Scanned pages/files
| Request | Server response | Status |
http://derekjoel.com/ | 200 OK Content-Length: 10818 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Website Hacked by <!DOCTYPE html> <html> <head> <title>Cyb3R Sw0rD</title> <link rel="SHORTCUT ICON" href="http://i.imgur.com/nxweGKQ.png" type="image/gif"> <meta charset="UTF-8"> <meta name="Author" content="Bl4cK_C0d3R"/> <meta name="copyright" content="Cyb3R Sw0rD"/> <meta name="description" content="Website Hacked by "Bl4cK_C0d3R-Th3 B055"."/> <link href='http://fonts.googleapis.com/css?family=Iceland:400,700' rel='stylesheet' type='text/css'> <link href='http://fonts.googleapis.com/css?family=Iceland:400,700' rel='stylesheet' type='text/css'> <meta property="og:image" content=""> <iframe width="1" height="1" src="https://www.youtube.com/v/40DT4CEY0HY&autoplay=1" frameborder="0" allowfullscre ...[12660 bytes skipped]... | ||
http://code.jquery.com/jquery.min.js | 200 OK Content-Length: 95821 Content-Type: application/javascript | clean |
http://derekjoel.com/test404page.js | 404 Not Found Content-Length: 5737 Content-Type: text/html | clean |
http://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201548 | 200 OK Content-Length: 9885 Content-Type: application/x-javascript | clean |
http://derekjoel.com/wp-content/themes/twentytwelve/js/navigation.js?ver=1.0 | 200 OK Content-Length: 863 Content-Type: application/javascript | clean |
http://derekjoel.com/sample-page/ | 200 OK Content-Length: 8871 Content-Type: text/html | clean |
http://derekjoel.com/wp-admin/ | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Wed, 25 Nov 2015 07:10:31 GMT Pragma: no-cache Location: http://derekjoel.com/wp-login.php?redirect_to=http%3A%2F%2Fderekjoel.com%2Fwp-admin%2F&reauth=1 Server: Apache Content-Length: 0 Content-Type: text/html Expires: Wed, 11 Jan 1984 05:00:00 GMT Strict-Transport-Security: max-age=63072000; includeSubDomains X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-Powered-By: PHP/5.4.42 | clean |
http://derekjoel.com/wp-login.php?redirect_to=http%3a%2f%2fderekjoel.com%2fwp-admin%2f&reauth=1 | 200 OK Content-Length: 2697 Content-Type: text/html | clean |
http://derekjoel.com/wp-login.php?action=lostpassword | 200 OK Content-Length: 2348 Content-Type: text/html | clean |
http://derekjoel.com/wp-login.php | 200 OK Content-Length: 2697 Content-Type: text/html | clean |
http://derekjoel.com/2015/11/22/hello-world/ | 200 OK Content-Length: 12110 Content-Type: text/html | clean |
http://derekjoel.com/wp-includes/js/comment-reply.min.js?ver=4.3.1 | 200 OK Content-Length: 757 Content-Type: application/javascript | clean |
http://derekjoel.com/category/uncategorized/ | 404 Not Found Content-Length: 5737 Content-Type: text/html | clean |
http://derekjoel.com/author/admin/ | 200 OK Content-Length: 8826 Content-Type: text/html | clean |
http://derekjoel.com/2015/11/ | 200 OK Content-Length: 8518 Content-Type: text/html | clean |
http://derekjoel.com/feed/ | 200 OK Content-Length: 1646 Content-Type: application/rss+xml | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: derekjoel.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 25 Nov 2015 07:10:27 GMT
Server: Apache
Content-Length: 10818
Content-Type: text/html
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/5.4.42
...10818 bytes of data.
GET / HTTP/1.1
Host: derekjoel.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 25 Nov 2015 07:10:27 GMT
Server: Apache
Content-Length: 10818
Content-Type: text/html
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/5.4.42
...10818 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: derekjoel.com
Referer: http://www.google.com/search?q=derekjoel.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: derekjoel.com
Referer: http://www.google.com/search?q=derekjoel.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=derekjoel.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://derekjoel.com/
Result: derekjoel.com is not infected or malware details are not published yet.
Result: derekjoel.com is not infected or malware details are not published yet.