Scanned pages/files
Request | Server response | Status |
http://photocapture.net/ | 200 OK Content-Length: 6218 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by Gl0w!Ng - F!R3 <html><head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8"> <meta name="Keywords" content="Hacked by Gl0w!Ng - F!R3"> <title>HackeD by Gl0w!Ng - F!R3</title> <link rel="shortcut icon" href="http://i.imgur.com/0GMkxvn.png?1"> <style type="text/css"> body{background: url(http://w4dve.bmcwest.net/Space.gif);} .name { text-decoration: none;} @-moz-keyframes roll { 100% { -moz-transform: rotate(1440deg); } } @-o-keyframes roll { 100% { -o-transform: rotate(1440deg); } } @-webkit ...[7036 bytes skipped]... | ||
http://photocapture.net/test404page.js | 404 Not Found Content-Length: 8715 Content-Type: text/html | clean |
http://photocapture.net/wp-includes/js/jquery/jquery.js?ver=1.11.2 | 200 OK Content-Length: 95952 Content-Type: application/x-javascript | clean |
http://photocapture.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/x-javascript | clean |
http://photocapture.net/wp-content/themes/twentyfifteen/js/skip-link-focus-fix.js?ver=20141010 | 200 OK Content-Length: 727 Content-Type: application/x-javascript | clean |
http://photocapture.net/wp-content/themes/twentyfifteen/js/functions.js?ver=20150330 | 200 OK Content-Length: 5188 Content-Type: application/x-javascript | clean |
http://photocapture.net/2015/08/28/hello-world/ | 200 OK Content-Length: 13204 Content-Type: text/html | clean |
http://photocapture.net/wp-includes/js/comment-reply.min.js?ver=4.2.5 | 200 OK Content-Length: 757 Content-Type: application/x-javascript | clean |
http://photocapture.net/2015/08/ | 200 OK Content-Length: 9033 Content-Type: text/html | clean |
http://photocapture.net/category/uncategorized/ | 200 OK Content-Length: 9269 Content-Type: text/html | clean |
http://photocapture.net/wp-login.php | 200 OK Content-Length: 2703 Content-Type: text/html | clean |
http://photocapture.net/wp-login.php?action=lostpassword | 200 OK Content-Length: 2351 Content-Type: text/html | clean |
http://photocapture.net/feed/ | 200 OK Content-Length: 1659 Content-Type: text/xml | clean |
http://photocapture.net/comments/feed/ | 200 OK Content-Length: 1467 Content-Type: text/xml | clean |
http://photocapture.net/author/orion/ | 200 OK Content-Length: 9234 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: photocapture.net
Result:
HTTP/1.1 200 OK
Date: Sun, 06 Dec 2015 01:02:29 GMT
Server: Microsoft-IIS/7.0
Content-Length: 6218
Content-Type: text/html; charset=UTF-8
X-Pingback: http://photocapture.net/xmlrpc.php
X-Powered-By: ASP.NET
...6218 bytes of data.
GET / HTTP/1.1
Host: photocapture.net
Result:
HTTP/1.1 200 OK
Date: Sun, 06 Dec 2015 01:02:29 GMT
Server: Microsoft-IIS/7.0
Content-Length: 6218
Content-Type: text/html; charset=UTF-8
X-Pingback: http://photocapture.net/xmlrpc.php
X-Powered-By: ASP.NET
...6218 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: photocapture.net
Referer: http://www.google.com/search?q=photocapture.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: photocapture.net
Referer: http://www.google.com/search?q=photocapture.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=photocapture.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://photocapture.net/
Result: photocapture.net is not infected or malware details are not published yet.
Result: photocapture.net is not infected or malware details are not published yet.