Scanned pages/files
| Request | Server response | Status |
http://proflaser.de/ | 200 OK Content-Length: 4979 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By ZeynnymouZ ...[4630 bytes skipped]... <div class="container"> <hr class="space" /> <div class="joomla-header span-16 append-1"> <h1>proflaser.de</h1> </div> </div> <div class="container"> <div class="span-16 append-1"> <div id="system-message-container"> </div> <div class="item-page"> <p>Hacked By ZeynnymouZ</p> <p>Â </p> <p>Hi Admin, your website have a bug,</p> <p>Be secure, your security get down !</p> <p>Â </p> <p>Â sh0tz :Â </p> <p>Vulnerable Dot ID - MR.COM - Rahyde-ID - Â YousefJafar04 - Â ?Mr.bonz-101 - ./BlaDDzeRR - Â CoMoDo \!/</p> <p>Â </p> <p>Â </p> <p>#IndonesianPeople</p> </div> <hr / ...[240 bytes skipped]... | ||
http://proflaser.de/media/system/js/core.js | 200 OK Content-Length: 4225 Content-Type: application/javascript | clean |
http://proflaser.de/media/system/js/mootools-core.js | 200 OK Content-Length: 88540 Content-Type: application/javascript | clean |
http://proflaser.de/media/system/js/caption.js | 200 OK Content-Length: 800 Content-Type: application/javascript | clean |
http://proflaser.de/plugins/system/tabber/js/script.js | 200 OK Content-Length: 624 Content-Type: application/javascript | clean |
http://proflaser.de/media/system/js/mootools-more.js | 200 OK Content-Length: 238128 Content-Type: application/javascript | clean |
http://proflaser.de/templates/atomic/js/template.js | 200 OK Content-Length: 27 Content-Type: application/javascript | clean |
http://proflaser.de/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: proflaser.de
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Fri, 19 Dec 2014 02:36:31 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 7b913ab5186dc13959b9c6d7e6421f70=221166f64f9650f2b7606228eb838e28; path=/
X-Powered-By: PHP/5.4.34-nmm1
GET / HTTP/1.1
Host: proflaser.de
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Fri, 19 Dec 2014 02:36:31 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 7b913ab5186dc13959b9c6d7e6421f70=221166f64f9650f2b7606228eb838e28; path=/
X-Powered-By: PHP/5.4.34-nmm1
Second query (visit from search engine):
GET / HTTP/1.1
Host: proflaser.de
Referer: http://www.google.com/search?q=proflaser.de
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: proflaser.de
Referer: http://www.google.com/search?q=proflaser.de
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=proflaser.de
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://proflaser.de/
Result: proflaser.de is not infected or malware details are not published yet.
Result: proflaser.de is not infected or malware details are not published yet.