Scanned pages/files
Request | Server response | Status |
http://webpovar.net/ | 200 OK Content-Length: 75230 Content-Type: text/html | clean |
http://webpovar.net/wp-content/themes/webpovar/scripts/jquery.js | 200 OK Content-Length: 31033 Content-Type: application/x-javascript | clean |
http://webpovar.net/wp-content/themes/webpovar/scripts/custom.js | 200 OK Content-Length: 2400 Content-Type: application/x-javascript | clean |
http://webpovar.net/wp-content/themes/webpovar/scripts/jquery-1.2.6.min.js | 200 OK Content-Length: 55774 Content-Type: application/x-javascript | clean |
http://webpovar.net/wp-content/themes/webpovar/scripts/jquery.easing.1.3.js | 200 OK Content-Length: 8097 Content-Type: application/x-javascript | clean |
http://webpovar.net/wp-content/themes/webpovar/scripts/coda-slider-condensed.js | 200 OK Content-Length: 5469 Content-Type: application/x-javascript | clean |
http://webpovar.net/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 93085 Content-Type: application/x-javascript | clean |
http://webpovar.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/x-javascript | clean |
http://counter.rambler.ru/top100.jcn?2414569 | 200 OK Content-Length: 6853 Content-Type: application/x-javascript | clean |
http://webpovar.net/wp-content/plugins/wp-postratings/postratings-js.js?ver=1.63 | 200 OK Content-Length: 3263 Content-Type: application/x-javascript | clean |
http://webpovar.net/reklama/ | 200 OK Content-Length: 59197 Content-Type: text/html | clean |
http://webpovar.net/wp-includes/js/comment-reply.min.js?ver=3.8.3 | 200 OK Content-Length: 757 Content-Type: application/x-javascript | clean |
http://webpovar.net/dobavit-recept/ | 200 OK Content-Length: 59244 Content-Type: text/html | clean |
http://webpovar.net/feed/ | 200 OK Content-Length: 8799 Content-Type: text/xml | clean |
http://webpovar.net/test404page.js | 404 Not Found Content-Length: 487 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by ghost-dz <html>
<head> <meta http-equiv="Content-Language" content="fr"> <meta http-equiv="Content-Type" content="text/html; charset=windows-1252"> <title>ÐиÑего не найдено Ð´Ð»Ñ Test404Page Js</title> </head> <body bgcolor="#000000"> <p align="center"> </p> <p align="center"> </p> <p align="center"><font size="10" color="#FFFFFF">Hacked by ghost-dz</font></p> <p align="center"><font size="10" color="#FF0000">Algerian Hacker</font></p> </body> </html> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: webpovar.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 15 Jun 2014 11:38:12 GMT
Server: nginx admin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Set-Cookie: wordpress_80992f251a33752808ec05ef4ffa243d=%7C1404041892%7C07db8202007dc72df1604280fe41f0bd; expires=Sun, 29-Jun-2014 23:38:12 GMT; path=/wp-content/plugins; httponly
Set-Cookie: wordpress_80992f251a33752808ec05ef4ffa243d=%7C1404041892%7C07db8202007dc72df1604280fe41f0bd; expires=Sun, 29-Jun-2014 23:38:12 GMT; path=/wp-admin; httponly
Set-Cookie: wordpress_logged_in_80992f251a33752808ec05ef4ffa243d=%7C1404041892%7C5c7e98d1b7d7fbd810bf94f6caa39e4c; expires=Sun, 29-Jun-2014 23:38:12 GMT; path=/; httponly
X-Cache: HIT from Backend
X-Pingback: http://webpovar.net/xmlrpc.php
X-Powered-By: PHP/5.3.28
GET / HTTP/1.1
Host: webpovar.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 15 Jun 2014 11:38:12 GMT
Server: nginx admin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Set-Cookie: wordpress_80992f251a33752808ec05ef4ffa243d=%7C1404041892%7C07db8202007dc72df1604280fe41f0bd; expires=Sun, 29-Jun-2014 23:38:12 GMT; path=/wp-content/plugins; httponly
Set-Cookie: wordpress_80992f251a33752808ec05ef4ffa243d=%7C1404041892%7C07db8202007dc72df1604280fe41f0bd; expires=Sun, 29-Jun-2014 23:38:12 GMT; path=/wp-admin; httponly
Set-Cookie: wordpress_logged_in_80992f251a33752808ec05ef4ffa243d=%7C1404041892%7C5c7e98d1b7d7fbd810bf94f6caa39e4c; expires=Sun, 29-Jun-2014 23:38:12 GMT; path=/; httponly
X-Cache: HIT from Backend
X-Pingback: http://webpovar.net/xmlrpc.php
X-Powered-By: PHP/5.3.28
Second query (visit from search engine):
GET / HTTP/1.1
Host: webpovar.net
Referer: http://www.google.com/search?q=webpovar.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: webpovar.net
Referer: http://www.google.com/search?q=webpovar.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=webpovar.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://webpovar.net/
Result: webpovar.net is not infected or malware details are not published yet.
Result: webpovar.net is not infected or malware details are not published yet.