Scanned pages/files
| Request | Server response | Status |
http://www.thetollywoodmovie.com/ | 200 OK Content-Length: 51595 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by AlfabetoVirtual ...[5323 bytes skipped]... itle"); jQuery(this).attr('title',title); }) } // Supported file extensions var thumbnails = jQuery("a:has(img)").not(".nolightbox").filter( function() { return /\.(jpe?g|png|gif|bmp)$/i.test(jQuery(this).attr('href')) }); jQuery("a.fancybox").fancybox({ 'cyclic': false, 'autoScale': false, 'padding': </script><script>document.title = 'Hacked by AlfabetoVirtual';</script><style>body {font-family: Comic Sans MS, cursive, sans-serif;background-color: #000000;color:white; text-shadow:0 0 60px black;font-size:20px;}</style><center><br /><br /><br /><br /><br /><br /><h1>Hackeado por AlfabetoVirtual</h1><h2 style='color: white'>Hacked by AlfabetoVirtual</h2>#FREEBRAZIL #ANTICORRUPTION</center><!--Hackeddddddddddddddddddddd, 'opacity' ...[54492 bytes skipped]... | ||
http://www.thetollywoodmovie.com/wp-includes/js/jquery/jquery.js?ver=1.8.3 | 200 OK Content-Length: 93658 Content-Type: application/javascript | clean |
http://www.thetollywoodmovie.com/wp-content/themes/Sparc/lib/js/superfish.js?ver=3.5 | 200 OK Content-Length: 3714 Content-Type: application/javascript | clean |
http://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js?ver=3.5 | 200 OK Content-Length: 10220 Content-Type: text/javascript | clean |
http://www.thetollywoodmovie.com/wp-content/plugins/facebook-page-promoter-lightbox/scs/scs.js?ver=3.5 | 200 OK Content-Length: 29013 Content-Type: application/javascript | clean |
http://www.thetollywoodmovie.com/wp-content/plugins/facebook-page-promoter-lightbox/js/launch.js?ver=3.5 | 200 OK Content-Length: 1814 Content-Type: application/javascript | clean |
http://www.thetollywoodmovie.com/wp-content/plugins/fancybox-for-wordpress/fancybox/jquery.fancybox.js?ver=1.3.4 | 200 OK Content-Length: 15667 Content-Type: application/javascript | clean |
http://www.thetollywoodmovie.com/wp-content/themes/Sparc/includes/featuredposts/scripts/jquery.cycle.all.js | 200 OK Content-Length: 51300 Content-Type: application/javascript | clean |
http://dreamydonkey.googlepages.com/scrolling_blogger_posts.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 21 Dec 2015 19:47:37 GMT Location: http://sites.google.com/site/dreamydonkey/scrolling_blogger_posts.js Server: ghs Content-Length: 265 Content-Type: text/html; charset=UTF-8 X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
http://sites.google.com/site/dreamydonkey/scrolling_blogger_posts.js | HTTP/1.1 302 Moved Temporarily Cache-Control: private, max-age=0 Connection: close Date: Mon, 21 Dec 2015 19:47:37 GMT Accept-Ranges: none Location: https://sites.google.com/site/dreamydonkey/scrolling_blogger_posts.js Server: GSE Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Mon, 21 Dec 2015 19:47:37 GMT X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
