Scanned pages/files
Request | Server response | Status |
http://pontevedraathletics.com/ | 200 OK Content-Length: 1332 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED BY Mr.M0R0 MOROCCAN HACKER <html>
<head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1252"> <title>HACKED BY Mr.M0R0 MOROCCAN HACKER</title> </head> <body> <p align="center"><img border="0" src="http://p4.storage.canalblog.com/46/95/864954/65130309_p.gif"></p> <p align="center"> HACKED AND DEFACED BY Mr.MORO MOROCCAN HACKER</p> <p align="center"> WHAT THE HELL IS GOING ON HERE YOUR SECURITY IS LIKE A SHIT</p> <p a ...[1124 bytes skipped]... | ||
http://pontevedraathletics.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Mon, 14 Apr 2014 20:22:06 GMT Location: http://pontevedra.powermediallc.org/index.php Server: Apache Content-Length: 302 Content-Type: text/html; charset=iso-8859-1 | clean |
http://pontevedra.powermediallc.org/index.php | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 14 Apr 2014 20:22:07 GMT Pragma: no-cache Location: http://pontevedra.powermediallc.org/ Server: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=e23c7ac0ab84bf66e66bb681787a2ef8; path=/ X-Pingback: http://pontevedra.powermediallc.org/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://pontevedra.powermediallc.org/ | 200 OK Content-Length: 39128 Content-Type: text/html | clean |
http://pontevedra.powermediallc.org/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 93085 Content-Type: application/javascript | clean |
http://pontevedra.powermediallc.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://pontevedra.powermediallc.org/wp-content/plugins/wp-imagefit/js/jquery.imagefit.min.js?ver=3.8 | 200 OK Content-Length: 733 Content-Type: application/javascript | clean |
http://pontevedra.powermediallc.org/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.js?ver=1.3.3 | 200 OK Content-Length: 9986 Content-Type: application/javascript | clean |
http://pontevedra.powermediallc.org/wp-content/plugins/nextgen-gallery/js/jquery.cycle.all.min.js?ver=2.9995 | 200 OK Content-Length: 26590 Content-Type: application/javascript | clean |
http://pontevedra.powermediallc.org/wp-content/plugins/nextgen-gallery/js/ngg.slideshow.min.js?ver=1.06 | 200 OK Content-Length: 1791 Content-Type: application/javascript | clean |
http://tag.contextweb.com/TagPublish/getjs.aspx?action=VIEWAD&cwrun=200&cwadformat=728X90&cwpid=528814&cwwidth=728&cwheight=90&cwpnet=1&cwtagid=85778 | 200 OK Content-Length: 571 Content-Type: application/x-javascript | clean |
http://lite.piclens.com/current/piclens_optimized.js?ver=3.8 | 200 OK Content-Length: 21750 Content-Type: application/x-javascript | clean |
http://pontevedraathletics.com/../department-info/store/ | 400 Bad Request Content-Length: 130 Content-Type: text/html | clean |
http://pontevedraathletics.com/photos/ | HTTP/1.1 302 Found Connection: close Date: Mon, 14 Apr 2014 20:22:18 GMT Location: http://pontevedra.powermediallc.org/index.php Server: Apache Content-Length: 302 Content-Type: text/html; charset=iso-8859-1 | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: pontevedraathletics.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 14 Apr 2014 20:22:05 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
GET / HTTP/1.1
Host: pontevedraathletics.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 14 Apr 2014 20:22:05 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: pontevedraathletics.com
Referer: http://www.google.com/search?q=pontevedraathletics.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: pontevedraathletics.com
Referer: http://www.google.com/search?q=pontevedraathletics.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=pontevedraathletics.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://pontevedraathletics.com/
Result: pontevedraathletics.com is not infected or malware details are not published yet.
Result: pontevedraathletics.com is not infected or malware details are not published yet.