Scanned pages/files
| Request | Server response | Status |
http://pusatobat-priaperkasa.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 03 Apr 2014 22:33:04 GMT Location: http://www.pusatobat-priaperkasa.com/ Server: ghs Content-Length: 234 Content-Type: text/html; charset=UTF-8 Alternate-Protocol: 80:quic X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
http://www.pusatobat-priaperkasa.com/ | 200 OK Content-Length: 75412 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: * Drag and Drop Script Hacked By.kadam ...[23444 bytes skipped]... atic; } --></style> <link href='http://1.bp.blogspot.com/_-_vdEj2kkjo/TTNIAh8WW3I/AAAAAAAAAD0/trnlWggmGR8/s1600/i_reddit_sm.png' rel='SHORTCUT ICON'/> <style type='text/css'> .drag{ position:relative; cursor:hand; z-index: 100; } </style> <script type='text/javascript'> /*********************************************** * Drag and Drop Script Hacked By.kadam ***********************************************/ var dragobject={ z: 0, x: 0, y: 0, offsetx : null, offsety : null, targetobj : null, dragapproved : 0, initialize:function(){ document.onmousedown=this.drag document.onmouseup=function(){this.dragapproved=0} }, drag:function(e){ var evtobj=window.event? window.event : e this.targetobj=window.event? event.srcElement : e.target if (this.targetobj.className=="drag") ...[65899 bytes skipped]... | ||
http://rizqi.moehamed.googlepages.com/read-moreotomatis.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 03 Apr 2014 22:33:05 GMT Location: http://sites.google.com/site/rizqimoehamed/read-moreotomatis.js Server: ghs Content-Length: 260 Content-Type: text/html; charset=UTF-8 Alternate-Protocol: 80:quic X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
http://sites.google.com/site/rizqimoehamed/read-moreotomatis.js | HTTP/1.1 302 Moved Temporarily Cache-Control: private, max-age=0 Connection: close Date: Thu, 03 Apr 2014 22:33:05 GMT Location: https://sites.google.com/site/rizqimoehamed/read-moreotomatis.js Server: GSE Content-Type: text/html; charset=UTF-8 Expires: Thu, 03 Apr 2014 22:33:05 GMT Alternate-Protocol: 80:quic X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
https://sites.google.com/site/rizqimoehamed/read-moreotomatis.js | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Thu, 03 Apr 2014 22:33:05 GMT Pragma: no-cache ETag: "1267575865675" Location: https://sites.google.com/site/rizqimoehamed/read-moreotomatis.js?attredirects=0 Server: GSE Content-Type: text/html; charset=UTF-8 Expires: Fri, 01 Jan 1990 00:00:00 GMT Last-Modified: Wed, 03 Mar 2010 00:24:25 GMT X-Content-Type-Options: nosniff X-Robots-Tag: noarchive X-XSS-Protection: 1; mode=block | clean |
https://sites.google.com/site/rizqimoehamed/read-moreotomatis.js?attredirects=0 | HTTP/1.1 302 Moved Temporarily Cache-Control: private, max-age=0 Connection: close Date: Thu, 03 Apr 2014 22:33:06 GMT Location: https://2299df1a-a-62cb3a1a-s-sites.googlegroups.com/site/rizqimoehamed/read-moreotomatis.js?attachauth=ANoY7coqw9FMaVcwc42mjyxMLYeg7l2gHQJg6jKbn6y-2wnNOe0mXdN_7QupoUOd6J4_bDBy_VEPsseusNqb7bxdOC59SJ5_hHQzHQwyhYl99QSjo2b7J8QToiYjAIN4sRgHO0qeTtuz4bYzcfVd9XvLmbmEnL3eFP0sYwYSoBXG6knFLQsYeiQLdR_YPdg2iJqUWgoeOBYH8VE_hMaLLRVEH5h8Hf-m8OP4IU-Ii31mU-ijZdPlAKk%3D&attredirects=0 Server: GSE Content-Type: text/html; charset=UTF-8 Expires: Thu, 03 Apr 2014 22:33:06 GMT X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
