Scanned pages/files
| Request | Server response | Status |
http://geardrops.com/ | 200 OK Content-Length: 24373 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By /.BROPRINCESSWAP* Please Click Here ...[13466 bytes skipped]... olid '+clickb+'px; background: '+clickbg+'; width: '+clickw+'px; height: '+clickh+'; cursor: pointer;"> <tr> <td align="middle">'+clickt+'</td> </tr> </table> </div> ');}} // --> <!-- var clickw=270; var clickh=20; var clickb=2; var clickc="#0000FF"; var clickbg="black"; // Background color var clickt="-=[ <blink>Hacked By /.BROPRINCESSWAP* Please Click Here</blink>] =-"; // Text to display var clickFont="font-family:Tahoma,arial,helvetica; font-size:10pt; font-weight:bold; color:white"; // The font style of the text new initReveal(0,'black','black',1,1,'lime','lime',3,10,true); // --> <!-- function tb5_makeArray(n){ this.length = n; return this.length; } tb5_messages = new tb5_makeArray(3); tb5_messages[0] = "..:[ Dont Panik ..Im Sorry ]:.."; tb5_messages[1] = "..:[ -= /.BROPRI ...[13248 bytes skipped]... | ||
http://geardrops.com/media/system/js/core.js | 200 OK Content-Length: 3616 Content-Type: application/javascript | clean |
http://geardrops.com/media/system/js/mootools-core.js | 200 OK Content-Length: 83987 Content-Type: application/javascript | clean |
http://geardrops.com/media/system/js/caption.js | 200 OK Content-Length: 800 Content-Type: application/javascript | clean |
http://geardrops.com/media/system/js/mootools-more.js | 200 OK Content-Length: 224389 Content-Type: application/javascript | clean |
http://davidwalsh.name/dw-content/mootools-1.3.js | HTTP/1.1 301 Moved Permanently Cache-Control: public, max-age=14400 Connection: close Date: Mon, 20 Jul 2015 05:44:11 GMT Location: http://davidwalsh.name/demo/mootools-1.3.js Server: cloudflare-nginx Content-Type: text/html; charset=iso-8859-1 Expires: Mon, 20 Jul 2015 09:44:11 GMT CF-Cache-Status: EXPIRED CF-RAY: 208c5a50bd1e0ae4-WAW Set-Cookie: __cfduid=d191a7d415e9c3fffb7eae615bcddbab91437371051; expires=Tue, 19-Jul-16 05:44:11 GMT; path=/; domain=.davidwalsh.name; HttpOnly | clean |
http://davidwalsh.name/demo/mootools-1.3.js | 200 OK Content-Length: 80351 Content-Type: application/x-javascript | clean |
http://geardrops.com/templates/siteground-j16-22/js/CreateHTML5Elements.js | 200 OK Content-Length: 388 Content-Type: application/javascript | clean |
http://geardrops.com/templates/siteground-j16-22/js/jquery-1.4.4.min.js | 200 OK Content-Length: 79762 Content-Type: application/javascript | clean |
http://geardrops.com/templates/siteground-j16-22/js/sgmenu.js | 200 OK Content-Length: 1085 Content-Type: application/javascript | clean |
http://geardrops.com/templates/siteground-j16-22/js/AnimateBG.js | 200 OK Content-Length: 674 Content-Type: application/javascript | clean |
http://geardrops.com/index.php/about%20us | 200 OK Content-Length: 6741 Content-Type: text/html | clean |
http://geardrops.com/index.php/contact%20us | 200 OK Content-Length: 7607 Content-Type: text/html | clean |
http://geardrops.com/media/system/js/validate.js | 200 OK Content-Length: 2646 Content-Type: application/javascript | clean |
http://geardrops.com/index.php/news | 200 OK Content-Length: 6694 Content-Type: text/html | clean |
http://geardrops.com/index.php/using-joomla/extensions/components/content-component/article-category-list/8-beginners | 200 OK Content-Length: 11427 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: geardrops.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Mon, 20 Jul 2015 05:44:06 GMT
Pragma: no-cache
Server: nginx/1.7.9
Content-Type: text/html; charset=utf-8
Host-Header: 192fc2e7e50945beb8231a492d6a8024
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: a126a4f8656d06525497b90a6212094a=ag0kaeskj2p3nvr6k1h01klqg7; path=/
X-Proxy-Cache: MISS
GET / HTTP/1.1
Host: geardrops.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Mon, 20 Jul 2015 05:44:06 GMT
Pragma: no-cache
Server: nginx/1.7.9
Content-Type: text/html; charset=utf-8
Host-Header: 192fc2e7e50945beb8231a492d6a8024
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: a126a4f8656d06525497b90a6212094a=ag0kaeskj2p3nvr6k1h01klqg7; path=/
X-Proxy-Cache: MISS
Second query (visit from search engine):
GET / HTTP/1.1
Host: geardrops.com
Referer: http://www.google.com/search?q=geardrops.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: geardrops.com
Referer: http://www.google.com/search?q=geardrops.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=geardrops.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://geardrops.com/
Result: geardrops.com is not infected or malware details are not published yet.
Result: geardrops.com is not infected or malware details are not published yet.