Scanned pages/files
| Request | Server response | Status |
http://hirsirakennus-stolt.fi/ | 200 OK Content-Length: 13532 Content-Type: text/html | clean |
http://hirsirakennus-stolt.fi/sites/hirsirakennus-stolt.fi/files/js/js_xAPl0qIk9eowy_iS9tNkCWXLUVoat94SQT48UBCFkyQ.js | 200 OK Content-Length: 96126 Content-Type: application/javascript | clean |
http://hirsirakennus-stolt.fi/sites/hirsirakennus-stolt.fi/files/js/js_obFUyTbqtcoGQtszVI46l1_oD927PzlDtlr_ilpYBqE.js | 200 OK Content-Length: 19851 Content-Type: application/javascript | clean |
http://hirsirakennus-stolt.fi/sites/hirsirakennus-stolt.fi/files/js/js_kUyIufISPq2i4PG1yP4hPTPbSAMlDOnTWewUbm5DTlQ.js | 200 OK Content-Length: 38658 Content-Type: application/javascript | clean |
http://hirsirakennus-stolt.fi/etusivu | 200 OK Content-Length: 13532 Content-Type: text/html | clean |
http://hirsirakennus-stolt.fi/kuvat | 200 OK Content-Length: 15821 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Lakhdar Dz ...[7362 bytes skipped]... t;h1> Kuvat</h1> </div> </div> </div> </div><div class="media-gallery-collection mg-collection-gallery_collections mg-col mg-col-4"><div id="node-11" class="node node-media-gallery node-teaser mg-gallery mg-teaser clearfix" about="/dz.php" typeof="sioc:Item foaf:Document"> <h2 property="dc:title" datatype=""><a href="/dz.php">Hacked By Lakhdar Dz</a></h2> <div class="content"> <div class="media-collection-item-wrapper"><img class="stack-image" src="/sites/all/modules/media_gallery/images/stack_bg.png" /><div class="media-gallery-item"><div class="top"><div class="top-inset-1"><div class="top-inset-2"></div></div></div><div class="gallery-thumb-outer"><div class="gallery-thumb-inner"><a href="/dz.php ...[10968 bytes skipped]... | ||
http://hirsirakennus-stolt.fi/sites/hirsirakennus-stolt.fi/files/js/js_TUZ3Ch7sBbEFRr0dlXQ2Z_9d4L_tQgUZjWa8bfrPIaw.js | 200 OK Content-Length: 11706 Content-Type: application/javascript | clean |
http://hirsirakennus-stolt.fi/yhteystiedot | 200 OK Content-Length: 10097 Content-Type: text/html | clean |
http://hirsirakennus-stolt.fi/sites/hirsirakennus-stolt.fi/files/js/js_C7A4yvdeL1H1m5rc6lxr2R6ameczbRl5RDMQdAMKA2Y.js | 200 OK Content-Length: 15731 Content-Type: application/javascript | clean |
http://hirsirakennus-stolt.fi/test404page.js | 404 Not Found Content-Length: 297 Content-Type: text/html | clean |
http://hirsirakennus-stolt.fi/dz.php | 200 OK Content-Length: 7539 Content-Type: text/html | clean |
http://hirsirakennus-stolt.fi/kuvat/hirsim%C3%B6kit | 200 OK Content-Length: 36118 Content-Type: text/html | clean |
http://hirsirakennus-stolt.fi/sites/hirsirakennus-stolt.fi/files/js/js_CnVjeK75WybhZPt5LIjxPFFChsSvirFJZ4QJHLcK6Rw.js | 200 OK Content-Length: 9598 Content-Type: application/javascript | clean |
http://hirsirakennus-stolt.fi/sites/hirsirakennus-stolt.fi/files/js/js_X0oRoJDG3zwPG_dGqqLX5v1FaNVaVAMoFcdJGSRFRVM.js | 200 OK Content-Length: 3497 Content-Type: application/javascript | clean |
http://hirsirakennus-stolt.fi/media-gallery/detail/5/7 | 200 OK Content-Length: 7746 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: hirsirakennus-stolt.fi
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 22 Jun 2015 18:57:01 GMT
ETag: "1434999421"
Server: Apache/2.2.16
Vary: Accept-Encoding
Content-Language: fi
Content-Type: text/html; charset=utf-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Mon, 22 Jun 2015 18:57:01 +0000
Link: </etusivu>; rel="canonical",</node/1>; rel="shortlink"
X-Generator: Drupal 7 (http://drupal.org)
X-Powered-By: PHP/5.3.3-7+squeeze17
X-UA-Compatible: IE=Edge,chrome=1
GET / HTTP/1.1
Host: hirsirakennus-stolt.fi
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 22 Jun 2015 18:57:01 GMT
ETag: "1434999421"
Server: Apache/2.2.16
Vary: Accept-Encoding
Content-Language: fi
Content-Type: text/html; charset=utf-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Mon, 22 Jun 2015 18:57:01 +0000
Link: </etusivu>; rel="canonical",</node/1>; rel="shortlink"
X-Generator: Drupal 7 (http://drupal.org)
X-Powered-By: PHP/5.3.3-7+squeeze17
X-UA-Compatible: IE=Edge,chrome=1
Second query (visit from search engine):
GET / HTTP/1.1
Host: hirsirakennus-stolt.fi
Referer: http://www.google.com/search?q=hirsirakennus-stolt.fi
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: hirsirakennus-stolt.fi
Referer: http://www.google.com/search?q=hirsirakennus-stolt.fi
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=hirsirakennus-stolt.fi
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://hirsirakennus-stolt.fi/
Result: hirsirakennus-stolt.fi is not infected or malware details are not published yet.
Result: hirsirakennus-stolt.fi is not infected or malware details are not published yet.