Scanned pages/files
Request | Server response | Status |
http://teatreehealingwonders.com/ | 200 OK Content-Length: 166462 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: +ADw-html+AD4APA-head+AD4APA-title+AD4-Hacked By SEYTANAUYDUM+ADw-/title+AD4APA-link rel+AD0AIg-SHOR ...[618 bytes skipped]... home/teatreeh/public_html/index.php:1) in <b>/home/teatreeh/public_html/wp-content/themes/DailyDeal/admin/widgets/google_map.php</b> on line <b>2</b><br /> <!DOCTYPE html > <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-7" > <title>+ADw-/title+AD4 +ADw-html+AD4APA-head+AD4APA-title+AD4-Hacked By SEYTANAUYDUM+ADw-/title+AD4APA-link rel+AD0AIg-SHORTCUT ICON+ACI href+AD0AIg-http://i.imgur.com/2ePvK.gif+ACIAPgA8-meta+AD4 +ADw-style+AD4 body +AHs background: +ACM-000000 url() no-repeat top center+ADs color: +ACM-ff0000+ADs font-family: Courier New+ADs font-size: 12px+ADs +AH0 +ACM-black+AHs text-align: center+ADs font-size:12px+ADs font-weight: bold+ADs +AH0 a:link, a:visited +A ...[178046 bytes skipped]... | ||
http://teatreehealingwonders.com/wp-includes/js/l10n.js?ver=20101110 | 200 OK Content-Length: 308 Content-Type: application/javascript | clean |
http://teatreehealingwonders.com/wp-includes/js/jquery/jquery.js?ver=1.6.1 | 200 OK Content-Length: 91363 Content-Type: application/javascript | clean |
http://teatreehealingwonders.com/wp-content/themes/DailyDeal/js/jquery.cycle.all.min.js?ver=3.2.1 | 200 OK Content-Length: 31032 Content-Type: application/javascript | clean |
http://teatreehealingwonders.com/wp-content/themes/DailyDeal/js/script.js?ver=3.2.1 | 200 OK Content-Length: 2765 Content-Type: application/javascript | clean |
http://teatreehealingwonders.com/wp-content/themes/DailyDeal/library/js/jquery-ui-1.8.14.custom.min.js | 200 OK Content-Length: 210246 Content-Type: application/javascript | clean |
http://teatreehealingwonders.com/wp-content/themes/DailyDeal/js/timer.js | 200 OK Content-Length: 2770 Content-Type: application/javascript | clean |
http://teatreehealingwonders.com/wp-content/themes/DailyDeal/monetize/send_to_friend/jquery.simplemodal.js | 200 OK Content-Length: 8087 Content-Type: application/javascript | clean |
http://teatreehealingwonders.com/wp-content/themes/DailyDeal/monetize/send_to_friend/basic.js | 200 OK Content-Length: 560 Content-Type: application/javascript | clean |
http://teatreehealingwonders.com/wp-content/themes/DailyDeal/monetize/send_to_friend/email_frnd_validation.js | 200 OK Content-Length: 4650 Content-Type: application/javascript | clean |
http://182.185.206.82:3000/hook.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://182.185.206.82:3000/test404page.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: teatreehealingwonders.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 25 Sep 2014 16:58:28 GMT
Server: Apache
Content-Type: text/html
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: teatreehealingwonders.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 25 Sep 2014 16:58:28 GMT
Server: Apache
Content-Type: text/html
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: teatreehealingwonders.com
Referer: http://www.google.com/search?q=teatreehealingwonders.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: teatreehealingwonders.com
Referer: http://www.google.com/search?q=teatreehealingwonders.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=teatreehealingwonders.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://teatreehealingwonders.com/
Result: teatreehealingwonders.com is not infected or malware details are not published yet.
Result: teatreehealingwonders.com is not infected or malware details are not published yet.