Scanned pages/files
| Request | Server response | Status |
http://tswmagazine.com/ | 200 OK Content-Length: 10947 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By No Name Cyber Team <html>
<head> <title>Hacked By No Name Cyber Team</title> <LINK rel="SHORTCUT ICON" href="http://llwproductions.files.wordpress.com/2012/02/anonymous.png"> <meta http-equiv="Content-Language" content="en-us"> <meta http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta name="keywords" content=" Hacked by No Name Cyber Team , NNC Team ,"/> <meta name="keywords" content=" Hacked By NNC-Team , Owned ...[12398 bytes skipped]... | ||
http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js?ver=1.3.2 | 200 OK Content-Length: 57254 Content-Type: text/javascript | clean |
http://id1337.5gbfree.com/js/snow1.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://id1337.5gbfree.com/test404page.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://id1337.5gbfree.com/js/snow2.js | 200 OK Content-Length: 3312 Content-Type: application/javascript | clean |
http://id1337.5gbfree.com/js/snow_3.js | 200 OK Content-Length: 3165 Content-Type: application/javascript | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js | 200 OK Content-Length: 72174 Content-Type: text/javascript | clean |
http://jqueryrotate.googlecode.com/svn/trunk/jQueryRotate.js | 200 OK Content-Length: 13892 Content-Type: text/plain | clean |
http://www.p0wersurge.com/js/jquery-css-transform.js | 200 OK Content-Length: 4109 Content-Type: text/javascript | clean |
http://www.p0wersurge.com/js/rotate3Di.js | 200 OK Content-Length: 5389 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tswmagazine.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 12 Jun 2014 19:36:05 GMT
Accept-Ranges: bytes
ETag: "13181ed-2ac3-4f6ae48163540"
Server: nginx admin
Vary: Accept-Encoding
Content-Length: 10947
Content-Type: text/html
Last-Modified: Thu, 10 Apr 2014 11:11:41 GMT
X-Cache: HIT from Backend
...10947 bytes of data.
GET / HTTP/1.1
Host: tswmagazine.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 12 Jun 2014 19:36:05 GMT
Accept-Ranges: bytes
ETag: "13181ed-2ac3-4f6ae48163540"
Server: nginx admin
Vary: Accept-Encoding
Content-Length: 10947
Content-Type: text/html
Last-Modified: Thu, 10 Apr 2014 11:11:41 GMT
X-Cache: HIT from Backend
...10947 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: tswmagazine.com
Referer: http://www.google.com/search?q=tswmagazine.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tswmagazine.com
Referer: http://www.google.com/search?q=tswmagazine.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tswmagazine.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tswmagazine.com/
Result: tswmagazine.com is not infected or malware details are not published yet.
Result: tswmagazine.com is not infected or malware details are not published yet.