Scanned pages/files
Request | Server response | Status |
http://phast.us/ | 200 OK Content-Length: 20209 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED by LUN4T1C0 ...[1478 bytes skipped]... ss.pagespeed.cf.F5pjbD1DRQ.css' type='text/css' media='all'/> <link rel='stylesheet' id='rs-settings-css' href='http://phast.us/wp-content/plugins/revslider/rs-plugin/css/settings.css.pagespeed.ce.dLhMvlVeNK.css' type='text/css' media='all'/> <style id='rs-captions-css' media='all'><body style='color: transparent;background-color: black'><center><h1><b style='color: white'>HACKED by LUN4T1C0<p style='color: transparent'></style> <link rel='stylesheet' id='zn-bootstrapcss-css' href='http://phast.us/wp-content/themes/kallyas/css/bootstrap.css.pagespeed.ce.K9oSjvzoTj.css' type='text/css' media='all'/> <link rel='stylesheet' id='zn-superfish-css' href='http://phast.us/wp-content/themes/kallyas/addons/superfish_responsive/superfish.css.pagespeed.ce.1mMlqjmvH-.css' type='text/css' media='all'/> <link rel='stylesheet' id='zn-tem ...[19676 bytes skipped]... | ||
http://cdnjs.cloudflare.com/ajax/libs/modernizr/2.6.2/modernizr.min.js | 200 OK Content-Length: 15414 Content-Type: application/javascript | clean |
http://phast.us/wp-content/plugins/CuteSlider/js/cute.slider.js+cute.transitions.all.js.pagespeed.jc.maUBeFoi7Q.js | 200 OK Content-Length: 61083 Content-Type: application/javascript | clean |
http://cdnjs.cloudflare.com/ajax/libs/respond.js/1.1.0/respond.min.js | 200 OK Content-Length: 4069 Content-Type: application/javascript | clean |
http://phast.us/wp-includes/js/jquery/jquery.js.pagespeed.jm.iCH2ukpEYb.js | 200 OK Content-Length: 92997 Content-Type: application/javascript | clean |
http://phast.us/wp-includes/js/jquery/jquery-migrate.min.js.pagespeed.jm.mhpNjdU8Wl.js | 200 OK Content-Length: 7085 Content-Type: application/javascript | clean |
http://phast.us/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js | 200 OK Content-Length: 83792 Content-Type: application/javascript | clean |
http://phast.us/wp-content/themes/kallyas/js,_bootstrap.min.js+js,_plugins.js+addons,_superfish_responsive,_superfish_menu.js+addons,_prettyphoto,_jquery.prettyPhoto.js+js,_jquery.countdown.js.pagespeed.jc.9gVC2HkTSy.js | 200 OK Content-Length: 64295 Content-Type: application/javascript | clean |
http://phast.us/wp-content/themes/kallyas/js/znscript.js.pagespeed.jm.sodutle7T8.js | 200 OK Content-Length: 7445 Content-Type: application/javascript | clean |
http://phast.us/test404page.js | 404 Not Found Content-Length: 456 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: phast.us
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=0, no-cache
Connection: close
Date: Wed, 27 May 2015 19:35:01 GMT
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Vary: Accept-Encoding
Content-Length: 20209
Content-Type: text/html
X-Mod-Pagespeed: 1.9.32.3-4448
X-Powered-By: PHP/5.4.37
...20209 bytes of data.
GET / HTTP/1.1
Host: phast.us
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=0, no-cache
Connection: close
Date: Wed, 27 May 2015 19:35:01 GMT
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Vary: Accept-Encoding
Content-Length: 20209
Content-Type: text/html
X-Mod-Pagespeed: 1.9.32.3-4448
X-Powered-By: PHP/5.4.37
...20209 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: phast.us
Referer: http://www.google.com/search?q=phast.us
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: phast.us
Referer: http://www.google.com/search?q=phast.us
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=phast.us
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://phast.us/
Result: phast.us is not infected or malware details are not published yet.
Result: phast.us is not infected or malware details are not published yet.