Scanned pages/files
| Request | Server response | Status |
http://presidentsdesk.com/ | 200 OK Content-Length: 1847 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: +ADw-/title+AD4-Hacked ByDoldis / TurkHackTeam.Net ...[194 bytes skipped]... f]--> <!--[if IE 8 ]><html class="ie ie8" lang="en-US"> <![endif]--> <!--[if (gte IE 9)|!(IE)]><!--><html lang="en-US"> <!--<![endif]--><head> <meta charset="UTF-7" /> <meta name="viewport" content="width=device-width, initial-scale=1, minimum-scale=1, maximum-scale=1, user-scalable=no" /> <title>+ADw-/title+AD4-Hacked ByDoldis / TurkHackTeam.Net Hacked ByDoldis / TurkHackTeam.Net Hacked ByDoldis / TurkHackTeam.Net Hacked ByDoldis / TurkHackTeam.Net Hacked ByDoldis / TurkHackTeam.Net+ADw-DIV style+AD0AIg-DISPLAY: none+ACIAPgA8-xmp+AD4- | Presidents Desk</title> <link rel="profile" href="http://gmpg.org/xfn/11" /> <link rel="pingback" href="http://thepresidentsdesk.com/xmlrpc.php" /> <!-- ******************************************** ...[1073 bytes skipped]... | ||
http://presidentsdesk.com/test404page.js | 404 Not Found Content-Length: 53314 Content-Type: text/html | clean |
http://thepresidentsdesk.com/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 93085 Content-Type: application/javascript | clean |
http://thepresidentsdesk.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7199 Content-Type: application/javascript | clean |
http://thepresidentsdesk.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.44.0-2013.09.15 | 200 OK Content-Length: 14701 Content-Type: application/javascript | clean |
http://thepresidentsdesk.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.5.3 | 200 OK Content-Length: 8326 Content-Type: application/javascript | clean |
http://thepresidentsdesk.com/wp-includes/js/hoverIntent.min.js?ver=r7 | 200 OK Content-Length: 1116 Content-Type: application/javascript | clean |
http://thepresidentsdesk.com/wp-content/themes/theretailer/js/jquery.superfish-1.5.0.js?ver=1.5.0 | 200 OK Content-Length: 3234 Content-Type: application/javascript | clean |
http://thepresidentsdesk.com/wp-content/themes/theretailer/js/jquery.iosslider.min.js?ver=1.1.56 | 200 OK Content-Length: 28777 Content-Type: application/javascript | clean |
http://thepresidentsdesk.com/wp-content/themes/theretailer/js/footable-0.1.js?ver=0.1 | 200 OK Content-Length: 15545 Content-Type: application/javascript | clean |
http://thepresidentsdesk.com/wp-content/themes/theretailer/js/jquery.customSelect.min.js?ver=0.3.0 | 200 OK Content-Length: 1778 Content-Type: application/javascript | clean |
http://thepresidentsdesk.com/wp-content/themes/theretailer/inc/prettyphoto/js/jquery.prettyPhoto.min.js?ver=3.1.5 | 200 OK Content-Length: 21647 Content-Type: application/javascript | clean |
http://thepresidentsdesk.com/wp-content/themes/theretailer/js/init.js?ver=1.1 | 200 OK Content-Length: 13504 Content-Type: application/javascript | clean |
http://thepresidentsdesk.com/wp-content/themes/theretailer-child/js/html5.js?ver=3.6 | 404 Not Found Content-Length: 53314 Content-Type: text/html | clean |
http://thepresidentsdesk.com/wp-content/themes/theretailer-child/js/respond.min.js | 404 Not Found Content-Length: 53314 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: presidentsdesk.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 08 Jul 2014 19:15:19 GMT
Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Encoding: none
Content-Type: text/html; charset=UTF-7
Link: <http://thepresidentsdesk.com/?p=99>; rel=shortlink
Set-Cookie: wc_session_cookie_630e59d4b54a8f783caa8a5f9005e4fb=YsNQ7B8GegN0rU0ZIfHdTbQ1Luuyh07t%7C%7C1405019722%7C%7C1405016122%7C%7C4b737a16c9a7de08279c6d69c6f01097; expires=Thu, 10-Jul-2014 19:15:22 GMT; path=/; httponly
Set-Cookie: woocommerce_items_in_cart=0; expires=Tue, 08-Jul-2014 18:15:22 GMT; path=/
Set-Cookie: woocommerce_cart_hash=0; expires=Tue, 08-Jul-2014 18:15:22 GMT; path=/
X-Died: timeout at scan.pm line 1538.
X-Pingback: http://thepresidentsdesk.com/xmlrpc.php
X-Powered-By: PHP/5.3.10
GET / HTTP/1.1
Host: presidentsdesk.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 08 Jul 2014 19:15:19 GMT
Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Encoding: none
Content-Type: text/html; charset=UTF-7
Link: <http://thepresidentsdesk.com/?p=99>; rel=shortlink
Set-Cookie: wc_session_cookie_630e59d4b54a8f783caa8a5f9005e4fb=YsNQ7B8GegN0rU0ZIfHdTbQ1Luuyh07t%7C%7C1405019722%7C%7C1405016122%7C%7C4b737a16c9a7de08279c6d69c6f01097; expires=Thu, 10-Jul-2014 19:15:22 GMT; path=/; httponly
Set-Cookie: woocommerce_items_in_cart=0; expires=Tue, 08-Jul-2014 18:15:22 GMT; path=/
Set-Cookie: woocommerce_cart_hash=0; expires=Tue, 08-Jul-2014 18:15:22 GMT; path=/
X-Died: timeout at scan.pm line 1538.
X-Pingback: http://thepresidentsdesk.com/xmlrpc.php
X-Powered-By: PHP/5.3.10
Second query (visit from search engine):
GET / HTTP/1.1
Host: presidentsdesk.com
Referer: http://www.google.com/search?q=presidentsdesk.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: presidentsdesk.com
Referer: http://www.google.com/search?q=presidentsdesk.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=presidentsdesk.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://presidentsdesk.com/
Result: presidentsdesk.com is not infected or malware details are not published yet.
Result: presidentsdesk.com is not infected or malware details are not published yet.