Scanned pages/files
Request | Server response | Status |
http://chefs-eg.com/ | 200 OK Content-Length: 12435 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Pharaoh - Egyptian Shell Team ...[461 bytes skipped]... br/>} } } if (document.layers){ document.captureEvents(Event.MOUSEDOWN); document.onmousedown=clickNS4; } else if (document.all&&!document.getElementById){ document.onmousedown=clickIE4; } document.oncontextmenu=new Function("alert(message);return false") // --> </script> <head> <title> Hacked By Pharaoh - Egyptian Shell Team </title> <script> <!--Egyptian Shell Team - Pharaoh--> var text= new Array( "Welcome", "Site Defacer :: Pharaoh", "Site Down !", "Msh 3aref a2olkm eh el sr7a", "El E5tark Dh Lel Tslya Msh Aktr :P :P", "w Asehl Meno Mafesh Elsr7a Sho8l 5 D2e2 Kda Fe El Sare3 :P", "Mtnsosh Tezrona http://facebook.com/egyshell", "Pharaoh Ba ...[13188 bytes skipped]... | ||
http://chefs-eg.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: chefs-eg.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 09 Dec 2015 05:39:39 GMT
Server: Apache
Content-Type: text/html
X-Powered-By: PHP/5.4.34
GET / HTTP/1.1
Host: chefs-eg.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 09 Dec 2015 05:39:39 GMT
Server: Apache
Content-Type: text/html
X-Powered-By: PHP/5.4.34
Second query (visit from search engine):
GET / HTTP/1.1
Host: chefs-eg.com
Referer: http://www.google.com/search?q=chefs-eg.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: chefs-eg.com
Referer: http://www.google.com/search?q=chefs-eg.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=chefs-eg.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://chefs-eg.com/
Result: chefs-eg.com is not infected or malware details are not published yet.
Result: chefs-eg.com is not infected or malware details are not published yet.