https://2299df1a-a-62cb3a1a-s-sites.googlegroups.com/site/rizqimoehamed/read-moreotomatis.js?attachauth=anoy7coqw9fmavcwc42mjyxmlyeg7l2ghqjg6jkbn6y-2wnnoe0mxdn_7qupouod6j4_bdby_vepsseusnqb7bxdoc59sj5_hhqzhqwyhyl99qsjo2b7j8qtoiyjain4srgho0qettuz4byzcfvd9xvlmbmenl3efp0sywysobxg6knflqsyeiqldr_ypdg2ijquwgoeobyh8ve_hmallrveh5h8hf-m8op4iu-ii31mu-ijzdplakk%3d&attredirects=0 | HTTP/1.1 302 Moved Temporarily Cache-Control: private, max-age=0 Connection: close Date: Thu, 03 Apr 2014 22:33:06 GMT Location: https://www.google.com/a/UniversalLogin?service=jotspot&passive=1209600&continue=https://2299df1a-a-62cb3a1a-s-sites.googlegroups.com/site/rizqimoehamed/read-moreotomatis.js?attachauth%3Danoy7coqw9fmavcwc42mjyxmlyeg7l2ghqjg6jkbn6y-2wnnoe0mxdn_7qupouod6j4_bdby_vepsseusnqb7bxdoc59sj5_hhqzhqwyhyl99qsjo2b7j8qtoiyjain4srgho0qettuz4byzcfvd9xvlmbmenl3efp0sywysobxg6knflqsyeiqldr_ypdg2ijquwgoeobyh8ve_hmallrveh5h8hf-m8op4iu-ii31mu-ijzdplakk%253D%26attredirects%3D0&followup=https://2299df1a-a-62cb3a1a-s-sites.googlegroups.com/site/rizqimoehamed/read-moreotomatis.js?attachauth%3Danoy7coqw9fmavcwc42mjyxmlyeg7l2ghqjg6jkbn6y-2wnnoe0mxdn_7qupouod6j4_bdby_vepsseusnqb7bxdoc59sj5_hhqzhqwyhyl99qsjo2b7j8qtoiyjain4srgho0qettuz4byzcfvd9xvlmbmenl3efp0sywysobxg6knflqsyeiqldr_ypdg2ijquwgoeobyh8ve_hmallrveh5h8hf-m8op4iu-ii31mu-ijzdplakk%253D%26attredirects%3D0 Server: GSE Content-Type: text/html; charset=UTF-8 Expires: Thu, 03 Apr 2014 22:33:06 GMT Alternate-Protocol: 443:quic X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
https://www.google.com/a/universallogin?service=jotspot&passive=1209600&continue=https://2299df1a-a-62cb3a1a-s-sites.googlegroups.com/site/rizqimoehamed/read-moreotomatis.js?attachauth%3danoy7coqw9fmavcwc42mjyxmlyeg7l2ghqjg6jkbn6y-2wnnoe0mxdn_7qupouod6j4_bdby_vepsseusnqb7bxdoc59sj5_hhqzhqwyhyl99qsjo2b7j8qtoiyjain4srgho0qettuz4byzcfvd9xvlmbmenl3efp0sywysobxg6knflqsyeiqldr_ypdg2ijquwgoeobyh8ve_hmall <span>...445 symbols skipped</span> | HTTP/1.1 301 Moved Permanently Cache-Control: private, max-age=0 Connection: close Date: Thu, 03 Apr 2014 22:33:06 GMT Location: /a/cpanel/universallogin?service=jotspot&passive=1209600&continue=https%3A%2F%2F2299df1a-a-62cb3a1a-s-sites.googlegroups.com%2Fsite%2Frizqimoehamed%2Fread-moreotomatis.js%3Fattachauth%3Danoy7coqw9fmavcwc42mjyxmlyeg7l2ghqjg6jkbn6y-2wnnoe0mxdn_7qupouod6j4_bdby_vepsseusnqb7bxdoc59sj5_hhqzhqwyhyl99qsjo2b7j8qtoiyjain4srgho0qettuz4byzcfvd9xvlmbmenl3efp0sywysobxg6knflqsyeiqldr_ypdg2ijquwgoeobyh8ve_hmallrveh5h8hf-m8op4iu-ii31mu-ijzdplakk%253d%26attredirects%3D0&followup=https%3A%2F%2F2299df1a-a-62cb3a1a-s-sites.googlegroups.com%2Fsite%2Frizqimoehamed%2Fread-moreotomatis.js%3Fattachauth%3Danoy7coqw9fmavcwc42mjyxmlyeg7l2ghqjg6jkbn6y-2wnnoe0mxdn_7qupouod6j4_bdby_vepsseusnqb7bxdoc59sj5_hhqzhqwyhyl99qsjo2b7j8qtoiyjain4srgho0qettuz4byzcfvd9xvlmbmenl3efp0sywysobxg6knflqsyeiqldr_ypdg2ijquwgoeobyh8ve_hmallrveh5h8hf-m8op4iu-ii31mu-ijzdplakk%253d%26attredirects%3D0 Server: GSE Content-Length: 1052 Content-Type: text/html; charset=UTF-8 Expires: Thu, 03 Apr 2014 22:33:06 GMT X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block | clean |
http://www.google.com/test404page.js | 404 Not Found Content-Length: 1439 Content-Type: text/html | clean |
http://www.google.com//www.google.com/ | 404 Not Found Content-Length: 1440 Content-Type: text/html | clean |
