Scanned pages/files
| Request | Server response | Status |
http://scoffasaurus.com/ | 200 OK Content-Length: 50156 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: +ADw-/title+AD4-HACKED BY AYYILDIZ T+ACYAIw-304+ADs-M <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> <html xml:lang="en" xmlns="http://www.w3.org/1999/xhtml"> <head> <title>+ADw-/title+AD4-HACKED BY AYYILDIZ T+ACYAIw-304+ADs-M KARACABEY CEDKAN-KEREMSAHNOYAN-ALBAYRAK-LAROVV-MURADI-KARAHAN-MEMO-KARACABEY HACKED BY AYYILDIZ T+ACYAIw-304+ADs-M KARACABEY CEDKAN-KEREMSAHNOYAN-ALBAYRAK-LAROVV-MURADI-KARAHAN-MEMO-KARACABEY HACKED BY AYYILDIZ T+ACYAIw-304+ADs-M KARACABEY CEDKAN-KEREMSAHNOYAN-ALBAYRAK-LAROVV-MURADI-KARAHAN-MEMO-KARACABEY HACKED BY AYYILDIZ T+ACY ...[59295 bytes skipped]... | ||
http://scoffasaurus.com/wp-includes/js/l10n.js?ver=20101110 | 200 OK Content-Length: 308 Content-Type: application/javascript | clean |
http://scoffasaurus.com/wp-content/plugins/recipe-press/js/recipe-form.js?ver=3.1.3 | 200 OK Content-Length: 6141 Content-Type: application/javascript | clean |
http://scoffasaurus.com/wp-includes/js/jquery/jquery.js?ver=1.4.4 | 200 OK Content-Length: 78620 Content-Type: application/javascript | clean |
http://scoffasaurus.com/wp-content/plugins/google-analyticator/external-tracking.min.js?ver=6.1.3 | 200 OK Content-Length: 927 Content-Type: application/javascript | clean |
http://scoffasaurus.com/?feed=rss2 | 200 OK Content-Length: 43487 Content-Type: text/xml | clean |
http://scoffasaurus.com/wp-content/uploads/2010/03/peashooter.jpg | 200 OK Content-Length: 300468 Content-Type: image/jpeg | clean |
http://scoffasaurus.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://scoffasaurus.com/?page_id=2 | 200 OK Content-Length: 48377 Content-Type: text/html | clean |
http://scoffasaurus.com/wp-includes/js/comment-reply.js?ver=20090102 | 200 OK Content-Length: 786 Content-Type: application/javascript | clean |
http://scoffasaurus.com/?cat=16 | 200 OK Content-Length: 46505 Content-Type: text/html | clean |
http://scoffasaurus.com/?cat=6 | 200 OK Content-Length: 46295 Content-Type: text/html | clean |
http://scoffasaurus.com/?cat=27 | 200 OK Content-Length: 46328 Content-Type: text/html | clean |
http://scoffasaurus.com/?cat=14 | 200 OK Content-Length: 46845 Content-Type: text/html | clean |
http://scoffasaurus.com/?cat=1 | 200 OK Content-Length: 46801 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: scoffasaurus.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 17 Sep 2014 09:39:24 GMT
Server: Apache
Content-Length: 50156
Content-Type: text/html; charset=UTF-7
X-Pingback: http://scoffasaurus.com/xmlrpc.php
...50156 bytes of data.
GET / HTTP/1.1
Host: scoffasaurus.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 17 Sep 2014 09:39:24 GMT
Server: Apache
Content-Length: 50156
Content-Type: text/html; charset=UTF-7
X-Pingback: http://scoffasaurus.com/xmlrpc.php
...50156 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: scoffasaurus.com
Referer: http://www.google.com/search?q=scoffasaurus.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: scoffasaurus.com
Referer: http://www.google.com/search?q=scoffasaurus.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=scoffasaurus.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://scoffasaurus.com/
Result: scoffasaurus.com is not infected or malware details are not published yet.
Result: scoffasaurus.com is not infected or malware details are not published yet.