Scanned pages/files
Request | Server response | Status |
http://plaloma.com/ | 200 OK Content-Length: 38476 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED BY LULZSEC SABAH ...[25561 bytes skipped]... moz-linear-gradient(top, #fae2e2, #f2cacb); filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#fae2e2', endColorstr='#f2cacb'); color: #be4741; text-shadow: 0 1px 0 #fff;" > <marquee ONMOUSEOVER = stop(); ONMOUSEOUT = start(); SCROLLAMOUNT ="3"> <font size="3"> <p>HACKED BY LULZSEC SABAH</p> <p> </p> <p><a href="https://www.facebook.com/groups/Lulzsec.Sabah/"><img alt="" src="https://fbcdn-sphotos-a-a.akamaihd.net/hphotos-ak-xfa1/t1.0-9/10420242_290951811080702_3311194814943158985_n.jpg" style="height:357px; width:583px" /></a></p> <p> </p> <p> </p> ...[20087 bytes skipped]... | ||
http://plaloma.com/./fancybox/lib/jquery-1.8.2.min.js | 200 OK Content-Length: 93435 Content-Type: application/x-javascript | clean |
http://plaloma.com/js/jquery.jcarousel.pack.js | 200 OK Content-Length: 8882 Content-Type: application/x-javascript | clean |
http://plaloma.com/js/jquery-func.js | 200 OK Content-Length: 1037 Content-Type: application/x-javascript | clean |
http://plaloma.com/./menu/tree_frog_slide/stuHover.js | 200 OK Content-Length: 929 Content-Type: application/x-javascript | clean |
http://plaloma.com/./fancybox/lib/jquery.mousewheel-3.0.6.pack.js | 200 OK Content-Length: 1384 Content-Type: application/x-javascript | clean |
http://plaloma.com/./fancybox/source/jquery.fancybox.js?v=2.1.3 | 200 OK Content-Length: 50048 Content-Type: application/x-javascript | clean |
http://plaloma.com/./fancybox/source/helpers/jquery.fancybox-buttons.js?v=1.0.5 | 200 OK Content-Length: 3003 Content-Type: application/x-javascript | clean |
http://plaloma.com/./fancybox/source/helpers/jquery.fancybox-thumbs.js?v=1.0.7 | 200 OK Content-Length: 3836 Content-Type: application/x-javascript | clean |
http://plaloma.com/./fancybox/source/helpers/jquery.fancybox-media.js?v=1.0.5 | 200 OK Content-Length: 5169 Content-Type: application/x-javascript | clean |
http://plaloma.com/./ | 200 OK Content-Length: 38476 Content-Type: text/html | clean |
http://plaloma.com/././fancybox/lib/jquery-1.8.2.min.js | 200 OK Content-Length: 51901 Content-Type: application/x-javascript | clean |
http://plaloma.com/./js/jquery.jcarousel.pack.js | 200 OK Content-Length: 8882 Content-Type: application/x-javascript | clean |
http://plaloma.com/./js/jquery-func.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://plaloma.com/test404page.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: plaloma.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 15 Jun 2014 15:35:06 GMT
Server: nginx/1.2.1
Content-Type: text/html
X-Powered-By: PHP/5.4.4-14+deb7u9
GET / HTTP/1.1
Host: plaloma.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 15 Jun 2014 15:35:06 GMT
Server: nginx/1.2.1
Content-Type: text/html
X-Powered-By: PHP/5.4.4-14+deb7u9
Second query (visit from search engine):
GET / HTTP/1.1
Host: plaloma.com
Referer: http://www.google.com/search?q=plaloma.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: plaloma.com
Referer: http://www.google.com/search?q=plaloma.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=plaloma.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://plaloma.com/
Result: plaloma.com is not infected or malware details are not published yet.
Result: plaloma.com is not infected or malware details are not published yet.