Scanned pages/files
Request | Server response | Status |
http://thedateadvice.com/ | 200 OK Content-Length: 101232 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. <!-- ACCESS DENIED --> <!-- ACCESS DENIED --> <!-- ACCESS DENIED --> <!-- ACCESS DENIED --> <!-- ACCESS DENIED --> <!-- ACCESS DENIED --> <!-- ACCESS DENIED --> <!-- ACCESS DENIED --> <!-- ACCESS DENIED --> <!-- ACCESS DENIED --> <!-- ACCESS DENIED --> <!-- ACCESS DENIED --> <!-- ACCESS DENIED --> < ...[5218 bytes skipped]... Decoded script: ...[1948 bytes skipped]... eRR,./BlaDDzeRR was here" alt="./BlaDDzeRR,Hacked by ./BlaDDzeRR,./BlaDDzeRR was here">Mr.HaurgeulisX196</a> <div id="copyright"> <a href="https://www.facebook.com/pages/GHOSTSEC-TEAM/267849786728159?fref=ts" target="_blank">GHOSTSEC-TEAM</a>, © 2014 <a href="https://www.facebook.com/pages/GHOSTSEC-TEAM/267849786728159?fref=ts" target="_blank">GHOSTSEC-TEAM</a></div></div><iframe style="top:-420px;left:-545px;position:absolute" name="arama" src="https://www.facebook.com/pages/GHOSTSEC-TEAM/267849786728159?fref=ts" width="1" height="0" scrolling="no" frameborder="0" marginwidth="0" marginheight="0" ></iframe> $(window).load(function(){ var particles = []; var particleCount = 30; var maxVelocity = 2; var targetFPS = 33; var canvasWidth = 400; var canvasHeight = 400; var imageObj = new Image(); imageObj.onload = functio ...[10002 bytes skipped]... Deface/Content modification. The following signature was found: Hacked By ./BlaDDzeRR <html> <head> <title>GHOSTSEC-TEAM !</title><link href='http://design.jboss.org/arquillian/logo/final/arquillian_icon_256px.png' rel='shortcut icon'/> <meta content='Hacked By ./BlaDDzeRR' name='description'/> <meta content='Hacked By ./BlaDDzeRR' name='keywords'/> <meta content='Hacked By ./BlaDDzeRR' name='Abstract'/> <meta name="title" content="Hacked? ./BlaDDzeRR ?, Fvck !"> <meta name="description" content="Welcome, GHOSTSEC-TEAM"> <meta name="keywords" content="./BlaDDzeRR, Hacked By ./BlaDDzeRR, Hacker, Cracker, Blackhat, Hijack, Exploiter, Agam Bewe, ...[126823 bytes skipped]... | ||
http://thedateadvice.com/test404page.js | 404 Not Found Content-Length: 14138 Content-Type: text/html | clean |
http://thedateadvice.com/wp-includes/js/jquery/jquery.js?ver=1.8.3 | 200 OK Content-Length: 93658 Content-Type: application/javascript | clean |
http://thedateadvice.com/wp-content/themes/socrates/functions/ajax-contact/ajax-contact.js?ver=3.5.1 | 200 OK Content-Length: 2422 Content-Type: application/javascript | clean |
http://thedateadvice.com/wp-includes/js/comment-reply.min.js?ver=3.5.1 | 200 OK Content-Length: 786 Content-Type: application/javascript | clean |
http://thedateadvice.com/wp-content/plugins/landing-pages/js/ajax.tracking.js?ver=3.5.1 | 200 OK Content-Length: 1675 Content-Type: application/javascript | clean |
http://thedateadvice.com/wp-content/themes/socrates/scripts/scripts-active.js?ver=1.0 | 200 OK Content-Length: 3333 Content-Type: application/javascript | clean |
http://thedateadvice.com/wp-content/themes/socrates/scripts/myStuff.js?ver=1.0 | 200 OK Content-Length: 1143 Content-Type: application/javascript | clean |
http://thedateadvice.com/wp-content/themes/socrates/scripts/supersleight.plugin.js?ver=1.0 | 200 OK Content-Length: 1545 Content-Type: application/javascript | clean |
http://thedateadvice.com/wp-content/themes/socrates/slider/jquery.nivo.slider.pack.js?ver=2.7 | 200 OK Content-Length: 11561 Content-Type: application/javascript | clean |
http://thedateadvice.com/wp-content/themes/socrates/scripts/prettyphoto/js/jquery.prettyPhoto.js?ver=3.0.1 | 200 OK Content-Length: 21878 Content-Type: application/javascript | clean |
http://thedateadvice.com/category/personal-development/ | 200 OK Content-Length: 15385 Content-Type: text/html | clean |
http://thedateadvice.com/about-me/ | 200 OK Content-Length: 17605 Content-Type: text/html | clean |
http://thedateadvice.com/right-after-cheating-seek-the-date-advice-you-need-as-a-person-may-well-become-seasoned/ | 200 OK Content-Length: 21051 Content-Type: text/html | clean |
http://thedateadvice.com/2013/02/ | 200 OK Content-Length: 14826 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: thedateadvice.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 11 Aug 2015 17:26:13 GMT
Server: Apache
Content-Type: text/html
X-Powered-By: PHP/5.4.35
GET / HTTP/1.1
Host: thedateadvice.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 11 Aug 2015 17:26:13 GMT
Server: Apache
Content-Type: text/html
X-Powered-By: PHP/5.4.35
Second query (visit from search engine):
GET / HTTP/1.1
Host: thedateadvice.com
Referer: http://www.google.com/search?q=thedateadvice.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: thedateadvice.com
Referer: http://www.google.com/search?q=thedateadvice.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=thedateadvice.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://thedateadvice.com/
Result: thedateadvice.com is not infected or malware details are not published yet.
Result: thedateadvice.com is not infected or malware details are not published yet.