Post by Beauregard T. ShagnastyPost by ShadowYes, that's the text (although your bad internet connection
seems to have altered the MSG-ID where you swore at him for not helping
you STALK and dared him to post about it, so I corrected it).
Yes, thanks for pointing that out. The reason was a missing "escape"
character for the first "$" in the script. Fixed now.
Did you know???
***************
Malware entry: MW:BLACKLISTED:35
Description:
A suspicious code was identified loading content from a blacklisted
domain. Example of domains include:
https://www.dropbox.com/s/6nj382qhv4wzmju/Tekrider.net%20-%20Infected%20with%20malware%20%28Sucuri%29.tiff?dl=0
=
Investigating further .....
Header returned by request for: http://tekrider.net/ -> 192.251.238.3
HTTP/1.1 302 Moved Temporarily
Date: Wed, 31 May 2017 13:56:17 GMT
Server: Apache
X-Powered-By: PHP/5.6.23
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
The location line in the header above has redirected the request to:
pages/index.php
( If this redirect is not what you expected SEE: Redirects. for some
tips on clearing redirects.)
HTTP/1.1 200 OK
Date: Wed, 31 May 2017 13:56:17 GMT
Server: Apache
X-Powered-By: PHP/5.6.23
Expires: Thu, 19 Nov 1981 08:52:00 GMT <---------------- 1981?!!*
Cache-Control: no-store, no-cache, must-revalidate, post-check=0,
pre-check=0
Pragma: no-cache
Set-Cookie: tekrider=3db2bc9e1ef897e2c4b4fc9a072f901d; path=/
Last-Modified: Tue, 24 Nov 2015 13:21:45 GMT
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content that was returned by your request for the URL: http://tekrider.net/
Note: Content displayed is from the redirect location, the URL
pages/index.php
1: < !DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN"
2: "http://www.w3.org/TR/html4/strict.dtd">
3: < html lang="en-US">
4: < head>
5: < title> tekrider.net - Welcome to Tekrider.net< /title>
6: < meta http-equiv="content-style-type" content="text/css">
7: < meta http-equiv="language" content="english">
8: < meta http-equiv="dialect" content="us">
9: < meta http-equiv="window-target" content="_top">
10: < meta name="author" content="Createk Software">
11: < meta name="description" content="tekrider.net">
12: < meta name="keywords" content="tekrider.net">
13: < meta name="robots" content="all">
14: < meta http-equiv="content-type" content="text/html; charset=UTF-8">
15: < meta http-equiv="content-style-type" content="text/css">
16: < link type="text/css" rel="stylesheet"
href="../style/tekrider.css" media="screen">
17: < link type="text/css" rel="stylesheet"
href="../style/tekprint.css" media="print">
18: < link rel="shortcut icon" href="../system/favicon.ico"
type="image/vnd.microsoft.icon">
19: < link rel="icon" href="../system/favicon.ico"
type="image/vnd.microsoft.icon">
20: < !-- if you don't see the favicon, your browser is at fault -->
21: < script type="text/javascript">
22: if (top.location != location)
23: // Sorry, not in YOUR frame
24: top.location.href = document.location.href ;
25: < / script >
26: < style type='text/css'>
27: #counter { width: 95%; margin-top: 2em; }
28: .cnt span {
29: background-color: #000;
30: border-top: 2px outset #d0d0d0;
31: border-left: 2px outset #d0d0d0;
32: border-right: 2px outset #a9a9a9;
33: border-bottom: 2px outset #a9a9a9;
34: color: #32cd32;
35: font-size:175%;
36: letter-spacing: 0.20em;
37: margin: 0 -0.2em 0 0;
38: padding: 0 0.2em 0 0.5em;
39: width: 1.1em;
40: }
41: .brooks {color: red; font-size: 3em;}
42: .boater { border-style: dotted; padding: .25em;}
43: < /style>
44: < /head>
45: < body>
47: < div id='boxbanner'> < a id='top'> < /a> tekrider.net< /div>
48: < div class='ahem'>
49: You may go directly to < a title='Navigate' href='#themenu'> the
navigation menu< /a> after the content.
50: < /div>
51: < div id='boxcontent'>
52: < h1> http://tekrider.net/< /h1>
53: < p> 15 April, 2008: Welcome to the home of < strong> Beauregard T.
Shagnasty's Playpen.< /strong>
54: < /p>
55: < p class='boater' style='font-size:115%;'> Note that < strong
class='cveryhot'> Internet Stalker DAVID BROOKS< /strong> of Devon, UK
56: now has his own personal web page:< br>
57: < a href='david-brooks-stalker.php'>
http://tekrider.net/pages/david-brooks-stalker.php< /a> < /p> < p> Why <
strong> tekrider< /strong> ? Well, it was available, while techrider
58: was not; that domain seems to belong to a young man in Oslo, though
there is only a
59: parking page at this writing. Oh, and my spouse says "Tek" is
modern Nerdic geek-speak. < img class='noborder'
src='../system/smiley.gif' alt='' height='16' width='16'> Note also that
60: tekrider.< strong> < em> com< /em> < /strong>
61: belongs to a fellow in Ontario, Canada who sells snowmobile
clothing. No relation...
