Scanned pages/files
| Request | Server response | Status |
http://mrlyden.com/ | 200 OK Content-Length: 10920 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by GhostKdi ...[9626 bytes skipped]... </div><!-- end navi --> <div id="wrapper2" > <div id="main"> <div class="blog-featured"> <div class="items-leading"> <div class="leading-0"> <h2> <a href="/index.php/using-joomla/extensions/components/content-component/article-category-list/24-joomla"> Hacked by GhostKdi</a> </h2> <p><img class="decoded" src="http://ximg.us/upload/1395221318.png" border="0" alt="http://ximg.us/upload/1395221318.png" width="534" height="1096" style="display: block; margin-left: auto; margin-right: auto;" /></p> <div class="item-separator"></div> </div> </div> <div class="items-row cols-3 row-0"> <div class="item column-1"> | ||
http://mrlyden.com/media/system/js/core.js | 200 OK Content-Length: 3616 Content-Type: application/javascript | clean |
http://mrlyden.com/media/system/js/mootools-core.js | 200 OK Content-Length: 83987 Content-Type: application/javascript | clean |
http://mrlyden.com/media/system/js/caption.js | 200 OK Content-Length: 800 Content-Type: application/javascript | clean |
http://mrlyden.com/media/system/js/mootools-more.js | 200 OK Content-Length: 224389 Content-Type: application/javascript | clean |
http://mrlyden.com/templates/beez5/javascript/md_stylechanger.js | 200 OK Content-Length: 2104 Content-Type: application/javascript | clean |
http://mrlyden.com/templates/beez5/javascript/hide.js | 200 OK Content-Length: 7704 Content-Type: application/javascript | clean |
http://mrlyden.com/index.php/sample-sites | 200 OK Content-Length: 8852 Content-Type: text/html | clean |
http://mrlyden.com/index.php/ | 200 OK Content-Length: 10930 Content-Type: text/html | clean |
http://mrlyden.com/index.php/getting-started | 200 OK Content-Length: 9581 Content-Type: text/html | clean |
http://mrlyden.com/index.php/using-joomla | 200 OK Content-Length: 8150 Content-Type: text/html | clean |
http://mrlyden.com/index.php/using-joomla/extensions | 200 OK Content-Length: 12447 Content-Type: text/html | clean |
http://mrlyden.com/index.php/using-joomla/ | 200 OK Content-Length: 8151 Content-Type: text/html | clean |
http://mrlyden.com/index.php/using-joomla/parameters | 200 OK Content-Length: 9708 Content-Type: text/html | clean |
http://mrlyden.com/index.php/using-joomla/getting-help | 200 OK Content-Length: 8504 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: mrlyden.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Fri, 05 Sep 2014 00:08:29 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: a3a3e12a09984c0aed3c8fb88ad0777d=p1qcp3e8gj5n5qk3k6gmgm9vh4; path=/
GET / HTTP/1.1
Host: mrlyden.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Fri, 05 Sep 2014 00:08:29 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: a3a3e12a09984c0aed3c8fb88ad0777d=p1qcp3e8gj5n5qk3k6gmgm9vh4; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: mrlyden.com
Referer: http://www.google.com/search?q=mrlyden.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: mrlyden.com
Referer: http://www.google.com/search?q=mrlyden.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=mrlyden.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://mrlyden.com/
Result: mrlyden.com is not infected or malware details are not published yet.
Result: mrlyden.com is not infected or malware details are not published yet.