Scanned pages/files
| Request | Server response | Status |
http://reallywildzannimals.com/ | 200 OK Content-Length: 4680 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Your Security Has Been Hacked by dEnny ...[537 bytes skipped]... /><script src="http://masterendi.googlecode.com/files/salju.js"></script> <body background="http://i1050.photobucket.com/albums/s414/BL4CK_3YE116/kilat1-1_zps2ae6671b.gif" <script language="javascript" src="http://www.netdisaster.com/js/mynd.js"></script <head> <meta http-equiv="Content-Type" content="text/HTML; charset=utf-8" /> <meta content='Your Security Has Been Hacked by dEnny ' name='description'/> <meta content='Hijacked By dEnny_Attacker , dEnny , Hacked By dEnny_Attacker' name='keywords'/> <meta content='Hijacked By dEnny_Attacker !' name='Abstract'/> <meta name="Hacked By" content="dEnny_Attacker" /> <link rel="SHORTCUT ICON" href="http://dc707.4shared.com/img/suwPk2zDce/s3/144cf3a7270/INCEF_copy.jpg"> <script> function tb8_makeArray(n){ this.length = n ...[4067 bytes skipped]... | ||
http://masterendi.googlecode.com/files/salju.js | 404 Not Found Content-Length: 1439 Content-Type: text/html | clean |
http://masterendi.googlecode.com//www.google.com/ | 404 Not Found Content-Length: 1425 Content-Type: text/html | clean |
http://masterendi.googlecode.com/test404page.js | 404 Not Found Content-Length: 1439 Content-Type: text/html | clean |
http://reallywildzannimals.com//www.google.com/ | 404 Article not found Content-Length: 1400 Content-Type: text/html | clean |
http://reallywildzannimals.com/index.php | 200 OK Content-Length: 4680 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: reallywildzannimals.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Thu, 25 Jun 2015 15:44:01 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 65d4a833fbb1f74108528c325203f5a5=599kqkvh19mtj4a3gu1nv3ssg0; path=/
GET / HTTP/1.1
Host: reallywildzannimals.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Thu, 25 Jun 2015 15:44:01 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 65d4a833fbb1f74108528c325203f5a5=599kqkvh19mtj4a3gu1nv3ssg0; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: reallywildzannimals.com
Referer: http://www.google.com/search?q=reallywildzannimals.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: reallywildzannimals.com
Referer: http://www.google.com/search?q=reallywildzannimals.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=reallywildzannimals.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://reallywildzannimals.com/
Result: reallywildzannimals.com is not infected or malware details are not published yet.
Result: reallywildzannimals.com is not infected or malware details are not published yet.