Scanned pages/files
| Request | Server response | Status |
http://physiciannotes.com/ | 200 OK Content-Length: 6582 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Indonesian Security Tester ...[2373 bytes skipped]... oplay=1&volume=125" name="FlashVars"/></object> <title>[#] Family IST [#] </title> <link href="http://i.imgur.com/8iIL1Cx.png" rel="shortcut icon" type="image/x-icon" /> <meta content='IST' name='copyright'/> <meta content='IST' name='author'/> <meta name="robots" content="index, follow"> <meta name="keywords" content="Hacked By Indonesian Security Tester "> <meta name="description" content="Hacked By Indonesian Security Tester "> <meta name="author" content=" Indonesian Security Tester"> <meta name="googlebot" content="index, follow"> <meta name="rating" content="general"> <meta name="copyright" content=".Indonesian Security Tester @ 2014. All rights reserved."> <meta name="language" content="en"> <meta name="web_content_type" content="Pe ...[4402 bytes skipped]... | ||
http://golikedoit.com/snow.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://golikedoit.com/test404page.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: physiciannotes.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Sat, 01 Nov 2014 12:10:30 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 1808b66b479457fed063f4d8a3f1aa0b=g716hoqb9h24gmrui100mbpq31; path=/
GET / HTTP/1.1
Host: physiciannotes.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Sat, 01 Nov 2014 12:10:30 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 1808b66b479457fed063f4d8a3f1aa0b=g716hoqb9h24gmrui100mbpq31; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: physiciannotes.com
Referer: http://www.google.com/search?q=physiciannotes.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: physiciannotes.com
Referer: http://www.google.com/search?q=physiciannotes.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=physiciannotes.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://physiciannotes.com/
Result: physiciannotes.com is not infected or malware details are not published yet.
Result: physiciannotes.com is not infected or malware details are not published yet.