Scanned pages/files
Request | Server response | Status |
http://qatifterritory.net/ | 200 OK Content-Length: 15935 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by GhostKdi ...[12047 bytes skipped]... <div id="system-message-container"> </div> <div class="blog-featured"> <div class="items-leading"> <div class="leading-0"> <h2> <a href="/index.php/using-joomla/extensions/components/content-component/article-category-list/24-joomla"> Hacked by GhostKdi</a> </h2> <p style="text-align: center;"><img class="decoded" src="http://ximg.us/upload/1395221318.png" border="0" alt="http://ximg.us/upload/1395221318.png" /></p> <div class="item-separator"></div> </div> </div> <div class="items-row cols-3 row-0"> <div class="item column-1"> <h2> <a href="/index.php/using-joomla/extensio ...[6353 bytes skipped]... | ||
http://qatifterritory.net/media/system/js/core.js | 200 OK Content-Length: 4225 Content-Type: text/javascript | clean |
http://qatifterritory.net/media/system/js/mootools-core.js | 200 OK Content-Length: 88540 Content-Type: text/javascript | clean |
http://qatifterritory.net/media/system/js/caption.js | 200 OK Content-Length: 800 Content-Type: text/javascript | clean |
http://qatifterritory.net/media/system/js/mootools-more.js | 200 OK Content-Length: 238128 Content-Type: text/javascript | clean |
http://qatifterritory.net/templates/beez_20/javascript/md_stylechanger.js | 200 OK Content-Length: 2104 Content-Type: text/javascript | clean |
http://qatifterritory.net/templates/beez_20/javascript/hide.js | 200 OK Content-Length: 7735 Content-Type: text/javascript | clean |
http://qatifterritory.net/index.php/sample-sites | 200 OK Content-Length: 13813 Content-Type: text/html | clean |
http://qatifterritory.net/index.php/ | 200 OK Content-Length: 15945 Content-Type: text/html | clean |
http://qatifterritory.net/index.php/getting-started | 200 OK Content-Length: 14529 Content-Type: text/html | clean |
http://qatifterritory.net/index.php/using-joomla | 200 OK Content-Length: 13109 Content-Type: text/html | clean |
http://qatifterritory.net/index.php/using-joomla/extensions | 200 OK Content-Length: 17482 Content-Type: text/html | clean |
http://qatifterritory.net/index.php/using-joomla/ | 200 OK Content-Length: 13110 Content-Type: text/html | clean |
http://qatifterritory.net/index.php/using-joomla/parameters | 200 OK Content-Length: 14668 Content-Type: text/html | clean |
http://qatifterritory.net/index.php/using-joomla/getting-help | 200 OK Content-Length: 13458 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: qatifterritory.net
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Mon, 05 May 2014 03:59:16 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 6909bcfa66e876c5cdb72ad06eef8e80=qe3p8qa1b830rsbq151qtarff2; path=/
GET / HTTP/1.1
Host: qatifterritory.net
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Mon, 05 May 2014 03:59:16 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 6909bcfa66e876c5cdb72ad06eef8e80=qe3p8qa1b830rsbq151qtarff2; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: qatifterritory.net
Referer: http://www.google.com/search?q=qatifterritory.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: qatifterritory.net
Referer: http://www.google.com/search?q=qatifterritory.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=qatifterritory.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://qatifterritory.net/
Result: qatifterritory.net is not infected or malware details are not published yet.
Result: qatifterritory.net is not infected or malware details are not published yet.