https://apis.google.com/js/plusone.js | 200 OK Content-Length: 11629 Content-Type: application/javascript | clean |
http://pusatobat-priaperkasa.com//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 03 Apr 2014 22:33:07 GMT Location: http://www.pusatobat-priaperkasa.com//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit/ Server: ghs Content-Length: 309 Content-Type: text/html; charset=UTF-8 Alternate-Protocol: 80:quic X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
http://www.pusatobat-priaperkasa.com//translate.google.com/translate_a/element.js?cb=googletranslateelementinit/ | 404 Not Found Content-Length: 47630 Content-Type: text/html | clean |
http://www.pusatobat-priaperkasa.com//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit/ | 404 Not Found Content-Length: 47630 Content-Type: text/html | clean |
https://www.blogger.com/static/v1/widgets/3882746423-widgets.js | 200 OK Content-Length: 89296 Content-Type: text/javascript | clean |
http://www.pusatobat-priaperkasa.com/search/label/Produk%20Kosmetik | 200 OK Content-Length: 85341 Content-Type: text/html | clean |
http://www.pusatobat-priaperkasa.com/search/label/Obat%20Kesehatan%20Herbal | 200 OK Content-Length: 81732 Content-Type: text/html | clean |
http://www.pusatobat-priaperkasa.com/search/label/Obat%20Kuat%20Pria | 200 OK Content-Length: 92209 Content-Type: text/html | clean |
http://www.pusatobat-priaperkasa.com/search/label/Kondom%20Silikon | 200 OK Content-Length: 58699 Content-Type: text/html | clean |
http://www.pusatobat-priaperkasa.com/search/label/Ring%20Silikon | 200 OK Content-Length: 56364 Content-Type: text/html | clean |
http://www.pusatobat-priaperkasa.com/search/label/Alat%20Bantu%20Pria | 200 OK Content-Length: 67152 Content-Type: text/html | clean |
https://www.blogger.com/static/v1/widgets/3788961956-widgets.js | 200 OK Content-Length: 89269 Content-Type: text/javascript | clean |
http://www.pusatobat-priaperkasa.com/search/label/Alat%20Bantu%20Wanita | 200 OK Content-Length: 67518 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: pusatobat-priaperkasa.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 03 Apr 2014 22:33:04 GMT
Location: http://www.pusatobat-priaperkasa.com/
Server: ghs
Content-Length: 234
Content-Type: text/html; charset=UTF-8
Alternate-Protocol: 80:quic
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
...234 bytes of data.
GET / HTTP/1.1
Host: pusatobat-priaperkasa.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 03 Apr 2014 22:33:04 GMT
Location: http://www.pusatobat-priaperkasa.com/
Server: ghs
Content-Length: 234
Content-Type: text/html; charset=UTF-8
Alternate-Protocol: 80:quic
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
...234 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: pusatobat-priaperkasa.com
Referer: http://www.google.com/search?q=pusatobat-priaperkasa.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: pusatobat-priaperkasa.com
Referer: http://www.google.com/search?q=pusatobat-priaperkasa.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=pusatobat-priaperkasa.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://pusatobat-priaperkasa.com/
Result: pusatobat-priaperkasa.com is not infected or malware details are not published yet.
Result: pusatobat-priaperkasa.com is not infected or malware details are not published yet.