Scanned pages/files
| Request | Server response | Status |
http://arpia.ro/ | 200 OK Content-Length: 34754 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED BY SyR!4N M43STR0 ...[26642 bytes skipped]... .value = '';}" onblur="if (this.value == '') {this.value = 'Search...';}" /> <input type="submit" id="search-but" name="search-but" value=""/> </form></div> <div class="sidebar-widget widget_recent_entries"> <div class="sidebar-header"><h4>STIRI / NOUTATI</h4></div> <ul> <li><a href="http://arpia.ro/hacked-by-syr4n-m43str0/" title="HACKED BY SyR!4N M43STR0">HACKED BY SyR!4N M43STR0</a></li> <li><a href="http://arpia.ro/raport-de-activitate-2011-2014/" title="Mesajul Presedintelui ARPIA cu prilejul sarbatoririi Zilei Aviatiei Romane 2014">Mesajul Presedintelui ARPIA cu prilejul sarbatoririi Zilei Aviatiei Romane 2014</a></li> <li><a href="http://arpia.ro/statut-arpia/" title="STATUT ARPIA">STATUT ARPIA</a></li> <li><a href="htt ...[12138 bytes skipped]... | ||
http://arpia.ro/wp-content/themes/thedawn/lib/scripts/jquery-1.4.3.min.js | 200 OK Content-Length: 77746 Content-Type: application/javascript | clean |
http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js | 200 OK Content-Length: 200719 Content-Type: text/javascript | clean |
http://arpia.ro/wp-content/themes/thedawn/lib/scripts/jquery.nivo.slider.pack.js | 200 OK Content-Length: 9278 Content-Type: application/javascript | clean |
http://arpia.ro/wp-content/themes/thedawn/lib/scripts/jquery.hoverIntent.minified.js | 200 OK Content-Length: 1609 Content-Type: application/javascript | clean |
http://arpia.ro/wp-content/themes/thedawn/lib/scripts/jquery.prettyPhoto.js | 200 OK Content-Length: 21240 Content-Type: application/javascript | clean |
http://arpia.ro/wp-content/themes/thedawn/lib/scripts/cufon/cufon-yui.js | 200 OK Content-Length: 18259 Content-Type: application/javascript | clean |
http://arpia.ro/wp-content/themes/thedawn/lib/scripts/cufon/Titillium_600.font.js | 200 OK Content-Length: 72026 Content-Type: application/javascript | clean |
http://arpia.ro/wp-content/themes/thedawn/lib/scripts/jfunctions.js | 200 OK Content-Length: 22115 Content-Type: application/javascript | clean |
http://arpia.ro/wp-content/themes/thedawn/lib/scripts/flowplayer/flowplayer-3.2.4.min.js | 200 OK Content-Length: 15723 Content-Type: application/javascript | clean |
http://arpia.ro/wp-includes/js/swfobject.js?ver=2.2 | 200 OK Content-Length: 10220 Content-Type: application/javascript | clean |
http://arpia.ro/wp-includes/js/jquery/jquery.js?ver=1.7.1 | 200 OK Content-Length: 93889 Content-Type: application/javascript | clean |
http://arpia.ro/wp-content/plugins/counterize/counterize.js.php?ver=3.3.1 | 200 OK Content-Length: 11282 Content-Type: text/javascript | clean |
http://arpia.ro/wp-content/themes/thedawn/lib/scripts/jfooterfunctions.js | 200 OK Content-Length: 1508 Content-Type: application/javascript | clean |
http://arpia.ro/wp-content/plugins/simple-contact-form-revisited-plugin/assets/js/jquery.tools.min.js?ver=1.2.5 | 200 OK Content-Length: 18950 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: arpia.ro
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 11 Mar 2015 14:52:11 GMT
Pragma: no-cache
Server: nginx admin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=8cb0badd8c07eeb7450bacdacf67e938; path=/
X-Cache: HIT from Backend
X-Pingback: http://arpia.ro/xmlrpc.php
X-Powered-By: PHP/5.4.38
GET / HTTP/1.1
Host: arpia.ro
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 11 Mar 2015 14:52:11 GMT
Pragma: no-cache
Server: nginx admin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=8cb0badd8c07eeb7450bacdacf67e938; path=/
X-Cache: HIT from Backend
X-Pingback: http://arpia.ro/xmlrpc.php
X-Powered-By: PHP/5.4.38
Second query (visit from search engine):
GET / HTTP/1.1
Host: arpia.ro
Referer: http://www.google.com/search?q=arpia.ro
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: arpia.ro
Referer: http://www.google.com/search?q=arpia.ro
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=arpia.ro
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://arpia.ro/
Result: arpia.ro is not infected or malware details are not published yet.
Result: arpia.ro is not infected or malware details are not published yet.