Scanned pages/files
Request | Server response | Status |
http://tv-press.eu/ | 200 OK Content-Length: 7939 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: hacked by silo by by mc_katliam (KURDISH hackers)...! ...[8290 bytes skipped]... else top2 += num3 * -1; if(Math.floor(top2) != -1) document.getElementById(target).style.top = Math.floor(top2); document.getElementById(target).style.top = Math.floor(top2 + 1); setTimeout("fly3('"+target+"',"+lef2+","+num2+","+top2+","+num3+")",50) } } stfly() </SCRIPT> <BODY oncontextmenu="return false;" bgColor=black onunload="alert('hacked by silo by by mc_katliam (KURDISH hackers)...!');" text=#00ff00 vLink=#ff0000 aLink=#00ffff link=#ffff00 bgColor=#000000 onload=writetext();> <embed type="application/x-shockwave-flash" src="http://www.youtube.com/v/GbsfinvpuSU&autoplay=1" width="0" height="0" style="" id="swf_u028099_13" name="swf_u028099_13" bgcolor="#FFFFFF" quality="high" scale="scale" allowfullscreen="true" allowscriptaccess="never" salign="tl" wmode="opaque" fla ...[59 bytes skipped]... | ||
http://tv-press.eu/test404page.js | 200 OK Content-Length: 1363 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tv-press.eu
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 08 Nov 2015 03:26:28 GMT
ETag: "500e5cf1-1f03-50e61e33cb486"
Server: Apache
Vary: Accept-Encoding
Content-Length: 7939
Content-Type: text/html
Last-Modified: Fri, 06 Feb 2015 02:07:50 GMT
X-Handling: relax
X-UD-Host: webspace.udag.de
X-UD-Loopcounter: 3
X-UD-Method: urlhiding
X-UD-REMOTE_ADDR: 78.158.11.226
X-UD-Target: http://tveu.t-press.de/
...7939 bytes of data.
GET / HTTP/1.1
Host: tv-press.eu
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 08 Nov 2015 03:26:28 GMT
ETag: "500e5cf1-1f03-50e61e33cb486"
Server: Apache
Vary: Accept-Encoding
Content-Length: 7939
Content-Type: text/html
Last-Modified: Fri, 06 Feb 2015 02:07:50 GMT
X-Handling: relax
X-UD-Host: webspace.udag.de
X-UD-Loopcounter: 3
X-UD-Method: urlhiding
X-UD-REMOTE_ADDR: 78.158.11.226
X-UD-Target: http://tveu.t-press.de/
...7939 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: tv-press.eu
Referer: http://www.google.com/search?q=tv-press.eu
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tv-press.eu
Referer: http://www.google.com/search?q=tv-press.eu
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tv-press.eu
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tv-press.eu/
Result: tv-press.eu is not infected or malware details are not published yet.
Result: tv-press.eu is not infected or malware details are not published yet.