Scanned pages/files
Request | Server response | Status |
http://southstarfinancial.com/ | 200 OK Content-Length: 92498 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: ACY-nbsp+ADsAPA-html+AD4APA-head+AD4APA-title+AD4-Hacked By El Moujahidin+ADw-/title+AD4APA-link hre ...[921 bytes skipped]... ta http-equiv="Content-Type" content="text/html; charset=UTF-7" /> <meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=no"> <!-- Title --> <title>+ADw-/title+AD4 +ADwAIQ-DOCTYPE html PUBLIC +ACI–//W3C//DTD HTML 4.01//EN+ACI +ACI-http://www.w3.org/TR/html4/strict.dtd+ACIAPg +ACY-nbsp+ADsAPA-html+AD4APA-head+AD4APA-title+AD4-Hacked By El Moujahidin+ADw-/title+AD4APA-link href+AD0AIg-http://fonts.googleapis.com/css?family+AD0-Share+ACs-Tech+ACs-Mono+ACI rel+AD0AIg-stylesheet+ACI type+AD0AIg-text/css+ACIAPgA8-link href+AD0AIg-http://fonts.googleapis.com/css?family+AD0-Geo+ACI rel+AD0AIg-std ylesheet+ACI type+AD0AIg-text/css+ACIAPgA8-/head+AD4APA-body style+AD0AIg-background-color: white+ADsAIgA+ADwAIQ— twitter fin –+AD4APA-center+AD4 +ADw-img src+AD0AIg-https://scontent-cdg.xx.fb ...[102160 bytes skipped]... | ||
http://www.southstarcapital.com/wp-includes/js/jquery/jquery.js?ver=1.11.2 | 200 OK Content-Length: 95952 Content-Type: application/javascript | clean |
http://www.southstarcapital.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://www.southstarcapital.com/wp-content/plugins/LayerSlider/js/layerslider.kreaturamedia.jquery.js?ver=4.6.0 | 200 OK Content-Length: 48706 Content-Type: application/javascript | clean |
http://www.southstarcapital.com/wp-content/plugins/LayerSlider/js/jquery-easing-1.3.js?ver=1.3.0 | 200 OK Content-Length: 8152 Content-Type: application/javascript | clean |
http://www.southstarcapital.com/wp-content/plugins/LayerSlider/js/jquerytransit.js?ver=0.9.9 | 200 OK Content-Length: 6830 Content-Type: application/javascript | clean |
http://www.southstarcapital.com/wp-content/plugins/LayerSlider/js/layerslider.transitions.js?ver=4.6.0 | 200 OK Content-Length: 21024 Content-Type: application/javascript | clean |
http://www.southstarcapital.com/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=4.2.2 | 200 OK Content-Length: 83792 Content-Type: application/javascript | clean |
http://www.southstarcapital.com/wp-content/themes/nova/app/assets/js/jquery-ui-effects.min.js?ver=4.2.2 | 200 OK Content-Length: 25232 Content-Type: application/javascript | clean |
http://www.southstarcapital.com/wp-content/themes/nova/app/assets/js/jquery.flexslider.js?ver=4.2.2 | 200 OK Content-Length: 41121 Content-Type: application/javascript | clean |
http://www.southstarcapital.com/wp-content/themes/nova/app/assets/js/gumm-custom.js?ver=4.2.2 | 200 OK Content-Length: 84048 Content-Type: application/javascript | clean |
http://www.southstarcapital.com/wp-content/themes/nova/app/assets/js/modernizr.custom.79639.js?ver=4.2.2 | 200 OK Content-Length: 11669 Content-Type: application/javascript | clean |
http://www.southstarcapital.com/wp-content/themes/nova/app/assets/js/gummbase.js?ver=4.2.2 | 200 OK Content-Length: 102838 Content-Type: application/javascript | clean |
http://www.southstarcapital.com/wp-content/themes/nova/app/assets/js/bootstrap.min.js?ver=4.2.2 | 200 OK Content-Length: 25688 Content-Type: application/javascript | clean |
http://www.southstarcapital.com/wp-content/themes/nova/app/assets/js/jquery.windy.js?ver=4.2.2 | 200 OK Content-Length: 12553 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: southstarfinancial.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=3, must-revalidate
Connection: close
Date: Wed, 10 Jun 2015 23:06:59 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding,Cookie
Content-Length: 92498
Content-Type: text/html; charset=UTF-8
Expires: Wed, 10 Jun 2015 23:07:02 GMT
Last-Modified: Wed, 10 Jun 2015 23:05:26 GMT
...92498 bytes of data.
GET / HTTP/1.1
Host: southstarfinancial.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=3, must-revalidate
Connection: close
Date: Wed, 10 Jun 2015 23:06:59 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding,Cookie
Content-Length: 92498
Content-Type: text/html; charset=UTF-8
Expires: Wed, 10 Jun 2015 23:07:02 GMT
Last-Modified: Wed, 10 Jun 2015 23:05:26 GMT
...92498 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: southstarfinancial.com
Referer: http://www.google.com/search?q=southstarfinancial.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: southstarfinancial.com
Referer: http://www.google.com/search?q=southstarfinancial.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=southstarfinancial.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://southstarfinancial.com/
Result: southstarfinancial.com is not infected or malware details are not published yet.
Result: southstarfinancial.com is not infected or malware details are not published yet.