
http://petronesia.co.id/menu-company/submenu-history.html | 200 OK Content-Length: 12367 Content-Type: text/html | clean |
http://petronesia.co.id/menu-company/submenu-vision-and-mission.html | 200 OK Content-Length: 8632 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: petronesia.co.id
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 20 Jan 2015 18:10:04 GMT
Pragma: no-cache
Server: Apache/2.4.10 (azmanage) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9
Vary: Host,Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 20 Jan 2015 18:10:05 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: d5994bb33655c8668973ae368c138398=d1133781d4b9cec28245f9308d6f2340; path=/
X-Powered-By: PHP/4.4.9
GET / HTTP/1.1
Host: petronesia.co.id
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 20 Jan 2015 18:10:04 GMT
Pragma: no-cache
Server: Apache/2.4.10 (azmanage) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9
Vary: Host,Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 20 Jan 2015 18:10:05 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: d5994bb33655c8668973ae368c138398=d1133781d4b9cec28245f9308d6f2340; path=/
X-Powered-By: PHP/4.4.9
Second query (visit from search engine):
GET / HTTP/1.1
Host: petronesia.co.id
Referer: http://www.google.com/search?q=petronesia.co.id
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: petronesia.co.id
Referer: http://www.google.com/search?q=petronesia.co.id
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=petronesia.co.id
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://petronesia.co.id/
Result: petronesia.co.id is not infected or malware details are not published yet.
Result: petronesia.co.id is not infected or malware details are not published yet.