Scanned pages/files
| Request | Server response | Status |
http://coworkingwuppertal.de/ | 200 OK Content-Length: 13746 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by w4l3XzY3 ...[3596 bytes skipped]... dren("img").attr("title"); jQuery(this).attr('title',title); }) } // Supported file extensions var thumbnails = jQuery("a:has(img)").filter( function() { return /(jpe?g|png|gif|bmp)$/i.test(jQuery(this).attr('href')) }); jQuery("a.fancybox").fancybox({ 'cyclic': false, 'autoScale': false, 'padding': </script><script>document.title = 'Hacked by w4l3XzY3';</script><style>body {font-family: Comic Sans MS, cursive, sans-serif;background-color: #000000;color:white; text-shadow:0 0 60px black;font-size:20px;}</style><center><br /><br /><br /><br /><br /><br /><h1>Hacked by w4l3XzY3</h1><h2 style='color: white'>Hacked by w4l3XzY3</h2>Hmmmn</center><!--Hackeddddddddddddddddddddd, 'opacity': false, 'speedIn': , 'speedOut ...[11882 bytes skipped]... | ||
http://www.google.com/jsapi | 200 OK Content-Length: 24558 Content-Type: text/javascript | clean |
http://grmblfix.de/cowowu/wp-content/plugins/google-calendar-widget/date.js?ver=alpha-1 | 200 OK Content-Length: 28748 Content-Type: application/x-javascript | clean |
http://grmblfix.de/cowowu/wp-content/plugins/google-calendar-widget/wiky.js?ver=1.0 | 200 OK Content-Length: 19569 Content-Type: application/x-javascript | clean |
http://grmblfix.de/cowowu/wp-content/plugins/google-calendar-widget/ko-calendar.js?ver=3.3.1 | 200 OK Content-Length: 18284 Content-Type: application/x-javascript | clean |
http://grmblfix.de/cowowu/wp-includes/js/jquery/jquery.js?ver=1.7.1 | 200 OK Content-Length: 93889 Content-Type: application/x-javascript | clean |
http://grmblfix.de/cowowu/wp-content/themes/craft/scripts/jquery.jcarousel.min.js?ver=0.2.8 | 200 OK Content-Length: 15650 Content-Type: application/x-javascript | clean |
http://grmblfix.de/cowowu/wp-content/themes/craft/scripts/init_carousel.js?ver=1.0 | 200 OK Content-Length: 423 Content-Type: application/x-javascript | clean |
http://grmblfix.de/cowowu/wp-content/plugins/fancybox-for-wordpress/fancybox/jquery.fancybox.js?ver=1.3.4 | 200 OK Content-Length: 15669 Content-Type: application/x-javascript | clean |
http://grmblfix.de/cowowu/wp-content/themes/craft/scripts/superfish/superfish.js?ver=1.4.8 | 200 OK Content-Length: 4428 Content-Type: application/x-javascript | clean |
http://grmblfix.de/cowowu/wp-content/themes/craft/scripts/superfish/supersubs.js?ver=1.4.8 | 200 OK Content-Length: 893 Content-Type: application/x-javascript | clean |
http://grmblfix.de/cowowu/wp-content/themes/craft/scripts/slideshow/jquery.nivo.slider.pack.js?ver=2.4 | 200 OK Content-Length: 15919 Content-Type: application/x-javascript | clean |
http://grmblfix.de/cowowu/wp-content/themes/craft/scripts/jquery.twitter.js?ver=1.5 | 200 OK Content-Length: 2089 Content-Type: application/x-javascript | clean |
http://grmblfix.de/cowowu/wp-content/themes/craft/scripts/theme_trust.js?ver=1.0 | 200 OK Content-Length: 493 Content-Type: application/x-javascript | clean |
http://coworkingwuppertal.de/test404page.js | 500 Internal Server Error Content-Length: 652 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: coworkingwuppertal.de
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 03 Apr 2015 18:24:14 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
X-Pingback: http://grmblfix.de/cowowu/xmlrpc.php
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: coworkingwuppertal.de
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 03 Apr 2015 18:24:14 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
X-Pingback: http://grmblfix.de/cowowu/xmlrpc.php
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: coworkingwuppertal.de
Referer: http://www.google.com/search?q=coworkingwuppertal.de
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: coworkingwuppertal.de
Referer: http://www.google.com/search?q=coworkingwuppertal.de
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=coworkingwuppertal.de
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://coworkingwuppertal.de/
Result: coworkingwuppertal.de is not infected or malware details are not published yet.
Result: coworkingwuppertal.de is not infected or malware details are not published yet.