Scanned pages/files
Request | Server response | Status |
http://skesuperkarts.com/ | 200 OK Content-Length: 156107 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by Kosova Warriors Group ...[986 bytes skipped]... k rel="File-List" href="Copy%20of%20test_files/filelist.xml"> <link rel="Edit-Time-Data" href="Copy%20of%20test_files/editdata.mso"> <!--[if !mso]> <style> v\:* {behavior:url(#default#VML);} o\:* {behavior:url(#default#VML);} w\:* {behavior:url(#default#VML);} .shape {behavior:url(#default#VML);} </style> <![endif]--> <title>Hacked by Kosova Warriors Group </title> <!--[if gte mso 9]><xml> <o:DocumentProperties> <o:Author>Flori</o:Author> <o:Template>Normal</o:Template> <o:LastAuthor>Flori</o:LastAuthor> <o:Revision>4</o:Revision> <o:TotalTime>24</o:TotalTime> <o:Created>2015-01-18T14:02:00Z</o:Created> <o:LastSaved>2015-01-18T15:08:00Z</o:LastSaved> ...[197793 bytes skipped]... | ||
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en.usV2oYlSD1g.O/m=iframes_styles_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPTyc-2fHEZ3Xn5nCaraI0DCTykCw/t=zcms/cb=gapi.loaded_1 | 200 OK Content-Length: 50159 Content-Type: text/javascript | clean |
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en.usV2oYlSD1g.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPTyc-2fHEZ3Xn5nCaraI0DCTykCw/t=zcms/cb=gapi.loaded_0 | 200 OK Content-Length: 113512 Content-Type: text/javascript | clean |
https://apis.google.com/js/plusone.js | 200 OK Content-Length: 12850 Content-Type: application/javascript | clean |
http://skesuperkarts.com/test404page.js | 404 Not Found Content-Length: 12839 Content-Type: text/html | clean |
http://code.jquery.com/jquery-1.9.1.js | 200 OK Content-Length: 268381 Content-Type: application/x-javascript | clean |
http://suspended.hostgator.com/js/simple-expand.min.js | 200 OK Content-Length: 2782 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: skesuperkarts.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 22 Feb 2015 06:41:12 GMT
Server: nginx/1.6.2
Content-Type: text/html
GET / HTTP/1.1
Host: skesuperkarts.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 22 Feb 2015 06:41:12 GMT
Server: nginx/1.6.2
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: skesuperkarts.com
Referer: http://www.google.com/search?q=skesuperkarts.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: skesuperkarts.com
Referer: http://www.google.com/search?q=skesuperkarts.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=skesuperkarts.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://skesuperkarts.com/
Result: skesuperkarts.com is not infected or malware details are not published yet.
Result: skesuperkarts.com is not infected or malware details are not published yet.