Scanned pages/files
| Request | Server response | Status |
http://shiny-moments.com/ | 200 OK Content-Length: 18496 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by GhostKdi ...[12058 bytes skipped]... <div id="system-message-container"> </div> <div class="blog-featured"> <div class="items-leading"> <div class="leading-0"> <h2> <a href="/index.php/using-joomla/extensions/components/content-component/article-category-list/24-joomla"> Hacked by GhostKdi</a> </h2> <p style="text-align: center;"><img class="decoded" src="http://s8.postimg.org/oqp08mhnp/8i_IL1_Cx.png" border="0" alt="http://i.imgur.com/8iIL1Cx.png" width="487" height="484" /></p> <p style="text-align: center;"><span style="font-family: Trajan Pro; font-size: x-small;"><span style="text-shadow: 2px 0px 0.2em black, -2px 2px 0.2em Darkcyan, -2px -2px 0.2em black; color: #ffffff; font-family: Trajan Pr ...[9379 bytes skipped]... | ||
http://shiny-moments.com/media/system/js/core.js | 200 OK Content-Length: 4225 Content-Type: application/x-javascript | clean |
http://shiny-moments.com/media/system/js/mootools-core.js | 200 OK Content-Length: 88540 Content-Type: application/x-javascript | clean |
http://shiny-moments.com/media/system/js/caption.js | 200 OK Content-Length: 800 Content-Type: application/x-javascript | clean |
http://shiny-moments.com/media/system/js/mootools-more.js | 200 OK Content-Length: 238128 Content-Type: application/x-javascript | clean |
http://shiny-moments.com/templates/beez_20/javascript/md_stylechanger.js | 200 OK Content-Length: 2104 Content-Type: application/x-javascript | clean |
http://shiny-moments.com/templates/beez_20/javascript/hide.js | 200 OK Content-Length: 7735 Content-Type: application/x-javascript | clean |
http://shiny-moments.com/index.php/sample-sites | 200 OK Content-Length: 13646 Content-Type: text/html | clean |
http://shiny-moments.com/index.php/ | 200 OK Content-Length: 18506 Content-Type: text/html | clean |
http://shiny-moments.com/index.php/getting-started | 200 OK Content-Length: 14362 Content-Type: text/html | clean |
http://shiny-moments.com/index.php/using-joomla | 200 OK Content-Length: 12942 Content-Type: text/html | clean |
http://shiny-moments.com/index.php/using-joomla/extensions | 200 OK Content-Length: 17313 Content-Type: text/html | clean |
http://shiny-moments.com/index.php/using-joomla/ | 200 OK Content-Length: 12943 Content-Type: text/html | clean |
http://shiny-moments.com/index.php/using-joomla/parameters | 200 OK Content-Length: 14499 Content-Type: text/html | clean |
http://shiny-moments.com/index.php/using-joomla/getting-help | 200 OK Content-Length: 13291 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: shiny-moments.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Sun, 06 Dec 2015 06:38:30 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 2755aa3324d803c5b664cab08854e42b=d93f0b86ce07d8678c0aea5a9e928a83; path=/
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: shiny-moments.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Sun, 06 Dec 2015 06:38:30 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 2755aa3324d803c5b664cab08854e42b=d93f0b86ce07d8678c0aea5a9e928a83; path=/
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: shiny-moments.com
Referer: http://www.google.com/search?q=shiny-moments.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: shiny-moments.com
Referer: http://www.google.com/search?q=shiny-moments.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=shiny-moments.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://shiny-moments.com/
Result: shiny-moments.com is not infected or malware details are not published yet.
Result: shiny-moments.com is not infected or malware details are not published yet.