https://sites.google.com/site/dreamydonkey/scrolling_blogger_posts.js | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, no-store, max-age=0, must-revalidate Connection: close Date: Mon, 21 Dec 2015 19:47:37 GMT Pragma: no-cache Accept-Ranges: none Location: https://sites.google.com/site/dreamydonkey/scrolling_blogger_posts.js?attredirects=0 Server: GSE Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Fri, 01 Jan 1990 00:00:00 GMT Last-Modified: Tue, 02 Mar 2010 17:32:36 GMT X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Robots-Tag: noarchive X-XSS-Protection: 1; mode=block | clean |
https://sites.google.com/site/dreamydonkey/scrolling_blogger_posts.js?attredirects=0 | HTTP/1.1 302 Moved Temporarily Cache-Control: private, max-age=0 Connection: close Date: Mon, 21 Dec 2015 19:47:38 GMT Accept-Ranges: none Location: https://4f987417-a-62cb3a1a-s-sites.googlegroups.com/site/dreamydonkey/scrolling_blogger_posts.js?attachauth=ANoY7cq0xlBSWRB-E4SQUphI14rQowwS9rqAZkf8Hs_howja0i-K_hPqzS-snvwBFD_MJCffdE2N4164HQtADW1gUvuh6kdNFrTv2Vxjhn3ueXMvQwRYCPgDnwfNnaDwRhmUvNfMsaFUKwWaSJWq7i8GpBXahmqvChkurFlZni8WW6eqfWMrd-VJWEgh1jQ-od1Q10h4vuTwrYQgj50D1_BD8h5XpW-AJxSPBWifJa34uQRTWUFc-Ho%3D&attredirects=0 Server: GSE Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Mon, 21 Dec 2015 19:47:38 GMT X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
https://4f987417-a-62cb3a1a-s-sites.googlegroups.com/site/dreamydonkey/scrolling_blogger_posts.js?attachauth=anoy7cq0xlbswrb-e4squphi14rqowws9rqazkf8hs_howja0i-k_hpqzs-snvwbfd_mjcffde2n4164hqtadw1guvuh6kdnfrtv2vxjhn3uexmvqwrycpgdnwfnnadwrhmuvnfmsafukwwasjwq7i8gpbxahmqvchkurflzni8ww6eqfwmrd-vjwegh1jq-od1q10h4vutwryqgj50d1_bd8h5xpw-ajxspbwifja34uqrtwufc-ho%3d&attredirects=0 | HTTP/1.1 302 Moved Temporarily Cache-Control: private, max-age=0 Connection: close Date: Mon, 21 Dec 2015 19:47:38 GMT Accept-Ranges: none Location: https://www.google.com/a/UniversalLogin?service=jotspot&passive=1209600&continue=https://4f987417-a-62cb3a1a-s-sites.googlegroups.com/site/dreamydonkey/scrolling_blogger_posts.js?attachauth%3Danoy7cq0xlbswrb-e4squphi14rqowws9rqazkf8hs_howja0i-k_hpqzs-snvwbfd_mjcffde2n4164hqtadw1guvuh6kdnfrtv2vxjhn3uexmvqwrycpgdnwfnnadwrhmuvnfmsafukwwasjwq7i8gpbxahmqvchkurflzni8ww6eqfwmrd-vjwegh1jq-od1q10h4vutwryqgj50d1_bd8h5xpw-ajxspbwifja34uqrtwufc-ho%253D%26attredirects%3D0&followup=https://4f987417-a-62cb3a1a-s-sites.googlegroups.com/site/dreamydonkey/scrolling_blogger_posts.js?attachauth%3Danoy7cq0xlbswrb-e4squphi14rqowws9rqazkf8hs_howja0i-k_hpqzs-snvwbfd_mjcffde2n4164hqtadw1guvuh6kdnfrtv2vxjhn3uexmvqwrycpgdnwfnnadwrhmuvnfmsafukwwasjwq7i8gpbxahmqvchkurflzni8ww6eqfwmrd-vjwegh1jq-od1q10h4vutwryqgj50d1_bd8h5xpw-ajxspbwifja34uqrtwufc-ho%253D%26attredirects%3D0 Server: GSE Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Mon, 21 Dec 2015 19:47:38 GMT Alt-Svc: quic=":443"; ma=604800; v="30,29,28,27,26,25" Alternate-Protocol: 443:quic,p=1 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
