Scanned pages/files
Request | Server response | Status |
http://scandinaviandiets.com/ | 200 OK Content-Length: 12970 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by 4n0nk!d <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <meta name="title" content="Hacked by 4n0nk!d"> <meta name="description" content=" Hacked by Mutha Fuckin' 4n0nk!d "> <meta name="keywords" content="4n0nk!d "> <title>Hacked by 4n0nk!d</title> <script> function popWindow(path, pwidth, pheight) { day = new Date(); id = day.getTime(); eval("page" + id + " = window.open('" + path + "', '" + id + " ...[14870 bytes skipped]... | ||
http://scandinaviandiets.com/Scripts/AC_RunActiveContent.js | 200 OK Content-Length: 8318 Content-Type: application/x-javascript | clean |
http://scandinaviandiets.com/index.php | 200 OK Content-Length: 12970 Content-Type: text/html | clean |
http://scandinaviandiets.com/password_retrieval.php | 200 OK Content-Length: 7837 Content-Type: text/html | clean |
https://ssl.google-analytics.com/urchin.js | 200 OK Content-Length: 22678 Content-Type: text/javascript | clean |
http://scandinaviandiets.com/health_test.php | 200 OK Content-Length: 10821 Content-Type: text/html | clean |
http://scandinaviandiets.com/tour.php | 200 OK Content-Length: 16994 Content-Type: text/html | clean |
http://scandinaviandiets.com/overview.php | 200 OK Content-Length: 11479 Content-Type: text/html | clean |
http://scandinaviandiets.com/success_stories.php | 200 OK Content-Length: 39443 Content-Type: text/html | clean |
http://scandinaviandiets.com/retreat.php | 200 OK Content-Length: 11333 Content-Type: text/html | clean |
http://scandinaviandiets.com/join.php | 200 OK Content-Length: 39472 Content-Type: text/html | clean |
http://scandinaviandiets.com//VERIFY.AUTHORIZE.NET/anetseal/seal.js/ | 404 Not Found Content-Length: 518 Content-Type: text/html | clean |
http://scandinaviandiets.com/test404page.js | 404 Not Found Content-Length: 494 Content-Type: text/html | clean |
http://scandinaviandiets.com/gi.php | 200 OK Content-Length: 16258 Content-Type: text/html | clean |
http://scandinaviandiets.com/faq.php | 200 OK Content-Length: 12363 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: scandinaviandiets.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 16 Apr 2014 15:32:04 GMT
Pragma: no-cache
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=02ed15a415a1471547502b732d641a99; path=/
X-Powered-By: PHP/4.4.9
GET / HTTP/1.1
Host: scandinaviandiets.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 16 Apr 2014 15:32:04 GMT
Pragma: no-cache
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=02ed15a415a1471547502b732d641a99; path=/
X-Powered-By: PHP/4.4.9
Second query (visit from search engine):
GET / HTTP/1.1
Host: scandinaviandiets.com
Referer: http://www.google.com/search?q=scandinaviandiets.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: scandinaviandiets.com
Referer: http://www.google.com/search?q=scandinaviandiets.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=scandinaviandiets.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://scandinaviandiets.com/
Result: scandinaviandiets.com is not infected or malware details are not published yet.
Result: scandinaviandiets.com is not infected or malware details are not published yet.