Scanned pages/files
Request | Server response | Status |
http://txxsolar.com/ | 200 OK Content-Length: 5109 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: !--hacked by b3yaz-- <!--hacked by b3yaz-->
<!--hacked by White-Shadow--> <!--izinsiz kodlari alma serefsiz--> <script type="text/javascript"></center></div> <script type="text/javascript"></script> <style>/*Kod Dostu Cursor START*/ body, a:hover, h2, h1, table, td, div, p, img{cursor: url(http://cur.cursors-4u.net/cursors/cur-8/cur756.cur), ...[5867 bytes skipped]... | ||
http://www.codarena.net78.net/jquery-1.4.3.min.js | HTTP/1.1 302 Found Connection: close Date: Tue, 10 Feb 2015 07:38:07 GMT Location: http://error404.000webhost.com/? Server: Apache Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
http://error404.000webhost.com/? | 200 OK Content-Length: 17596 Content-Type: text/html | clean |
http://creative.xtendmedia.com/matomy/cf/ply/ply.js?pubid=50792397&mid=c51681034&wid=c51531274&popup=1&popunder=1&size=320x480&pop_times=2&pop_frequency=3600&mm_delay=0&mm_back_delay=300&numOfTimes=3&duration=1&period=24hour&close=1&openNewTab=true | 200 OK Content-Length: 2880 Content-Type: text/javascript | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 19495 Content-Type: text/javascript | clean |
http://www.codarena.net78.net/test404page.js | HTTP/1.1 302 Found Connection: close Date: Tue, 10 Feb 2015 07:38:08 GMT Location: http://error404.000webhost.com/? Server: Apache Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
http://error404.000webhost.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Tue, 10 Feb 2015 07:38:03 GMT Location: http://error404.000webhost.com/? Server: Apache Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.codarena.net78.net/jquery-1.3.4.min.js | HTTP/1.1 302 Found Connection: close Date: Tue, 10 Feb 2015 07:38:09 GMT Location: http://error404.000webhost.com/? Server: Apache Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: txxsolar.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 10 Feb 2015 07:42:29 GMT
Accept-Ranges: bytes
ETag: "f36013-13f5-4ffbf0bffea00"
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Content-Length: 5109
Content-Type: text/html
Last-Modified: Sun, 03 Aug 2014 19:58:32 GMT
...5109 bytes of data.
GET / HTTP/1.1
Host: txxsolar.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 10 Feb 2015 07:42:29 GMT
Accept-Ranges: bytes
ETag: "f36013-13f5-4ffbf0bffea00"
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Content-Length: 5109
Content-Type: text/html
Last-Modified: Sun, 03 Aug 2014 19:58:32 GMT
...5109 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: txxsolar.com
Referer: http://www.google.com/search?q=txxsolar.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: txxsolar.com
Referer: http://www.google.com/search?q=txxsolar.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=txxsolar.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://txxsolar.com/
Result: txxsolar.com is not infected or malware details are not published yet.
Result: txxsolar.com is not infected or malware details are not published yet.