Scanned pages/files
Request | Server response | Status |
http://wrzalka.pl/ | 200 OK Content-Length: 5008 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by Jordan Ghost <html>
<head> <title> Hacked by Jordan Ghost </title> <meta name="description" content="Mafia Team!"> <meta name="keywords" content="Hacked by Jordan Ghost & Omar Root, Jordan Ghost & Omar Root, AHT CREW, Jordan Ghost & Omar Root, "> <link rel='stylesheet' id='validate-engine-css-css' href='http://www.esbrainoise.be/wp-content/plugins/wysija-newsletters/css/validationEngine.jquery.css' type='text/css' media='all' /> ...[5430 bytes skipped]... | ||
http://www.esbrainoise.be/wp-includes/js/jquery/jquery.js | 200 OK Content-Length: 95807 Content-Type: application/javascript | clean |
http://www.esbrainoise.be/wp-includes/js/jquery/jquery-migrate.min.js | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://www.esbrainoise.be/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/ajax.js | 404 Not Found Content-Length: 40014 Content-Type: text/html | clean |
http://www.esbrainoise.be/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js | 200 OK Content-Length: 15248 Content-Type: application/javascript | clean |
http://www.esbrainoise.be/wp-content/plugins/contact-form-7/includes/js/scripts.js | 200 OK Content-Length: 9658 Content-Type: application/javascript | clean |
http://www.esbrainoise.be/wp-content/plugins/google-calendar-events/js/jquery-qtip.js | 200 OK Content-Length: 38442 Content-Type: application/javascript | clean |
http://www.esbrainoise.be/wp-content/plugins/google-calendar-events/js/gce-script.js | 200 OK Content-Length: 3639 Content-Type: application/javascript | clean |
http://s0.wp.com/wp-content/js/devicepx-jetpack.js | 200 OK Content-Length: 9301 Content-Type: application/x-javascript | clean |
http://www.esbrainoise.be/wp-content/plugins/wysija-newsletters/js/validate/languages/jquery.validationEngine-fr.js | 200 OK Content-Length: 7847 Content-Type: application/javascript | clean |
http://www.esbrainoise.be/wp-content/plugins/wysija-newsletters/js/validate/jquery.validationEngine.js | 200 OK Content-Length: 71745 Content-Type: application/javascript | clean |
http://www.esbrainoise.be/wp-content/plugins/wysija-newsletters/js/front-subscribers.js | 200 OK Content-Length: 3171 Content-Type: application/javascript | clean |
http://www.esbrainoise.be/wp-content/plugins/easy-fancybox/fancybox/jquery.fancybox-1.3.6.pack.js | 200 OK Content-Length: 16645 Content-Type: application/javascript | clean |
http://www.esbrainoise.be/wp-content/plugins/easy-fancybox/jquery.easing.pack.js | 200 OK Content-Length: 3649 Content-Type: application/javascript | clean |
http://www.esbrainoise.be/wp-content/plugins/easy-fancybox/jquery.mousewheel.pack.js | 200 OK Content-Length: 1759 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: wrzalka.pl
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 13 Oct 2014 05:57:27 GMT
Server: Apache
Content-Type: text/html
X-Powered-By: PHP/5.2.9
GET / HTTP/1.1
Host: wrzalka.pl
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 13 Oct 2014 05:57:27 GMT
Server: Apache
Content-Type: text/html
X-Powered-By: PHP/5.2.9
Second query (visit from search engine):
GET / HTTP/1.1
Host: wrzalka.pl
Referer: http://www.google.com/search?q=wrzalka.pl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: wrzalka.pl
Referer: http://www.google.com/search?q=wrzalka.pl
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=wrzalka.pl
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://wrzalka.pl/
Result: wrzalka.pl is not infected or malware details are not published yet.
Result: wrzalka.pl is not infected or malware details are not published yet.