Scanned pages/files
| Request | Server response | Status |
http://klimals.hr/ | 200 OK Content-Length: 4799 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Wongbodo <title>Hacked By Wongbodo</title></head> <style> .main{margin:50px;width:auto} .h{font-family:impact;font-size:100px;} </style> </head> <body bgcolor="#000000" text="#ffffff"><center> <div class="main"> <br></br> <font class="h"><SCRIPT> farbbibliothek = new Array(); farbbibliothek[0] = new Array("#ffffff","#FF0000","#ffffff","#ffffff","#f ...[4996 bytes skipped]... | ||
http://klimals.hr/test404page.js | 404 Not Found Content-Length: 27037 Content-Type: text/html | clean |
http://klimals.hr/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 95807 Content-Type: application/javascript | clean |
http://klimals.hr/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://klimals.hr/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=4.0.1 | 200 OK Content-Length: 83792 Content-Type: application/javascript | clean |
http://klimals.hr/wp-content/themes/inovado/framework/js/easing.js?ver=1.3 | 200 OK Content-Length: 8097 Content-Type: application/javascript | clean |
http://klimals.hr/wp-content/themes/inovado/framework/js/fitvids.js?ver=1.0 | 200 OK Content-Length: 2874 Content-Type: application/javascript | clean |
http://maps.google.com/maps/api/js?sensor=false | 200 OK Content-Length: 4347 Content-Type: text/javascript | clean |
http://klimals.hr/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20 | 200 OK Content-Length: 15248 Content-Type: application/javascript | clean |
http://klimals.hr/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.0.1 | 200 OK Content-Length: 9658 Content-Type: application/javascript | clean |
http://klimals.hr/wp-content/plugins/flexslider/assets/js/jquery.mousewheel.min.js?ver=2.1.0-20121206 | 200 OK Content-Length: 1007 Content-Type: application/javascript | clean |
http://klimals.hr/wp-content/plugins/flexslider/assets/js/jquery.flexslider.min.js?ver=2.1.0-20121206 | 200 OK Content-Length: 16688 Content-Type: application/javascript | clean |
http://klimals.hr/wp-content/themes/inovado/framework/js/shortcodes.js?ver=1.0 | 200 OK Content-Length: 3101 Content-Type: application/javascript | clean |
http://klimals.hr/wp-content/themes/inovado/framework/js/bootstrap.js?ver=1.0 | 200 OK Content-Length: 8371 Content-Type: application/javascript | clean |
http://klimals.hr/wp-content/themes/inovado/framework/js/superfish.js?ver=1.4 | 200 OK Content-Length: 7274 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: klimals.hr
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 20 Jan 2015 10:36:26 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 4799
Content-Type: text/html
Last-Modified: Mon, 05 Jan 2015 06:59:36 GMT
...4799 bytes of data.
GET / HTTP/1.1
Host: klimals.hr
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 20 Jan 2015 10:36:26 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 4799
Content-Type: text/html
Last-Modified: Mon, 05 Jan 2015 06:59:36 GMT
...4799 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: klimals.hr
Referer: http://www.google.com/search?q=klimals.hr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: klimals.hr
Referer: http://www.google.com/search?q=klimals.hr
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=klimals.hr
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://klimals.hr/
Result: klimals.hr is not infected or malware details are not published yet.
Result: klimals.hr is not infected or malware details are not published yet.