Scanned pages/files
| Request | Server response | Status |
http://sanpedroayso.org/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 24 Sep 2014 12:07:53 GMT Location: http://www.sanpedroayso.org/ Server: Apache Vary: Accept-Encoding Content-Length: 236 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.sanpedroayso.org/ | 200 OK Content-Length: 1209 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED BY VATANSEVDALISI ...[220 bytes skipped]... t;link rel="Shortcut Icon" href="http://i.hizliresim.com/eoLDm9.png" type="image/x-icon"> <bgsound src="http://www.uploadmusic.org/MUSIC/8460021397570099.mp3" loop=1"infinite" balance="0"> <embed src = "http://www.uploadmusic.org/MUSIC/9158391402737197.mp3" autostart = true hidden = true> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>HACKED BY VATANSEVDALISI</title> <style type="text/css"> <!-- body { background-color: #000000; background-image: url(http://i.hizliresim.com/4mvVEA.jpg); min-width:650px; background-clip:box; background-origin:padding-box; background-size:cover; background-position:center; background-attachment:fixed;} .style14 {color: #FFFFFF; font-weight: bold; } .style37 { color: #F0F0F0; font-weight: bo ...[309 bytes skipped]... | ||
http://www.sanpedroayso.org/test404page.js | HTTP/1.1 404 Not Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Wed, 24 Sep 2014 12:07:54 GMT Pragma: no-cache Location: http://www.eteamz.com/aysoregion6/ Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Last-Modified: Wed, 24 Sep 2014 12:07:57 GMT Set-Cookie: PHPSESSID=LAqk1Owi5ymU16nzZ42La2; path=/ X-Pingback: http://www.sanpedroayso.org/xmlrpc.php | clean |
http://www.eteamz.com/aysoregion6/ | 200 OK Content-Length: 61133 Content-Type: text/html | clean |
http://www.eteamz.com/z/sitez/main/lib.js | 200 OK Content-Length: 1804 Content-Type: application/x-javascript | clean |
http://www.sanpedroayso.org/z/javascript/embedControls.js | HTTP/1.1 404 Not Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Wed, 24 Sep 2014 12:08:01 GMT Pragma: no-cache Location: http://www.eteamz.com/aysoregion6/ Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Last-Modified: Wed, 24 Sep 2014 12:08:02 GMT Set-Cookie: PHPSESSID=4sd-E7wFQL74bPrgFbvN83; path=/ X-Pingback: http://www.sanpedroayso.org/xmlrpc.php | clean |
http://www.eteamz.com/test404page.js | 404 Object Not Found Content-Length: 21776 Content-Type: text/html | clean |
http://www.eteamz.com/z/javascript/prototype.js | 200 OK Content-Length: 96311 Content-Type: application/x-javascript | clean |
http://www.eteamz.com/z/javascript/effects.js | 200 OK Content-Length: 38228 Content-Type: application/x-javascript | clean |
http://www.eteamz.com/z/javascript/shared.js | 200 OK Content-Length: 1275 Content-Type: application/x-javascript | clean |
https://ad.doubleclick.net/adj/eteamz.tan//error page;tile=1;channel=;subchannel=;tanproduct=eteamz;b2borb2c=;feature=error_page;subfeature1=404;subfeature2=;subfeature3=;sz=160x600;position=sky_right_top;eventlisting=noeventlisting;country=;state=;typeid=;gender=;age=;skill=;siteid=;org=;fldr=;stemp=;scat=;stype=;ord=91705134;? | 200 OK Content-Length: 19 Content-Type: text/javascript | clean |
https://ad.doubleclick.net/adj/eteamz.tan//error page;tile=2;channel=;subchannel=;tanproduct=eteamz;b2borb2c=;feature=error_page;subfeature1=404;subfeature2=;subfeature3=;sz=1x1;position=pop_up;eventlisting=noeventlisting;country=;state=;typeid=;gender=;age=;skill=;siteid=;org=;fldr=;stemp=;scat=;stype=;ord=91705134;? | 200 OK Content-Length: 19 Content-Type: text/javascript | clean |
http://www.eteamz.com/z/javascript/tan_code_tnt2sc_integration_prod.js | 200 OK Content-Length: 45269 Content-Type: application/x-javascript | clean |
http://www.eteamz.com//secure.quantserve.com/quant.js/ | HTTP/1.1 302 Moved Temporarily Date: Wed, 24 Sep 2014 12:07:39 GMT Location: /company/404/index.cfm?error=no+site+found-secure.quantserve.com Server: Microsoft-IIS/7.5 Content-Length: 700 Content-Type: text/html; charset=UTF-8 Set-Cookie: CFID=253292523;expires=Fri, 16-Sep-2044 12:07:40 GMT;path=/ Set-Cookie: CFTOKEN=1a5812605fe38d5-A78F5063-D955-EF5F-CD640E75AC749930;expires=Fri, 16-Sep-2044 12:07:40 GMT;path=/ Set-Cookie: JSESSIONID=5630aea89c1114425d907056f242f65271e1;path=/ Set-Cookie: BIGipServer~SPORTS~eteamz.com_http=2148890378.20480.0000; expires=Wed, 24-Sep-2014 16:07:40 GMT; path=/ X-Powered-By: ASP.NET | clean |
http://www.eteamz.com/company/404/index.cfm?error=no+site+found-secure.quantserve.com | 404 Object Not Found Content-Length: 21823 Content-Type: text/html | clean |
https://ad.doubleclick.net/adj/eteamz.tan//error page;tile=1;channel=;subchannel=;tanproduct=eteamz;b2borb2c=;feature=error_page;subfeature1=404;subfeature2=;subfeature3=;sz=160x600;position=sky_right_top;eventlisting=noeventlisting;country=;state=;typeid=;gender=;age=;skill=;siteid=;org=;fldr=;stemp=;scat=;stype=;ord=4847073;? | 200 OK Content-Length: 19 Content-Type: text/javascript | clean |
https://ad.doubleclick.net/adj/eteamz.tan//error page;tile=2;channel=;subchannel=;tanproduct=eteamz;b2borb2c=;feature=error_page;subfeature1=404;subfeature2=;subfeature3=;sz=1x1;position=pop_up;eventlisting=noeventlisting;country=;state=;typeid=;gender=;age=;skill=;siteid=;org=;fldr=;stemp=;scat=;stype=;ord=4847073;? | 200 OK Content-Length: 19 Content-Type: text/javascript | clean |
http://www.eteamz.com/ | 200 OK Content-Length: 58933 Content-Type: text/html | clean |
http://www.eteamz.com/scripts/ip-utilities.js?ver=14.0.94.3 | 200 OK Content-Length: 73472 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: sanpedroayso.org
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 24 Sep 2014 12:07:53 GMT
Location: http://www.sanpedroayso.org/
Server: Apache
Vary: Accept-Encoding
Content-Length: 236
Content-Type: text/html; charset=iso-8859-1
...236 bytes of data.
GET / HTTP/1.1
Host: sanpedroayso.org
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 24 Sep 2014 12:07:53 GMT
Location: http://www.sanpedroayso.org/
Server: Apache
Vary: Accept-Encoding
Content-Length: 236
Content-Type: text/html; charset=iso-8859-1
...236 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: sanpedroayso.org
Referer: http://www.google.com/search?q=sanpedroayso.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: sanpedroayso.org
Referer: http://www.google.com/search?q=sanpedroayso.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=sanpedroayso.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://sanpedroayso.org/
Result: sanpedroayso.org is not infected or malware details are not published yet.
Result: sanpedroayso.org is not infected or malware details are not published yet.