Scanned pages/files
| Request | Server response | Status |
http://weirdsciencemarketing.com/ | 200 OK Content-Length: 10873 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 src: http://www.dievantile.com/2010/06/darkness-awakening <iframe width="0" height="0" scrolling="no" frameborder="no" src="http://www.dievantile.com/2010/06/darkness-awakening"> Deface/Content modification. The following signature was found: Hacked By Xyb3r D3vil ...[7310 bytes skipped]... ct,50); }; init.act.toString = function(){ return globalName+'.act()'; }; init.toString = function(){ while(global[globalName])globalName += globalName; global[globalName] = this; return globalName+'()'; }; for(var c = numberOfStars;c--;){ starHTML[1] = c; document.write(starHTML.join('')); } setTimeout(init, 200); })(); </script> <span class="style24"> <title>Hacked By Xyb3r D3vil</title> <meta http-equiv="Content-Type" content="text/html; charset=windows-1252"> <meta http-equiv="Content-Language" content="en-us"> <body bgcolor="black" lang="EN-US" style="tab-interval:36.0pt; text-align:center" text="red"> <p align="center" dir="ltr"><font size="7" color="Red" face="broadway">[!] Hacked By Xyb3r D3vil - PakXploiters</font></p> <center><img src='http://i.imgur.com/Z1XwQ3d.png'></center& ...[3784 bytes skipped]... | ||
http://weirdsciencemarketing.com//go.pub2srv.com/apu.php?zoneid=16780/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Fri, 13 Nov 2015 21:05:29 GMT Pragma: no-cache Location: http://weirdsciencemarketing.com/go.pub2srv.com/apu.php?zoneid=16780/ Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Pingback: http://weirdsciencemarketing.com/xmlrpc.php X-Powered-By: PHP/5.4.44 | clean |
http://weirdsciencemarketing.com/go.pub2srv.com/apu.php?zoneid=16780/ | 404 Not Found Content-Length: 19781 Content-Type: text/html | clean |
http://weirdsciencemarketing.com/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 95807 Content-Type: application/javascript | clean |
http://weirdsciencemarketing.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://weirdsciencemarketing.com/wp-includes/js/jquery/jquery.color.min.js?ver=2.1.1 | 200 OK Content-Length: 9295 Content-Type: application/javascript | clean |
http://weirdsciencemarketing.com/wp-includes/js/jquery/ui/jquery.ui.widget.min.js?ver=1.10.4 | 200 OK Content-Length: 6521 Content-Type: application/javascript | clean |
http://weirdsciencemarketing.com/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.10.4 | 200 OK Content-Length: 4289 Content-Type: application/javascript | clean |
http://weirdsciencemarketing.com/wp-includes/js/jquery/ui/jquery.ui.mouse.min.js?ver=1.10.4 | 200 OK Content-Length: 2841 Content-Type: application/javascript | clean |
http://weirdsciencemarketing.com/wp-includes/js/jquery/ui/jquery.ui.slider.min.js?ver=1.10.4 | 200 OK Content-Length: 10244 Content-Type: application/javascript | clean |
http://weirdsciencemarketing.com/wp-includes/js/jquery/ui/jquery.ui.accordion.min.js?ver=1.10.4 | 200 OK Content-Length: 8366 Content-Type: application/javascript | clean |
http://weirdsciencemarketing.com/wp-includes/js/jquery/ui/jquery.ui.sortable.min.js?ver=1.10.4 | 200 OK Content-Length: 24110 Content-Type: application/javascript | clean |
http://weirdsciencemarketing.com/wp-includes/js/jquery/ui/jquery.ui.draggable.min.js?ver=1.10.4 | 200 OK Content-Length: 18559 Content-Type: application/javascript | clean |
http://weirdsciencemarketing.com/wp-includes/js/jquery/ui/jquery.ui.datepicker.min.js?ver=1.10.4 | 200 OK Content-Length: 35806 Content-Type: application/javascript | clean |
http://weirdsciencemarketing.com/wp-content/plugins/profit_builder/js/jquery.prettyphoto.js?ver=3.1.5 | 200 OK Content-Length: 22060 Content-Type: application/javascript | clean |
http://weirdsciencemarketing.com/wp-content/plugins/profit_builder/js/idangerous.swiper.js?ver=2.5 | 200 OK Content-Length: 103540 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: weirdsciencemarketing.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 13 Nov 2015 21:05:28 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 10873
Content-Type: text/html
Last-Modified: Wed, 02 Sep 2015 17:59:01 GMT
...10873 bytes of data.
GET / HTTP/1.1
Host: weirdsciencemarketing.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 13 Nov 2015 21:05:28 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 10873
Content-Type: text/html
Last-Modified: Wed, 02 Sep 2015 17:59:01 GMT
...10873 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: weirdsciencemarketing.com
Referer: http://www.google.com/search?q=weirdsciencemarketing.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: weirdsciencemarketing.com
Referer: http://www.google.com/search?q=weirdsciencemarketing.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=weirdsciencemarketing.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://weirdsciencemarketing.com/
Result: weirdsciencemarketing.com is not infected or malware details are not published yet.
Result: weirdsciencemarketing.com is not infected or malware details are not published yet.