Scanned pages/files
| Request | Server response | Status |
http://lecture-et-patrimoine-mussy.fr/ | 200 OK Content-Length: 16723 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HaCkeD By GaSSpEr <!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Strict//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd'> <html dir="ltr" lang="fr"> <head> <title>HaCkeD By GaSSpEr</title> <meta name="description" content="Hacked by GaSSpEr Your Site Has Been HackeD Sorry Admin But Your Site Is Not Secure ! French HaCkeR WaS HeRe :2014 : (...)" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="generator" content="SPIP 2.0.8 [13982]" /> <link rel="alternate" type="application/rss+xml" title="Syndiquer tout le site" href="http://lec ...[18957 bytes skipped]... | ||
http://lecture-et-patrimoine-mussy.fr/prive/javascript/jquery.js | 200 OK Content-Length: 100334 Content-Type: application/javascript | clean |
http://lecture-et-patrimoine-mussy.fr/prive/javascript/jquery.form.js | 200 OK Content-Length: 23377 Content-Type: application/javascript | clean |
http://lecture-et-patrimoine-mussy.fr/prive/javascript/ajaxCallback.js | 200 OK Content-Length: 8447 Content-Type: application/javascript | clean |
http://www.lecture-et-patrimoine-mussy.fr/plugins/couteau_suisse/outils/jquery.scrollto.js | 200 OK Content-Length: 7368 Content-Type: application/javascript | clean |
http://www.lecture-et-patrimoine-mussy.fr/plugins/couteau_suisse/outils/jquery.localscroll.js | 200 OK Content-Length: 4434 Content-Type: application/javascript | clean |
http://www.lecture-et-patrimoine-mussy.fr/plugins/couteau_suisse/outils/decoupe.js | 200 OK Content-Length: 1995 Content-Type: application/javascript | clean |
http://www.lecture-et-patrimoine-mussy.fr/plugins/couteau_suisse/outils/sommaire.js | 200 OK Content-Length: 1151 Content-Type: application/javascript | clean |
http://lecture-et-patrimoine-mussy.fr/spip.php?page=rubrique&id_rubrique=0 | HTTP/1.1 302 Found Connection: close Date: Mon, 29 Dec 2014 12:25:37 GMT Location: http://lecture-et-patrimoine-mussy.fr/spip.php?rubrique0 Server: Apache Vary: Accept-Encoding Content-Length: 240 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: 60gpBAK=R1224192509; path=/; expires=Mon, 29-Dec-2014 13:46:31 GMT Set-Cookie: 60gp=R2337204473; path=/; expires=Mon, 29-Dec-2014 13:46:16 GMT | clean |
http://lecture-et-patrimoine-mussy.fr/spip.php?rubrique0 | 404 Not Found Content-Length: 8504 Content-Type: text/html | clean |
http://lecture-et-patrimoine-mussy.fr/accueil-bibliotheque-mediatheque-mussy-sur-seine/ | 500 Internal Server Error Content-Length: 561 Content-Type: text/html | clean |
http://lecture-et-patrimoine-mussy.fr/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://lecture-et-patrimoine-mussy.fr/actualite,002/ | 200 OK Content-Length: 13209 Content-Type: text/html | clean |
http://lecture-et-patrimoine-mussy.fr/actualite,002/prive/javascript/jquery.js | 404 Not Found Content-Length: 238 Content-Type: text/html | clean |
http://lecture-et-patrimoine-mussy.fr/actualite,002/prive/javascript/jquery.form.js | 404 Not Found Content-Length: 243 Content-Type: text/html | clean |
http://lecture-et-patrimoine-mussy.fr/actualite,002/prive/javascript/ajaxCallback.js | 404 Not Found Content-Length: 244 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: lecture-et-patrimoine-mussy.fr
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 29 Dec 2014 12:25:35 GMT
Server: Apache
Vary: Cookie,Accept-Encoding
Content-Type: text/html; charset=utf-8
Last-Modified: Mon, 29 Dec 2014 11:44:47 GMT
Composed-By: SPIP 2.0.8 @ www.spip.net + couteau_suisse(1.8.09.01)
Set-Cookie: 60gpBAK=R1224225179; path=/; expires=Mon, 29-Dec-2014 13:46:31 GMT
Set-Cookie: 60gp=R2337204473; path=/; expires=Mon, 29-Dec-2014 13:41:59 GMT
X-Outils-CS: guillemets, decoupe, sommaire, type_urls, spip_cache, soft_scroller, mailcrypt
X-Powered-By: PHP/4.4.9
X-Spip-Cache: 7200
GET / HTTP/1.1
Host: lecture-et-patrimoine-mussy.fr
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 29 Dec 2014 12:25:35 GMT
Server: Apache
Vary: Cookie,Accept-Encoding
Content-Type: text/html; charset=utf-8
Last-Modified: Mon, 29 Dec 2014 11:44:47 GMT
Composed-By: SPIP 2.0.8 @ www.spip.net + couteau_suisse(1.8.09.01)
Set-Cookie: 60gpBAK=R1224225179; path=/; expires=Mon, 29-Dec-2014 13:46:31 GMT
Set-Cookie: 60gp=R2337204473; path=/; expires=Mon, 29-Dec-2014 13:41:59 GMT
X-Outils-CS: guillemets, decoupe, sommaire, type_urls, spip_cache, soft_scroller, mailcrypt
X-Powered-By: PHP/4.4.9
X-Spip-Cache: 7200
Second query (visit from search engine):
GET / HTTP/1.1
Host: lecture-et-patrimoine-mussy.fr
Referer: http://www.google.com/search?q=lecture-et-patrimoine-mussy.fr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: lecture-et-patrimoine-mussy.fr
Referer: http://www.google.com/search?q=lecture-et-patrimoine-mussy.fr
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=lecture-et-patrimoine-mussy.fr
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://lecture-et-patrimoine-mussy.fr/
Result: lecture-et-patrimoine-mussy.fr is not infected or malware details are not published yet.
Result: lecture-et-patrimoine-mussy.fr is not infected or malware details are not published yet.