Scanned pages/files
Request | Server response | Status |
http://cusdev.com/ | 200 OK Content-Length: 872 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED BY 4Z15 <center><body style=background-color:black;><br><br><br><br><br><br><font color=red face=Courier New>HACKED BY 4Z15</font><br><br><br><font color=white face=Courier New>GREETZ :</font><br><font color=orange face=Courier New>=|= nasionalisme.407 =|= Sayap Hitam =|= ./RkeNz_007 =|= Payung_Teduh =|= Mr.Optimuz_r00t =|= ./Zonkk =|= ./KLEMEZ =|= +++AZZATSSIN'S+++ =|= ./Jaka_Attacker =|= Kuro_Dot_ID =|= Hwin7 =|= ./Cincong_Attacker =|= ./007Warlord =|= ./DPS_404 =|= Roxor404 =|= Mr.chucky =|= Pemimpi726 ...[435 bytes skipped]... | ||
http://cusdev.com/test404page.js | 404 Not Found Content-Length: 34128 Content-Type: text/html | clean |
http://cusdev.com/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 93085 Content-Type: application/javascript | clean |
http://cusdev.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://cusdev.com/wp-content/themes/enfold/js/avia-compat.js?ver=1 | 200 OK Content-Length: 748 Content-Type: application/javascript | clean |
http://cusdev.com/wp-content/themes/enfold/config-woocommerce/woocommerce-mod.js?ver=1 | 200 OK Content-Length: 4536 Content-Type: application/javascript | clean |
http://cusdev.com/wp-content/themes/enfold/js/avia.js?ver=1 | 200 OK Content-Length: 73438 Content-Type: application/javascript | clean |
http://cusdev.com/wp-content/themes/enfold/js/shortcodes.js?ver=1 | 200 OK Content-Length: 68998 Content-Type: application/javascript | clean |
http://cusdev.com/wp-content/themes/enfold/js/prettyPhoto/js/jquery.prettyPhoto.js?ver=3.1.5 | 200 OK Content-Length: 22060 Content-Type: application/javascript | clean |
http://cusdev.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=2.13.0 | 200 OK Content-Length: 71025 Content-Type: application/javascript | clean |
http://cusdev.com/wp-includes/js/mediaelement/wp-mediaelement.js?ver=3.7.11 | 200 OK Content-Length: 431 Content-Type: application/javascript | clean |
http://cusdev.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=2.0.18 | 200 OK Content-Length: 2076 Content-Type: application/javascript | clean |
http://cusdev.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.60 | 200 OK Content-Length: 9260 Content-Type: application/javascript | clean |
http://cusdev.com/wp-content/plugins/woocommerce/assets/js/jquery-placeholder/jquery.placeholder.min.js?ver=2.0.18 | 200 OK Content-Length: 2263 Content-Type: application/javascript | clean |
http://cusdev.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=2.0.18 | 200 OK Content-Length: 2710 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: cusdev.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 29 Sep 2015 06:06:29 GMT
Accept-Ranges: bytes
Server: nginx/1.8.0
Content-Length: 872
Content-Type: text/html
Last-Modified: Thu, 25 Jun 2015 21:08:20 GMT
...872 bytes of data.
GET / HTTP/1.1
Host: cusdev.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 29 Sep 2015 06:06:29 GMT
Accept-Ranges: bytes
Server: nginx/1.8.0
Content-Length: 872
Content-Type: text/html
Last-Modified: Thu, 25 Jun 2015 21:08:20 GMT
...872 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: cusdev.com
Referer: http://www.google.com/search?q=cusdev.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: cusdev.com
Referer: http://www.google.com/search?q=cusdev.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=cusdev.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://cusdev.com/
Result: cusdev.com is not infected or malware details are not published yet.
Result: cusdev.com is not infected or malware details are not published yet.