Scanned pages/files
| Request | Server response | Status |
http://kruptos.com/ | 200 OK Content-Length: 2628 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED BY AYYILDIZ TEAM INTERNATIONAL FORCE <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head><link rel="Shortcut Icon" href="http://i.hizliresim.com/PvVzDd.jpg" type="image/x-icon"> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>HACKED BY AYYILDIZ TEAM INTERNATIONAL FORCE</title> <style type="text/css"> <!-- .style3 {font-size: 10px} body { background-color: #FFFFFF; background-image: url(http://i.hizliresim.com/PEPLqd.jpg); background-size: 100%; margin: 85Dpx; padding: 0px; min-width: 1000px; background-origin: padding-box; background-repeat: no-repeat; background-position: center; backgro ...[2457 bytes skipped]... | ||
http://kruptos.com/test404page.js | 404 Not Found Content-Length: 10361 Content-Type: text/html | clean |
http://kruptos.com/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 95807 Content-Type: application/javascript | clean |
http://kruptos.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://kruptos.com/wp-content/plugins/buddypress/bp-templates/bp-legacy/js/buddypress.js?ver=1.9.1-7716 | 200 OK Content-Length: 56919 Content-Type: application/javascript | clean |
http://kruptos.com/wp-includes/js/admin-bar.min.js?ver=4.0.1 | 200 OK Content-Length: 6828 Content-Type: application/javascript | clean |
http://kruptos.com/wp-content/plugins/bbpress/templates/default/js/editor.js?ver=2.5.2-5234 | 200 OK Content-Length: 1399 Content-Type: application/javascript | clean |
http://kruptos.com/wp-content/themes/twentyfourteen/js/functions.js?ver=20131209 | 200 OK Content-Length: 3380 Content-Type: application/javascript | clean |
http://kruptos.com/groupes/ | 200 OK Content-Length: 12086 Content-Type: text/html | clean |
http://kruptos.com/yop-poll-archive/ | 200 OK Content-Length: 21324 Content-Type: text/html | clean |
http://kruptos.com/wp-includes/js/comment-reply.min.js?ver=4.0.1 | 200 OK Content-Length: 757 Content-Type: application/javascript | clean |
http://kruptos.com/wp-content/plugins/yop-poll/js/jquery.popupWindow.js?ver=4.9.1 | 200 OK Content-Length: 3012 Content-Type: application/javascript | clean |
http://kruptos.com/wp-admin/admin-ajax.php?action=yop_poll_load_js&id=1&location=page&unique_id=_yp5474c5c1e88d7&ver=4.9.1 | 200 OK Content-Length: 2864 Content-Type: text/javascript | clean |
http://kruptos.com/wp-content/plugins/yop-poll/js/yop-poll-public.js?ver=4.9.1 | 200 OK Content-Length: 24483 Content-Type: application/javascript | clean |
http://kruptos.com/wp-content/plugins/yop-poll/js/yop-poll-json2.js?ver=4.9.1 | 200 OK Content-Length: 2780 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: kruptos.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Nov 2014 18:09:02 GMT
Accept-Ranges: bytes
ETag: "bb0007-a44-506a923f43580"
Server: Apache/2.4.10 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Length: 2628
Content-Type: text/html
Last-Modified: Thu, 30 Oct 2014 19:46:46 GMT
...2628 bytes of data.
GET / HTTP/1.1
Host: kruptos.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 25 Nov 2014 18:09:02 GMT
Accept-Ranges: bytes
ETag: "bb0007-a44-506a923f43580"
Server: Apache/2.4.10 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Length: 2628
Content-Type: text/html
Last-Modified: Thu, 30 Oct 2014 19:46:46 GMT
...2628 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: kruptos.com
Referer: http://www.google.com/search?q=kruptos.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: kruptos.com
Referer: http://www.google.com/search?q=kruptos.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=kruptos.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://kruptos.com/
Result: kruptos.com is not infected or malware details are not published yet.
Result: kruptos.com is not infected or malware details are not published yet.