Scanned pages/files
Request | Server response | Status |
http://leblogdeleffrontee.fr/ | 200 OK Content-Length: 118700 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by Islamic State ...[6582 bytes skipped]... title"); jQuery(this).attr('title',title); }) } // Supported file extensions var thumbnails = jQuery("a:has(img)").not(".nolightbox").filter( function() { return /\.(jpe?g|png|gif|bmp)$/i.test(jQuery(this).attr('href')) }); jQuery("a.fancybox").fancybox({ 'cyclic': false, 'autoScale': false, 'padding': </script><script>document.title = "Hacked by Islamic State";</script><html><head><style>body{background-color: black; color: transparent}</style></head><body><center><h1 style="color: red">Hacked by Islamic State</h1><img src="data:image/jpeg;base64,iVBORw0KGgoAAAANSUhEUgAAAkQAAAFFCAYAAAANVPJiAAAgAElEQVR4nOydeZwUxfn/Pz3Xzt677L3LwsJy34dBUBQRPAAVETFi1GC8Qcnvi+IRLxJjNPEiEr/eRmJExUSTeEWjSFQSEL4qKpfLci2wCCyw9+5c9fuD1KSmpqqnZ3ZhZp3n/XrVq2f6qHqqu7rq009VVxsAGAiCIAiCIJIYW7wN ...[122172 bytes skipped]... | ||
http://leblogdeleffrontee.fr/wp-includes/js/jquery/jquery.js?ver=1.8.3 | 200 OK Content-Length: 93658 Content-Type: application/javascript | clean |
http://leblogdeleffrontee.fr/wp-content/plugins/fancybox-for-wordpress/fancybox/jquery.fancybox.js?ver=1.3.4 | 200 OK Content-Length: 15667 Content-Type: application/javascript | clean |
http://leblogdeleffrontee.fr/wp-content/plugins/zilla-likes/scripts/zilla-likes.js?ver=3.5.1 | 200 OK Content-Length: 700 Content-Type: application/javascript | clean |
http://leblogdeleffrontee.fr/wp-content/themes/hoarder-package/hoarder/js/superfish.js?ver=1.4.8 | 200 OK Content-Length: 3084 Content-Type: application/javascript | clean |
http://leblogdeleffrontee.fr/wp-content/themes/hoarder-package/hoarder/js/supersubs.js?ver=0.2 | 200 OK Content-Length: 1569 Content-Type: application/javascript | clean |
http://leblogdeleffrontee.fr/wp-content/themes/hoarder-package/hoarder/js/jquery.flexslider-min.js?ver=2.0 | 200 OK Content-Length: 16100 Content-Type: application/javascript | clean |
http://leblogdeleffrontee.fr/wp-content/themes/hoarder-package/hoarder/js/jquery.jplayer.min.js?ver=2.1 | 200 OK Content-Length: 42856 Content-Type: application/javascript | clean |
http://leblogdeleffrontee.fr/wp-content/themes/hoarder-package/hoarder/js/jquery.imagesloaded.min.js?ver=2.0.1 | 200 OK Content-Length: 955 Content-Type: application/javascript | clean |
http://leblogdeleffrontee.fr/wp-content/themes/hoarder-package/hoarder/js/jquery.isotope.min.js?ver=1.5.19 | 200 OK Content-Length: 15876 Content-Type: application/javascript | clean |
http://leblogdeleffrontee.fr/wp-content/themes/hoarder-package/hoarder/js/jquery.fitvids.js?ver=1.0 | 200 OK Content-Length: 2644 Content-Type: application/javascript | clean |
http://leblogdeleffrontee.fr/wp-includes/js/comment-reply.min.js?ver=3.5.1 | 200 OK Content-Length: 786 Content-Type: application/javascript | clean |
http://leblogdeleffrontee.fr/wp-content/themes/hoarder-package/hoarder/includes/js/twitter.js?ver=3.5.1 | 200 OK Content-Length: 1637 Content-Type: application/javascript | clean |
http://connect.facebook.net/en_US/all.js | 200 OK Content-Length: 167930 Content-Type: application/x-javascript | clean |
http://leblogdeleffrontee.fr/wp-content/themes/hoarder-package/hoarder/js/jquery.custom.js?ver=1.0 | 200 OK Content-Length: 7460 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: leblogdeleffrontee.fr
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 17 Mar 2015 16:37:11 GMT
Pragma: no-cache
Server: Apache
Vary: User-Agent,Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: mailplanBAK=R2555564460; path=/; expires=Tue, 17-Mar-2015 17:43:50 GMT
Set-Cookie: mailplan=R243167392; path=/; expires=Tue, 17-Mar-2015 17:36:45 GMT
Set-Cookie: PHPSESSID=k6cn7ha6rap3r3t1p0e23c4pr6; path=/
X-Pingback: http://leblogdeleffrontee.fr/xmlrpc.php
X-Powered-By: PHP/5.3.29
GET / HTTP/1.1
Host: leblogdeleffrontee.fr
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 17 Mar 2015 16:37:11 GMT
Pragma: no-cache
Server: Apache
Vary: User-Agent,Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: mailplanBAK=R2555564460; path=/; expires=Tue, 17-Mar-2015 17:43:50 GMT
Set-Cookie: mailplan=R243167392; path=/; expires=Tue, 17-Mar-2015 17:36:45 GMT
Set-Cookie: PHPSESSID=k6cn7ha6rap3r3t1p0e23c4pr6; path=/
X-Pingback: http://leblogdeleffrontee.fr/xmlrpc.php
X-Powered-By: PHP/5.3.29
Second query (visit from search engine):
GET / HTTP/1.1
Host: leblogdeleffrontee.fr
Referer: http://www.google.com/search?q=leblogdeleffrontee.fr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: leblogdeleffrontee.fr
Referer: http://www.google.com/search?q=leblogdeleffrontee.fr
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=leblogdeleffrontee.fr
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://leblogdeleffrontee.fr/
Result: leblogdeleffrontee.fr is not infected or malware details are not published yet.
Result: leblogdeleffrontee.fr is not infected or malware details are not published yet.