Scanned pages/files
Request | Server response | Status |
http://balkanherald.ro/ | 200 OK Content-Length: 71766 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: hacked by Mr. Bangladesh ...[6565 bytes skipped]... ipt> </head> <body onload="oszlop('contentleft','l_sidebar','r_sidebar')"> <div id="navbar"> <img src="wp-content/themes/vertigo-enhanced-20/images/fejlec.jpg" alt="" border="0" usemap="#Map" /> </div> <div id="content"> <div id="contentleft"> <h1 class="HomeH1"><a href="http://balkanherald.transindex.ro/?p=287" rel="bookmark">hacked by Mr. Bangladesh</a></h1> <p class="BCim1">október 1, 2013, <i>galacko</i> | <a href="http://balkanherald.transindex.ro/?cat=16" title="Ãsszes bejegyzés a(z) Szolgáltatások (Jobb adni, mint kapni) kategóriában" rel="category">Szolgáltatások (Jobb adni, mint kapni)</a>, <a href="http://balkanherald.transindex.ro/?cat=5" title="Ãsszes bejegyzés a(z) Munkahely (Meló-dráma) kategóriában" rel="category">Munkahely (Meló-drà ...[77413 bytes skipped]... | ||
http://platform.twitter.com/widgets.js | 200 OK Content-Length: 110249 Content-Type: application/javascript | clean |
http://connect.facebook.net/en_US/all.js | 200 OK Content-Length: 170028 Content-Type: application/x-javascript | clean |
http://storage.trafic.ro/js/trafic.js | 200 OK Content-Length: 204 Content-Type: application/x-javascript | clean |
http://balkanherald.ro/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: balkanherald.ro
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 20 Jun 2015 13:20:00 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=15ef3o7qqghh17ga2gopv0str2; path=/
X-Pingback: http://balkanherald.transindex.ro/xmlrpc.php
GET / HTTP/1.1
Host: balkanherald.ro
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 20 Jun 2015 13:20:00 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=15ef3o7qqghh17ga2gopv0str2; path=/
X-Pingback: http://balkanherald.transindex.ro/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: balkanherald.ro
Referer: http://www.google.com/search?q=balkanherald.ro
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: balkanherald.ro
Referer: http://www.google.com/search?q=balkanherald.ro
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=balkanherald.ro
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://balkanherald.ro/
Result: balkanherald.ro is not infected or malware details are not published yet.
Result: balkanherald.ro is not infected or malware details are not published yet.