Scanned pages/files
Request | Server response | Status |
http://scadasec.org/ | 200 OK Content-Length: 77183 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Anthem hacked by Heartbleed? ...[44429 bytes skipped]... es-new-certification-cdactc-april-fools/'>TrustedSec announces new certification CDACTC</a></li><li><a class='rsswidget' href='https://www.trustedsec.com/february-2015/social-engineer-toolkit-set-v6-2-released/'>The Social-Engineer Toolkit (SET) v6.2 released</a></li><li><a class='rsswidget' href='https://www.trustedsec.com/february-2015/anthem-hacked-heartbleed/'>Anthem hacked by Heartbleed?</a></li><li><a class='rsswidget' href='https://www.trustedsec.com/february-2015/anthem-breached-hunt-pii/'>Anthem Breached: The Hunt for PII</a></li><li><a class='rsswidget' href='https://www.trustedsec.com/january-2015/account-hunting-invoke-tokenmanipulation/'>Account Hunting for Invoke-TokenManipulation</a></li><li><a class='rsswidget' href='https://www.trustedsec.com/january-2015/ships-version-1-1 ...[48812 bytes skipped]... | ||
http://wifisec.com/wp-includes/js/jquery/jquery.js | 200 OK Content-Length: 95807 Content-Type: application/x-javascript | clean |
http://wifisec.com/wp-includes/js/jquery/jquery-migrate.min.js | 200 OK Content-Length: 7200 Content-Type: application/x-javascript | clean |
http://wifisec.com/wp-content/themes/foreverwood/js/html5.js | 200 OK Content-Length: 2487 Content-Type: application/x-javascript | clean |
http://wifisec.com/wp-content/themes/foreverwood/js/placeholders.js | 200 OK Content-Length: 3962 Content-Type: application/x-javascript | clean |
http://wifisec.com/wp-content/themes/foreverwood/js/scroll-to-top.js | 200 OK Content-Length: 530 Content-Type: application/x-javascript | clean |
http://wifisec.com/wp-content/themes/foreverwood/js/menubox.js | 200 OK Content-Length: 356 Content-Type: application/x-javascript | clean |
http://wifisec.com/wp-content/themes/foreverwood/js/selectnav.js | 200 OK Content-Length: 3744 Content-Type: application/x-javascript | clean |
http://wifisec.com/wp-content/themes/foreverwood/js/responsive.js | 200 OK Content-Length: 67 Content-Type: application/x-javascript | clean |
http://scadasec.org/test404page.js | 404 Not Found Content-Length: 64313 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: scadasec.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 05 Apr 2015 01:38:18 GMT
Accept-Ranges: bytes
Age: 0
Server: Apache/2
Content-Length: 77183
Content-Type: text/html; charset=UTF-8
X-Pingback: http://wifisec.com/xmlrpc.php
X-Powered-By: PHP/5.2.17
...77183 bytes of data.
GET / HTTP/1.1
Host: scadasec.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 05 Apr 2015 01:38:18 GMT
Accept-Ranges: bytes
Age: 0
Server: Apache/2
Content-Length: 77183
Content-Type: text/html; charset=UTF-8
X-Pingback: http://wifisec.com/xmlrpc.php
X-Powered-By: PHP/5.2.17
...77183 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: scadasec.org
Referer: http://www.google.com/search?q=scadasec.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: scadasec.org
Referer: http://www.google.com/search?q=scadasec.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=scadasec.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://scadasec.org/
Result: scadasec.org is not infected or malware details are not published yet.
Result: scadasec.org is not infected or malware details are not published yet.