Scanned pages/files
Request | Server response | Status |
http://spiritofteguh.net/ | 200 OK Content-Length: 9002 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by L00k1ng ...[9978 bytes skipped]... ;div id="wrapper2" > <div id="main"> <div class="blog-featured"> <div class="items-leading"> <div class="leading-0"> <h2> <a href="/index.php/using-joomla/extensions/components/content-component/article-categories/68-l00k1ng-was-here"> L00k1ng was here</a> </h2> <p>Hacked by L00k1ng</p> <p></p> <p>Hacked by L00k1ng</p> <p><img src="http://upload.wikimedia.org/wikipedia/commons/0/0e/Kosovo_with_flag_of_Serbia.png" border="0" width="500" height="500" /></p> <h1>Greetz to: Serbian Hacktivist 035 , Vukasin , r3x1337 and Anonymous Squad No.035.</h1> <div class="item-separator"></div> </div> </div> </div> </di ...[670 bytes skipped]... | ||
http://spiritofteguh.net/media/system/js/core.js | 200 OK Content-Length: 3616 Content-Type: application/x-javascript | clean |
http://spiritofteguh.net/media/system/js/mootools-core.js | 200 OK Content-Length: 83987 Content-Type: application/x-javascript | clean |
http://spiritofteguh.net/media/system/js/caption.js | 200 OK Content-Length: 800 Content-Type: application/x-javascript | clean |
http://spiritofteguh.net/media/system/js/mootools-more.js | 200 OK Content-Length: 224389 Content-Type: application/x-javascript | clean |
http://spiritofteguh.net/templates/beez5/javascript/md_stylechanger.js | 200 OK Content-Length: 2104 Content-Type: application/x-javascript | clean |
http://spiritofteguh.net/templates/beez5/javascript/hide.js | 200 OK Content-Length: 7704 Content-Type: application/x-javascript | clean |
http://spiritofteguh.net/index.php?Itemid=455 | 404 Not Found Content-Length: 3963 Content-Type: text/html | clean |
http://spiritofteguh.net/index.php | 200 OK Content-Length: 9011 Content-Type: text/html | clean |
http://spiritofteguh.net/index.php/your-profile | 200 OK Content-Length: 191 Content-Type: text/html | clean |
http://spiritofteguh.net/test404page.js | 404 Not Found Content-Length: 294 Content-Type: text/html | clean |
http://spiritofteguh.net/index.php/getting-started | 404 Not Found Content-Length: 3951 Content-Type: text/html | clean |
http://spiritofteguh.net/index.php/ | 200 OK Content-Length: 9012 Content-Type: text/html | clean |
http://spiritofteguh.net/index.php/using-joomla | 404 Not Found Content-Length: 3948 Content-Type: text/html | clean |
http://spiritofteguh.net/index.php/the-joomla-project | 404 Not Found Content-Length: 3954 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: spiritofteguh.net
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Fri, 11 Jul 2014 12:11:30 GMT
Pragma: no-cache
Server: Apache/2.2.8 (CentOS)
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: d29945288be56dbd9b8d0b4802715500=6NyyrXiF66KvjFS-3SDhDZuyCG1mlTUZAXE-TFBmXogtNXZ9z-dRbooO4SCpIhYE; path=/
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: spiritofteguh.net
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Fri, 11 Jul 2014 12:11:30 GMT
Pragma: no-cache
Server: Apache/2.2.8 (CentOS)
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: d29945288be56dbd9b8d0b4802715500=6NyyrXiF66KvjFS-3SDhDZuyCG1mlTUZAXE-TFBmXogtNXZ9z-dRbooO4SCpIhYE; path=/
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: spiritofteguh.net
Referer: http://www.google.com/search?q=spiritofteguh.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: spiritofteguh.net
Referer: http://www.google.com/search?q=spiritofteguh.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=spiritofteguh.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://spiritofteguh.net/
Result: spiritofteguh.net is not infected or malware details are not published yet.
Result: spiritofteguh.net is not infected or malware details are not published yet.