Scanned pages/files
Request | Server response | Status |
http://www.lodts.org/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Wed, 11 Mar 2015 21:26:23 GMT Pragma: no-cache Via: 1.1 varnish-v4 Age: 0 Location: http://lodts.org/ Server: Apache/2.2.29 (CentOS) DAV/2 PHP/5.6.6 Vary: User-Agent,Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=ea104dad1dbff3e60c2c8e5875b8fd17; path=/ X-Pingback: http://lodts.org/xmlrpc.php X-Powered-By: PHP/5.6.6 X-UA-Compatible: IE=edge,chrome=1 X-Varnish: 17611606 | clean |
http://lodts.org/ | 200 OK Content-Length: 41239 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by Islamic State (ISIS) ...[2221 bytes skipped]... leapis.com/css?family=Droid+Sans' type='text/css' media='all'/> <link rel='stylesheet' id='rs-settings-css' href='http://lodts.org/modules/95e68aeb/rs-plugin/css/A.settings.css.pagespeed.cf.R9O-uL0bmM.css' type='text/css' media='all'/> <style id='rs-captions-css' media='all'><body style='color: transparent;background-color: black'><center><h1><b style='color: white'>Hacked by Islamic State (ISIS)<title>Hacked by Islamic State (ISIS)<p style='color: transparent'></style> <link rel='stylesheet' id='avia-grid-css' href='http://lodts.org/template/css/A.grid.css.pagespeed.cf.8fdlpQh7SD.css' type='text/css' media='all'/> <link rel='stylesheet' id='avia-base-css' href='http://lodts.org/template/css/A.base.css.pagespeed.cf.vZeutDSnWD.css' type='text/css' media='all'/> <link rel='stylesheet' id='avia-layout-css' href='http: ...[44152 bytes skipped]... | ||
http://lodts.org/lib/js/jquery/jquery.js.pagespeed.jm.z9hb-Gxqf6.js | 200 OK Content-Length: 95719 Content-Type: application/x-javascript | clean |
http://lodts.org/lib,_js,_jquery,_jquery-migrate.min.js+modules,_95e68aeb,_rs-plugin,_js,_jquery.themepunch.plugins.min.js.pagespeed.jc.tegTJSTN1d.js | 200 OK Content-Length: 22984 Content-Type: application/javascript | clean |
http://lodts.org/modules/95e68aeb/rs-plugin/js/jquery.themepunch.revolution.min.js | 200 OK Content-Length: 55679 Content-Type: application/x-javascript | clean |
http://lodts.org/wp-content/plugins/extrawatch/components/com_extrawatch/js/extrawatch.js.pagespeed.jm.6L2bf_H5je.js | 200 OK Content-Length: 7137 Content-Type: application/x-javascript | clean |
http://lodts.org/template/js/avia.js.pagespeed.jm.bAMby4X8Db.js | 200 OK Content-Length: 82996 Content-Type: application/x-javascript | clean |
http://lodts.org/template/js/shortcodes.js | 200 OK Content-Length: 82668 Content-Type: application/x-javascript | clean |
http://lodts.org/template/js/aviapopup/jquery.magnific-popup.min.js.pagespeed.jm.AAUdvL50L_.js | 200 OK Content-Length: 20818 Content-Type: application/x-javascript | clean |
http://lodts.org/lib/js/mediaelement/mediaelement-and-player.min.js | 200 OK Content-Length: 76776 Content-Type: application/x-javascript | clean |
http://lodts.org/lib/js/mediaelement,_wp-mediaelement.js+comment-reply.min.js.pagespeed.jc.KjNIjV-N-A.js | 200 OK Content-Length: 1538 Content-Type: application/javascript | clean |
http://www.lodts.org/?s= | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Wed, 11 Mar 2015 21:26:28 GMT Pragma: no-cache Via: 1.1 varnish-v4 Age: 0 Location: http://lodts.org/search/ Server: Apache/2.2.29 (CentOS) DAV/2 PHP/5.6.6 Vary: User-Agent,Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=5df506a8dab0be8c536302476afba2e1; path=/ X-Pingback: http://lodts.org/xmlrpc.php X-Powered-By: PHP/5.6.6 X-UA-Compatible: IE=edge,chrome=1 X-Varnish: 16229192 | clean |
http://lodts.org/search/ | 404 Not Found Content-Length: 25709 Content-Type: text/html | clean |
http://lodts.org/lib/js/jquery/jquery.js | 200 OK Content-Length: 95807 Content-Type: application/x-javascript | clean |
http://lodts.org/lib/js/jquery/jquery-migrate.min.js | 200 OK Content-Length: 7199 Content-Type: application/x-javascript | clean |
http://lodts.org/modules/95e68aeb/rs-plugin/js/jquery.themepunch.plugins.min.js | 200 OK Content-Length: 17060 Content-Type: application/x-javascript | clean |
http://lodts.org/template/js/avia-compat.js | 200 OK Content-Length: 1105 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: lodts.org
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=0, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 11 Mar 2015 21:26:24 GMT
Pragma: no-cache
Via: 1.1 varnish-v4
Accept-Ranges: bytes
Age: 0
Server: Apache/2.2.29 (CentOS) DAV/2 PHP/5.6.6
Vary: User-Agent,Accept-Encoding
Content-Length: 41239
Content-Type: text/html; charset=UTF-8
Link: <http://lodts.org/>; rel=shortlink
Set-Cookie: PHPSESSID=a30ecdd66dc9046b19b81515f76f292a; path=/
X-Mod-Pagespeed: 1.9.32.3-4448
X-Pingback: http://lodts.org/xmlrpc.php
X-Powered-By: PHP/5.6.6
X-UA-Compatible: IE=edge,chrome=1
X-Varnish: 17539194
...41239 bytes of data.
GET / HTTP/1.1
Host: lodts.org
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=0, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 11 Mar 2015 21:26:24 GMT
Pragma: no-cache
Via: 1.1 varnish-v4
Accept-Ranges: bytes
Age: 0
Server: Apache/2.2.29 (CentOS) DAV/2 PHP/5.6.6
Vary: User-Agent,Accept-Encoding
Content-Length: 41239
Content-Type: text/html; charset=UTF-8
Link: <http://lodts.org/>; rel=shortlink
Set-Cookie: PHPSESSID=a30ecdd66dc9046b19b81515f76f292a; path=/
X-Mod-Pagespeed: 1.9.32.3-4448
X-Pingback: http://lodts.org/xmlrpc.php
X-Powered-By: PHP/5.6.6
X-UA-Compatible: IE=edge,chrome=1
X-Varnish: 17539194
...41239 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: lodts.org
Referer: http://www.google.com/search?q=lodts.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: lodts.org
Referer: http://www.google.com/search?q=lodts.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=lodts.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://lodts.org/
Result: lodts.org is not infected or malware details are not published yet.
Result: lodts.org is not infected or malware details are not published yet.