Scanned pages/files
Request | Server response | Status |
http://icelandlightstalkers.com/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Wed, 02 Apr 2014 02:38:03 GMT Pragma: no-cache Location: http://www.icelandlightstalkers.com/ Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Content-Length: 0 Content-Type: text/html; charset=UTF-7 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=4bc868823adf060da9b6ac4aa60ffb68; path=/ X-Pingback: http://www.icelandlightstalkers.com/xmlrpc.php | clean |
http://www.icelandlightstalkers.com/ | 200 OK Content-Length: 21374 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By International Force ...[109 bytes skipped]... D/xhtml1-transitional.dtd"> <html prefix="og: http://ogp.me/ns#" xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> </head> <body> <script language="JavaScript1.2"> function ClearError() {return true;} window.onerror = ClearError; </script> <title>Hacked By International Force</title> <html prefix="og: http://ogp.me/ns#" xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns="http://www.w3.org/TR/REC-html40"> <head> <meta http-equiv=Content-Type content="text/html; charset=iso-8859-9"> <META HTTP-EQUIV="Refresh" CONTENT="50; URL= https://www.facebook.com/ayyildiztim. ...[23885 bytes skipped]... | ||
http://w.sharethis.com/button/buttons.js?ver=3.3.1 | 200 OK Content-Length: 142455 Content-Type: application/x-javascript | clean |
http://www.icelandlightstalkers.com/wp-includes/js/jquery/jquery.js?ver=1.7.1 | 200 OK Content-Length: 93889 Content-Type: application/javascript | clean |
http://www.icelandlightstalkers.com/wp-content/plugins/wp-e-commerce/wpsc-core/js/wp-e-commerce.js?ver=3.8.7.6.2.494864 | 200 OK Content-Length: 27244 Content-Type: application/javascript | clean |
http://www.icelandlightstalkers.com/wp-content/plugins/wp-e-commerce/wpsc-core/js/jquery.infieldlabel.min.js?ver=3.8.7.6.2.494864 | 200 OK Content-Length: 1787 Content-Type: application/javascript | clean |
http://www.icelandlightstalkers.com/wp-content/plugins/wp-e-commerce/wpsc-core/js/ajax.js?ver=3.8.7.6.2.494864 | 200 OK Content-Length: 2693 Content-Type: application/javascript | clean |
http://www.icelandlightstalkers.com/index.php?wpsc_user_dynamic_js=true&ver=3.8.7.6.2.494864 | 200 OK Content-Length: 1030 Content-Type: text/javascript | clean |
http://www.icelandlightstalkers.com/wp-content/plugins/wp-e-commerce/wpsc-admin/js/jquery.livequery.js?ver=1.0.3 | 200 OK Content-Length: 6714 Content-Type: application/javascript | clean |
http://www.icelandlightstalkers.com/wp-content/plugins/wp-e-commerce/wpsc-core/js/user.js?ver=3.8.7.6.2494864 | 200 OK Content-Length: 14672 Content-Type: application/javascript | clean |
http://www.icelandlightstalkers.com/wp-content/plugins/wp-e-commerce/wpsc-core/js/thickbox.js?ver=Instinct_e-commerce | 200 OK Content-Length: 14444 Content-Type: application/javascript | clean |
http://icelandlightstalkers.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Wed, 02 Apr 2014 02:38:11 GMT Location: http://vipmedstuff.com/ Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Content-Length: 207 Content-Type: text/html; charset=iso-8859-1 | clean |
http://vipmedstuff.com/ | HTTP/1.1 302 Found Connection: close Date: Wed, 02 Apr 2014 02:38:12 GMT Location: http://thecialispill.com Server: nginx Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.3.27 | clean |
http://thecialispill.com/ | 500 Can't connect to thecialispill.com:80 (Bad hostname) Content-Length: 166 Content-Type: text/plain | clean |
http://thecialispill.com/test404page.js | 500 Can't connect to thecialispill.com:80 (Bad hostname) Content-Length: 166 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: icelandlightstalkers.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 02 Apr 2014 02:38:03 GMT
Pragma: no-cache
Location: http://www.icelandlightstalkers.com/
Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Length: 0
Content-Type: text/html; charset=UTF-7
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=4bc868823adf060da9b6ac4aa60ffb68; path=/
X-Pingback: http://www.icelandlightstalkers.com/xmlrpc.php
...0 bytes of data.
GET / HTTP/1.1
Host: icelandlightstalkers.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 02 Apr 2014 02:38:03 GMT
Pragma: no-cache
Location: http://www.icelandlightstalkers.com/
Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Length: 0
Content-Type: text/html; charset=UTF-7
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=4bc868823adf060da9b6ac4aa60ffb68; path=/
X-Pingback: http://www.icelandlightstalkers.com/xmlrpc.php
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: icelandlightstalkers.com
Referer: http://www.google.com/search?q=icelandlightstalkers.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: icelandlightstalkers.com
Referer: http://www.google.com/search?q=icelandlightstalkers.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=icelandlightstalkers.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://icelandlightstalkers.com/
Result: icelandlightstalkers.com is not infected or malware details are not published yet.
Result: icelandlightstalkers.com is not infected or malware details are not published yet.