Scanned pages/files
Request | Server response | Status |
http://onkettner.com/ | 200 OK Content-Length: 16750 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: +ADw-title+AD4-Hacked By Ayyildiz Tim+ADw-/title+AD4 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US" xml:lang="en-US"> <head profile="http://gmpg.org/xfn/11"> <meta http-equiv="content-type" content="text/html; charset=UTF-7" /> <title>+ADw-/title+AD4APA-html+AD4APA-head+AD4 +ADw-title+AD4-Hacked By Ayyildiz Tim+ADw-/title+AD4 +ADw-head+AD4APA-link rel+AD0AIg-shortcut icon+ACI href+AD0AIg-http://s1307.hizliresim.com/1c/n/qk7kn.png+ACI-/+AD4APA-/head+AD4 +ADw-body bgcolor+AD0AIg-black+ACIAPg +ADw-center+AD4APA-br+AD4 +ADw-/script+AD4APA-style type+AD0AIg-text/css+ACIAPg +ADwAIQ--- .ahgcrewstyle +AHs color: +ACM-F00+ADs +AH0 .ahg +AHs color: +ACM-0F0+ADs +AH0 --+AD4 ...[18248 bytes skipped]... | ||
http://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js?ver=3.4.2 | 200 OK Content-Length: 92629 Content-Type: text/javascript | clean |
http://onkettner.com/wp-includes/js/comment-reply.js?ver=3.4.2 | 200 OK Content-Length: 786 Content-Type: application/javascript | clean |
http://onkettner.com/wp-content/themes/cw-red/js/global.js?ver=3.4.2 | 200 OK Content-Length: 180 Content-Type: application/javascript | clean |
http://onkettner.com/?page_id=41 | 200 OK Content-Length: 17028 Content-Type: text/html | clean |
http://onkettner.com/?page_id=13 | 200 OK Content-Length: 16840 Content-Type: text/html | clean |
http://onkettner.com/?page_id=48 | 200 OK Content-Length: 16780 Content-Type: text/html | clean |
http://onkettner.com/?page_id=46 | 200 OK Content-Length: 16419 Content-Type: text/html | clean |
http://onkettner.com/?page_id=10 | 200 OK Content-Length: 18962 Content-Type: text/html | clean |
http://onkettner.com/?cat=3 | 200 OK Content-Length: 24465 Content-Type: text/html | clean |
http://onkettner.com/?cat=1 | 200 OK Content-Length: 23662 Content-Type: text/html | clean |
http://onkettner.com/?m=201307 | 200 OK Content-Length: 15561 Content-Type: text/html | clean |
http://onkettner.com/?m=201209 | 200 OK Content-Length: 28025 Content-Type: text/html | clean |
http://onkettner.com/?tag=relationship | 200 OK Content-Length: 20328 Content-Type: text/html | clean |
http://onkettner.com/?tag=disease | 200 OK Content-Length: 17410 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: onkettner.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 10 May 2014 16:39:04 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Type: text/html; charset=UTF-7
X-Pingback: http://onkettner.com/xmlrpc.php
X-Powered-By: PHP/5.3.26
GET / HTTP/1.1
Host: onkettner.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 10 May 2014 16:39:04 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Type: text/html; charset=UTF-7
X-Pingback: http://onkettner.com/xmlrpc.php
X-Powered-By: PHP/5.3.26
Second query (visit from search engine):
GET / HTTP/1.1
Host: onkettner.com
Referer: http://www.google.com/search?q=onkettner.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: onkettner.com
Referer: http://www.google.com/search?q=onkettner.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=onkettner.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://onkettner.com/
Result: onkettner.com is not infected or malware details are not published yet.
Result: onkettner.com is not infected or malware details are not published yet.