Scanned pages/files
| Request | Server response | Status |
http://thehdgu.com/ | 200 OK Content-Length: 2180 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HaCked by 3NEEDAN HaCkEr ...[1244 bytes skipped]... ; background-repeat:no-repeat; background-position:center center; color:#ffffff; } </style> <span style="font-weight:bold; text-shadow:white 0px 0px 8px; color:black"> <div align="center"> <img src="http://up.dev-point.com/uploads1/29f59645b1641.png"height="350" width="600"> <center><font size="7" color="white"><font face="Iceland"> HaCked by 3NEEDAN HaCkEr</font></center></font size="7" color="white"> <br> <hr size=3 width=38% color="#FFFFFF" align=center> </div> <center> <b> <pre> <font face="Iceland"><font size="5" color="white"> Security = OFF | | | Patch Your System !! </pre> </center> <br> <span id=2 style="font-weight:bold; text-shadow:white 0px 0px 8px; color:black"> <cen ...[651 bytes skipped]... | ||
http://thehdgu.com/test404page.js | 404 Not Found Content-Length: 15368 Content-Type: text/html | clean |
http://thehdgu.com/wp-includes/js/jquery/jquery.js?ver=1.11.3 | 200 OK Content-Length: 95977 Content-Type: application/javascript | clean |
http://thehdgu.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://thehdgu.com/wp-content/themes/risen/js/css3-mediaqueries.js?ver=1.1.5 | 200 OK Content-Length: 16796 Content-Type: application/javascript | clean |
http://thehdgu.com/wp-content/themes/risen/js/modernizr.custom.js?ver=1.1.5 | 200 OK Content-Length: 4840 Content-Type: application/javascript | clean |
http://thehdgu.com/wp-content/themes/risen/js/jquery.backstretch.min.js?ver=1.1.5 | 200 OK Content-Length: 2502 Content-Type: application/javascript | clean |
http://thehdgu.com/wp-content/themes/risen/js/hoverIntent.js?ver=1.1.5 | 200 OK Content-Length: 3257 Content-Type: application/javascript | clean |
http://thehdgu.com/wp-content/themes/risen/js/superfish.js?ver=1.1.5 | 200 OK Content-Length: 3835 Content-Type: application/javascript | clean |
http://thehdgu.com/wp-content/themes/risen/js/supersubs.js?ver=1.1.5 | 200 OK Content-Length: 3388 Content-Type: application/javascript | clean |
http://thehdgu.com/wp-content/themes/risen/js/selectnav.min.js?ver=1.1.5 | 200 OK Content-Length: 1571 Content-Type: application/javascript | clean |
http://maps.googleapis.com/maps/api/js?sensor=false | 200 OK Content-Length: 4336 Content-Type: text/javascript | clean |
http://thehdgu.com/wp-content/themes/risen/js/main.js?ver=1.1.5 | 200 OK Content-Length: 32756 Content-Type: application/javascript | clean |
http://thehdgu.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 | 200 OK Content-Length: 3997 Content-Type: application/javascript | clean |
http://thehdgu.com/biddle-park/ | 200 OK Content-Length: 17138 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: thehdgu.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 25 Sep 2015 06:46:32 GMT
Accept-Ranges: bytes
ETag: "884-5206945ba238f"
Server: Apache
Vary: Accept-Encoding
Content-Length: 2180
Content-Type: text/html
Last-Modified: Wed, 23 Sep 2015 12:29:57 GMT
...2180 bytes of data.
GET / HTTP/1.1
Host: thehdgu.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 25 Sep 2015 06:46:32 GMT
Accept-Ranges: bytes
ETag: "884-5206945ba238f"
Server: Apache
Vary: Accept-Encoding
Content-Length: 2180
Content-Type: text/html
Last-Modified: Wed, 23 Sep 2015 12:29:57 GMT
...2180 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: thehdgu.com
Referer: http://www.google.com/search?q=thehdgu.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: thehdgu.com
Referer: http://www.google.com/search?q=thehdgu.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=thehdgu.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://thehdgu.com/
Result: thehdgu.com is not infected or malware details are not published yet.
Result: thehdgu.com is not infected or malware details are not published yet.