Scanned pages/files
Request | Server response | Status |
http://afrikarise.com/ | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=1209600 Connection: close Date: Wed, 11 Mar 2015 19:56:09 GMT Location: http://www.afrikarise.de/ Server: Apache/2.2.29 (Unix) Content-Length: 233 Content-Type: text/html; charset=iso-8859-1 Expires: Wed, 25 Mar 2015 19:56:09 GMT | clean |
http://www.afrikarise.de/ | 200 OK Content-Length: 92972 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by Islamic State ...[6165 bytes skipped]... title"); jQuery(this).attr('title',title); }) } // Supported file extensions var thumbnails = jQuery("a:has(img)").not(".nolightbox").filter( function() { return /\.(jpe?g|png|gif|bmp)$/i.test(jQuery(this).attr('href')) }); jQuery("a.fancybox").fancybox({ 'cyclic': false, 'autoScale': false, 'padding': </script><script>document.title = "Hacked by Islamic State";</script><html><head><style>body{background-color: black; color: transparent}</style></head><body><center><h1 style="color: red">Hacked by Islamic State</h1><img src="data:image/jpeg;base64,iVBORw0KGgoAAAANSUhEUgAAAkQAAAFFCAYAAAANVPJiAAAgAElEQVR4nOydeZwUxfn/Pz3Xzt677L3LwsJy34dBUBQRPAAVETFi1GC8Qcnvi+IRLxJjNPEiEr/eRmJExUSTeEWjSFQSEL4qKpfLci2wCCyw9+5c9fuD1KSmpqqnZ3ZhZp3n/XrVq2f6qHqqu7rq009VVxsAGAiCIAiCIJIYW7wN ...[92038 bytes skipped]... | ||
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js | 200 OK Content-Length: 72174 Content-Type: text/javascript | clean |
http://www.afrikarise.de/wp-content/themes/afrikarise/js/jquery.nivo.slider.pack.js | 200 OK Content-Length: 11561 Content-Type: application/javascript | clean |
http://www.afrikarise.de/wp-content/themes/afrikarise/js/superfish.js | 200 OK Content-Length: 3836 Content-Type: application/javascript | clean |
http://www.afrikarise.de/wp-content/themes/afrikarise/js/hoverIntent.minified.js | 200 OK Content-Length: 1609 Content-Type: application/javascript | clean |
http://www.afrikarise.de/wp-content/themes/afrikarise/js/paypal.min.js | 200 OK Content-Length: 13508 Content-Type: application/javascript | clean |
http://www.afrikarise.de/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 96402 Content-Type: application/javascript | clean |
http://www.afrikarise.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://www.afrikarise.de/wp-content/plugins/fancybox-for-wordpress/fancybox/jquery.fancybox.js?ver=1.3.4 | 200 OK Content-Length: 15667 Content-Type: application/javascript | clean |
http://www.afrikarise.de/wp-content/plugins/cforms/js/cforms.js | 200 OK Content-Length: 17771 Content-Type: application/javascript | clean |
http://www.afrikarise.de/wp-content/plugins/sitepress-multilingual-cms/res/js/sitepress.js | 200 OK Content-Length: 994 Content-Type: application/javascript | clean |
http://www.graphicmail.de/new/js/TopUp/TopUpJS/top_up-min.js | 200 OK Content-Length: 78067 Content-Type: application/x-javascript | clean |
http://www.afrikarise.de/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.10.4 | 200 OK Content-Length: 4289 Content-Type: application/javascript | clean |
http://www.afrikarise.de/wp-includes/js/jquery/ui/jquery.ui.datepicker.min.js?ver=1.10.4 | 200 OK Content-Length: 35806 Content-Type: application/javascript | clean |
http://afrikarise.com/news | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=1209600 Connection: close Date: Wed, 11 Mar 2015 19:56:14 GMT Location: http://www.afrikarise.de/news Server: Apache/2.2.29 (Unix) Content-Length: 237 Content-Type: text/html; charset=iso-8859-1 Expires: Wed, 25 Mar 2015 19:56:14 GMT | clean |
http://www.afrikarise.de/news | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 11 Mar 2015 19:56:14 GMT Location: http://www.afrikarise.de/news/ Server: Apache/2.2.29 (Unix) Content-Length: 0 Content-Type: text/html; charset=UTF-8 Set-Cookie: _icl_current_language=de; expires=Thu, 12-Mar-2015 19:56:15 GMT; path=/ X-Pingback: http://www.afrikarise.de/xmlrpc.php X-Powered-By: PHP/5.3.29 | clean |
http://www.afrikarise.de/news/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 11 Mar 2015 19:56:15 GMT Location: /ar-news/category/ar-news/ Server: Apache/2.2.29 (Unix) Content-Type: text/html; charset=UTF-8 Link: <http://www.afrikarise.de/?p=636>; rel=shortlink Set-Cookie: _icl_current_language=de; expires=Thu, 12-Mar-2015 19:56:15 GMT; path=/ Set-Cookie: PHPSESSID=aq8v4smhf0ih1mh5kll06ubu45; path=/ X-Pingback: http://www.afrikarise.de/xmlrpc.php X-Powered-By: PHP/5.3.29 | clean |
http://www.afrikarise.de/ar-news/category/ar-news/ | 200 OK Content-Length: 93093 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: afrikarise.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=1209600
Connection: close
Date: Wed, 11 Mar 2015 19:56:09 GMT
Location: http://www.afrikarise.de/
Server: Apache/2.2.29 (Unix)
Content-Length: 233
Content-Type: text/html; charset=iso-8859-1
Expires: Wed, 25 Mar 2015 19:56:09 GMT
...233 bytes of data.
GET / HTTP/1.1
Host: afrikarise.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=1209600
Connection: close
Date: Wed, 11 Mar 2015 19:56:09 GMT
Location: http://www.afrikarise.de/
Server: Apache/2.2.29 (Unix)
Content-Length: 233
Content-Type: text/html; charset=iso-8859-1
Expires: Wed, 25 Mar 2015 19:56:09 GMT
...233 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: afrikarise.com
Referer: http://www.google.com/search?q=afrikarise.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: afrikarise.com
Referer: http://www.google.com/search?q=afrikarise.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=afrikarise.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://afrikarise.com/
Result: afrikarise.com is not infected or malware details are not published yet.
Result: afrikarise.com is not infected or malware details are not published yet.