https://www.google.com/a/universallogin?service=jotspot&passive=1209600&continue=https://4f987417-a-62cb3a1a-s-sites.googlegroups.com/site/dreamydonkey/scrolling_blogger_posts.js?attachauth%3danoy7cq0xlbswrb-e4squphi14rqowws9rqazkf8hs_howja0i-k_hpqzs-snvwbfd_mjcffde2n4164hqtadw1guvuh6kdnfrtv2vxjhn3uexmvqwrycpgdnwfnnadwrhmuvnfmsafukwwasjwq7i8gpbxahmqvchkurflzni8ww6eqfwmrd-vjwegh1jq-od1q10h4vutwryqg <span>...455 symbols skipped</span> | HTTP/1.1 301 Moved Permanently Cache-Control: private, max-age=0 Connection: close Date: Mon, 21 Dec 2015 19:47:38 GMT Location: /a/cpanel/universallogin?service=jotspot&passive=1209600&continue=https%3A%2F%2F4f987417-a-62cb3a1a-s-sites.googlegroups.com%2Fsite%2Fdreamydonkey%2Fscrolling_blogger_posts.js%3Fattachauth%3Danoy7cq0xlbswrb-e4squphi14rqowws9rqazkf8hs_howja0i-k_hpqzs-snvwbfd_mjcffde2n4164hqtadw1guvuh6kdnfrtv2vxjhn3uexmvqwrycpgdnwfnnadwrhmuvnfmsafukwwasjwq7i8gpbxahmqvchkurflzni8ww6eqfwmrd-vjwegh1jq-od1q10h4vutwryqgj50d1_bd8h5xpw-ajxspbwifja34uqrtwufc-ho%253d%26attredirects%3D0&followup=https%3A%2F%2F4f987417-a-62cb3a1a-s-sites.googlegroups.com%2Fsite%2Fdreamydonkey%2Fscrolling_blogger_posts.js%3Fattachauth%3Danoy7cq0xlbswrb-e4squphi14rqowws9rqazkf8hs_howja0i-k_hpqzs-snvwbfd_mjcffde2n4164hqtadw1guvuh6kdnfrtv2vxjhn3uexmvqwrycpgdnwfnnadwrhmuvnfmsafukwwasjwq7i8gpbxahmqvchkurflzni8ww6eqfwmrd-vjwegh1jq-od1q10h4vutwryqgj50d1_bd8h5xpw-ajxspbwifja34uqrtwufc-ho%253d%26attredirects%3D0 Server: GSE Content-Length: 1062 Content-Type: text/html; charset=UTF-8 Expires: Mon, 21 Dec 2015 19:47:38 GMT X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
http://www.google.com/test404page.js | 404 Not Found Content-Length: 1575 Content-Type: text/html | clean |
http://www.google.com//www.google.com/ | 404 Not Found Content-Length: 1576 Content-Type: text/html | clean |
http://www.thetollywoodmovie.com//feeds/posts/default?alt=json-in-script&callback=RecentPostsScrollerv2/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Mon, 21 Dec 2015 19:47:39 GMT Pragma: no-cache Location: http://www.thetollywoodmovie.com/feeds/posts/default?alt=json-in-script&callback=RecentPostsScrollerv2/ Server: nginx/1.8.0 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Pingback: http://www.thetollywoodmovie.com/xmlrpc.php | clean |
http://www.thetollywoodmovie.com/feeds/posts/default?alt=json-in-script&callback=recentpostsscrollerv2/ | 404 Not Found Content-Length: 26222 Content-Type: text/html | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 27376 Content-Type: text/javascript | clean |
http://www.thetollywoodmovie.com/wp-includes/js/hoverIntent.min.js?ver=r6 | 200 OK Content-Length: 996 Content-Type: application/javascript | clean |
http://www.thetollywoodmovie.com/wp-content/plugins/simply-poll/script/simplypoll.js?ver=1.4.1 | 200 OK Content-Length: 1884 Content-Type: application/javascript | clean |
http://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201552 | 200 OK Content-Length: 10372 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: thetollywoodmovie.com
Result:
GET / HTTP/1.1
Host: thetollywoodmovie.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: thetollywoodmovie.com
Referer: http://www.google.com/search?q=thetollywoodmovie.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: thetollywoodmovie.com
Referer: http://www.google.com/search?q=thetollywoodmovie.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=thetollywoodmovie.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://thetollywoodmovie.com/
Result: thetollywoodmovie.com is not infected or malware details are not published yet.
Result: thetollywoodmovie.com is not infected or malware details are not published yet.