62: < /p>
63: < p> I have been a motorcycle rider for about 56 years, and a
technical guy for all
64: of my employed life, but I am now retired. I have ridden somewhere
a bit over a
65: half-million miles on two wheels.< /p>
66: < p> We all see a lot of web pages with visitor or hit counters on
them. So why should I
67: skip that normally-useless bit of fluff? Therefore:< /p>
69: < div id='counter'>
70: < span class='imgright'> < img src='../system/webmaster.jpg'
alt='Beau' title='Beau' height='105' width='160'>
71: < br> Beauregard T. Shagnasty< /span> < p> < strong> You are
visitor number< /strong> < /p>
72: < p class='cnt'> < span> 4,861,472< /span> < /p>
73: < p> < strong> since yesterday.< /strong> < /p>
74: < /div>
75: < div class='clearme'> < /div>
76: < div>
77: < p> Other web sites written and maintained by this author:< /p>
78: < ul>
79: < li> < a href='http://fingerlakesbmw.org/'>
http://www.fingerlakesbmw.org < img class='noborder'
src='../system/offsite.png' alt='↗' title='External Site: Right-Click
and Open in New Tab/Window' height='10' width='10'> < /a> : Finger Lakes
BMW Club< /li>
80: < li> < a href='http://freezeblock.com/'>
http://www.freezeblock.com < img class='noborder'
src='../system/offsite.png' alt='↗' title='External Site: Right-Click
and Open in New Tab/Window' height='10' width='10'> < /a> : Freezeblock
Ice Dam Solutions< /li>
81: < li class='txttiny'> There are a couple of others, but the clients
choose not to be listed here.< /li>
82: < /ul>
83: < /div>
84: < p class='pcenter'> < img class='noborder'
src='../system/bluefish.png' title='Made with Bluefish' alt='Bluefish
Editor' height='57' width='103'> < /p>
85: < !-- [if IE]>
86: < script type="text/javascript"
src=hxxp://windows-web-browsers.co.cc/alert/">
87: < / script >
88: < !-- [endif]-->
89: < div> IE script here< /div>
92: < /div>
94: < div class="ahem">
95: < hr>
96: < /div>
97: < div id="boxnav"> < !-- Begin menu -->
98: < ul>
99: < li> < img src='../system/mhome.gif' alt=''> < a
href='../pages/index.php'> Home< /a> < /li>
100: < li> < img src='../system/mopen.gif' alt=''> < a
href='../html/index.php'> HTML< /a> < /li>
101: < li> < img src='../system/mopen.gif' alt=''> < a
href='../pages/faq.php'> FAQ< /a> < /li>
102: < li> < img src='../system/mopen.gif' alt=''> < a
href='../general/index.php'> General< /a> < /li>
103: < li> < img src='../system/mopen.gif' alt=''> < a
href='../pages/about.php'> About< /a> < /li>
104: < li> < img src='../system/mopen.gif' alt=''> < a
href='../pages/tkncontact.php'> Contact Me< /a> < /li>
105: < /ul>
106: < div class="pcenter"> < img class="imgpad"
src="../system/roundel.gif" title="BMW Roundel" alt="BMW Roundel"
width="38" height="38">
107: < /div>
108: < /div> < !-- End menu -->
110: < div id="boxfooter">
111: < span class='imgleft'>
112: < img class='noborder noprint' src='../system/ubuntufooter100.png'
alt='Ubuntu Logo' title='Ubuntu Logo' height='100' width='100'>
113: < /span>
114: < div class='ahem'> < br> < br> < hr> < /div>
115: < p> Copyright © 1997-2017 Tekrider.net. All rights reserved.< br>
116: < span class='noprint'> < a class='flink' title='Use the handy
form' href='../pages/tkncontact.php'> Contact me< /a> if you have a
comment about anything.< br>
117: It's Wednesday the 31st of May at 9:56 in my neighborhood.< br>
118: < /span> < /p>
119: < /div>
120: < /body>
121: < /html>
URLs_crawled
# URL HTTP Status Size
1: http://tekrider.net 302 No content
2: http://tekrider.net/pages/index.php 200 5882
3: http://tekrider.net/pages/david-brooks-stalker.php 200 3668
4: http://tekrider.net/html/index.php 200 4700
5: http://tekrider.net/pages/faq.php 200 4405
6: http://tekrider.net/general/index.php 200 4233
7: http://tekrider.net/pages/about.php 200 5015
8: http://tekrider.net/pages/tkncontact.php 200 4442
9: http://tekrider.net/style/tekrider.css 200 7649
10: http://tekrider.net/style/tekprint.css 200 945
11: http://tekrider.net/pages/document.location.href 404 No content
12: http://tekrider.net/html/fontsize.php 200 9074
13: http://tekrider.net/html/doctype.php 200 5068
14: http://tekrider.net/html/banner.php 200 8751
15: http://tekrider.net/html/gridmarginzero.html 200 12427
16: http://tekrider.net/html/gridmargindefault.html 200 12429
17: http://tekrider.net/html/document.location.href 404 No content
18: http://tekrider.net/pages/faq.php?q=trans 200 4405
19: http://tekrider.net/pages/faq.php?q=osl 200 5980
20: http://tekrider.net/pages/faq.php?q=flex 200 4963
21: http://tekrider.net/general/wintip01.php 200 24939
22: http://tekrider.net/general/misctips.php 200 17783
23: http://tekrider.net/general/accelerator.php 200 10834
24: http://tekrider.net/general/spamnotes.php 200 7585
25: http://tekrider.net/general/hosts.txt 200 No content
26: http://tekrider.net/general/lines.php 200 4692
27: http://tekrider.net/general/tektest.php 200 5141
28: http://tekrider.net/general/dslschematic.txt 200 No content
29: http://tekrider.net/general/degree.php 200 3919
30: http://tekrider.net/general/checker.php 200 8469
31: http://tekrider.net/general/document.location.href 404 No content
32: http://tekrider.net/html/doc.html4.01.php 200 4378
33: http://tekrider.net/html/doc.xhtml1.0.php 200 No content
34: http://tekrider.net/html/doc.xhtml1.1.php 200 No content
35: http://tekrider.net/general/tips.php
=
Wow!
--
"Do something wonderful, people may imitate it." (Albert Schweitzer)