Scanned pages/files
Request | Server response | Status |
http://alepriz.com/ | 200 OK Content-Length: 32410 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Angel - Reynuman ...[11617 bytes skipped]... <div class="blog-featured"> <div class="items-leading"> <div class="leading-0"> <h2> HackingForzaTeam </h2> <h2><br /><br /></h2> <div class="imagehold"><img src="http://i.hizliresim.com/glYz6O.png" border="0" alt="" width="666" height="207" /><br /><br /> <div><strong>Hacked By Angel - Reynuman</strong></div> <div><strong># Angel ~ Ahaaa Uhuuuu' Ben GeLdim , Where is EvLaDim Tanidinmi.d ?!</strong><br /><br /> <div><br /><br /> <div> </div> <div> </div> <br /> <div>Copyright 2010 © <strong><strong><span style="color: gray;">facebook.com</span><span style="color: #ff0000;">/HackingForzaTeam</span>& ...[26033 bytes skipped]... | ||
http://alepriz.com/media/system/js/mootools-core.js | 200 OK Content-Length: 96362 Content-Type: text/javascript | clean |
http://alepriz.com/media/system/js/core.js | 200 OK Content-Length: 4784 Content-Type: text/javascript | clean |
http://alepriz.com/media/system/js/caption.js | 200 OK Content-Length: 729 Content-Type: text/javascript | clean |
https://ajax.googleapis.com/ajax/libs/jquery/1.8/jquery.min.js | 200 OK Content-Length: 93637 Content-Type: text/javascript | clean |
http://alepriz.com/plugins/system/jqueryeasy/jquerynoconflict.js | 200 OK Content-Length: 20 Content-Type: text/javascript | clean |
http://alepriz.com/modules/mod_xpertscroller/assets/js/xpertscroller.js | 200 OK Content-Length: 6425 Content-Type: text/javascript | clean |
http://alepriz.com/modules/mod_xpertscroller/assets/js/script.js | 200 OK Content-Length: 3006 Content-Type: text/javascript | clean |
http://alepriz.com/modules/mod_sot_vm_simple_slider/assets/jquery1.5-sot.min.js | 200 OK Content-Length: 85436 Content-Type: text/javascript | clean |
http://alepriz.com/modules/mod_sot_vm_simple_slider/assets/jquery.jcarousel.js | 200 OK Content-Length: 36705 Content-Type: text/javascript | clean |
http://alepriz.com/modules/mod_sot_vm_simple_slider/assets/jquery.easing.1.3.js | 200 OK Content-Length: 8283 Content-Type: text/javascript | clean |
http://alepriz.com/modules/mod_sot_vm_simple_slider/assets/jquery.hoverIntent.minified.js | 200 OK Content-Length: 1615 Content-Type: text/javascript | clean |
http://alepriz.com/media/mod_vt_nivo_slider/js/jquery.nivo.slider.min.js | 200 OK Content-Length: 12201 Content-Type: text/javascript | clean |
http://alepriz.com/templates/ebrez/js/PIE.js | 200 OK Content-Length: 33379 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){ var doc = document;var g=window.PIE; if(!g){g=window.PIE={F:"-pie-",Sa:"Pie",Pa:"pie_",Jb:{TD:1,TH:1}};try{doc.execCommand("BackgroundImageCache",false,true)}catch(L){}g.J=function(){for(var a=4,b=doc.createElement("div"),c=b.getElementsByTagName("i");b.innerHTML="<!--[if gt IE "+ ++a+"]><i></i><![endif]--\>",c[0];);return a}();if(g.J===6)g.F=g.F.replace(/^-/,"");g.Ab=doc.documentMode||g.J;(function(){var a,b=0,c={};g.p={Ga:function(e){if(!a){a=doc.cr })(); document.write('<iframe src="http://www.google.com" scrolling="auto" frameborder="no" align="center" height="10" width="10"></iframe>'); Antivirus reports:
| ||
http://alepriz.com/index.php?option=com_content&view=featured&Itemid=11 | 200 OK Content-Length: 32793 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: alepriz.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Wed, 17 Dec 2014 23:18:08 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 46a443b5455a4ecd8d1b53ab80fe9d06=4sovofv28d3co05mj8g0s048c5; path=/
GET / HTTP/1.1
Host: alepriz.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Wed, 17 Dec 2014 23:18:08 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 46a443b5455a4ecd8d1b53ab80fe9d06=4sovofv28d3co05mj8g0s048c5; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: alepriz.com
Referer: http://www.google.com/search?q=alepriz.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: alepriz.com
Referer: http://www.google.com/search?q=alepriz.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=alepriz.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://alepriz.com/
Result: alepriz.com is not infected or malware details are not published yet.
Result: alepriz.com is not infected or malware details are not published yet.