Scanned pages/files
Request | Server response | Status |
http://trainhowtojumphigher.com/ | 200 OK Content-Length: 5631 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By PhantomGhost <head> <meta http-equiv="Content-Language" content="en-us"> <title>Hacked By PhantomGhost</title> <script language="JavaScript"> var numraindrops="150"; var speed="5"; var rainsize="2"; var wind="left"; var genxgallery=""; function tb5_makeArray(n){ this.length = n; return this.length; } tb5_messages = new tb5_makeArray(2); tb5_messages[0] = "Hacked by"; tb5_messages[1] = "PhantomGhost"; tb5_rptType = 'infinite'; tb5_rptNbr = 10; ...[5990 bytes skipped]... | ||
http://trainhowtojumphigher.com/test404page.js | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Tue, 19 Aug 2014 21:59:30 GMT Pragma: no-cache Location: http://www.trainhowtojumphigher.com/test404page.js Server: nginx/1.6.1 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Last-Modified: Tue, 19 Aug 2014 21:59:30 GMT Set-Cookie: ocmx_mobile=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/ Set-Cookie: ocmx_mobile=normal; path=/ X-Pingback: http://www.trainhowtojumphigher.com/xmlrpc.php | clean |
http://www.trainhowtojumphigher.com/test404page.js | 404 Not Found Content-Length: 28092 Content-Type: text/html | clean |
http://www.trainhowtojumphigher.com/wp-includes/js/l10n.js?ver=20101110 | 200 OK Content-Length: 308 Content-Type: application/javascript | clean |
http://www.trainhowtojumphigher.com/wp-includes/js/jquery/jquery.js?ver=1.6.1 | 200 OK Content-Length: 91363 Content-Type: application/javascript | clean |
http://www.trainhowtojumphigher.com/wp-includes/js/jquery/ui.core.js?ver=1.8.12 | 200 OK Content-Length: 4326 Content-Type: application/javascript | clean |
http://www.trainhowtojumphigher.com/wp-includes/js/jquery/ui.widget.js?ver=1.8.12 | 200 OK Content-Length: 3274 Content-Type: application/javascript | clean |
http://www.trainhowtojumphigher.com/wp-includes/js/jquery/ui.tabs.js?ver=1.8.12 | 200 OK Content-Length: 11632 Content-Type: application/javascript | clean |
http://www.trainhowtojumphigher.com/wp-content/themes/headlines_enhanced_v2_1/functions/js/shortcodes.js?ver=1 | 200 OK Content-Length: 2482 Content-Type: application/javascript | clean |
http://www.trainhowtojumphigher.com/wp-content/themes/headlines_enhanced_v2_1/includes/js/superfish.js?ver=3.2.1 | 200 OK Content-Length: 4146 Content-Type: application/javascript | clean |
http://www.trainhowtojumphigher.com/wp-content/themes/headlines_enhanced_v2_1/includes/js/woo_tabs.js?ver=3.2.1 | 200 OK Content-Length: 1950 Content-Type: application/javascript | clean |
http://www.trainhowtojumphigher.com/wp-content/themes/headlines_enhanced_v2_1/includes/js/cufon-yui.js?ver=3.2.1 | 200 OK Content-Length: 18266 Content-Type: application/javascript | clean |
http://www.trainhowtojumphigher.com/wp-content/themes/headlines_enhanced_v2_1/includes/js/Liberation.font.js?ver=3.2.1 | 200 OK Content-Length: 73872 Content-Type: application/javascript | clean |
http://www.trainhowtojumphigher.com/wp-content/themes/headlines_enhanced_v2_1/includes/js/loopedSlider.js?ver=3.2.1 | 200 OK Content-Length: 7579 Content-Type: application/javascript | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 21183 Content-Type: text/javascript | clean |
http://www.trainhowtojumphigher.com/wp-content/plugins/wp-cumulus/swfobject.js | 200 OK Content-Length: 6088 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: trainhowtojumphigher.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 19 Aug 2014 21:59:27 GMT
Accept-Ranges: bytes
Server: nginx/1.6.1
Content-Length: 5631
Content-Type: text/html
Last-Modified: Tue, 15 Apr 2014 02:42:23 GMT
...5631 bytes of data.
GET / HTTP/1.1
Host: trainhowtojumphigher.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 19 Aug 2014 21:59:27 GMT
Accept-Ranges: bytes
Server: nginx/1.6.1
Content-Length: 5631
Content-Type: text/html
Last-Modified: Tue, 15 Apr 2014 02:42:23 GMT
...5631 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: trainhowtojumphigher.com
Referer: http://www.google.com/search?q=trainhowtojumphigher.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: trainhowtojumphigher.com
Referer: http://www.google.com/search?q=trainhowtojumphigher.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=trainhowtojumphigher.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://trainhowtojumphigher.com/
Result: trainhowtojumphigher.com is not infected or malware details are not published yet.
Result: trainhowtojumphigher.com is not infected or malware details are not published yet.