Scanned pages/files
| Request | Server response | Status |
http://eyebank.com.jo/ | 200 OK Content-Length: 53787 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Challenges HackerS ...[1752 bytes skipped]... r/> <tr> <td id="menu" height="33" align="left" valign="top" > <script type="text/javascript" src="library/var.js"></script> <script language="JavaScript" type="text/javascript"> var RightToLeft=0;var FontFamily="Century Gothic";var MenuTextCentered='left';Menu1 = new Array(" <head> <title>Hacked By Challenges HackerS</title> <meta name="keywords" content="Hacked By Challenges HackerS,sn!per hacker,ml7s hacker,drz3r0 hacker,legend sys"> </head> <body oncontextmenu="return false;" style="background-image: url("http://i1004.photobucket.com/albums/af163/imnu11/openbg.gif"); background-repeat: repeat;" alink="#FFFFFF" bgcolor="black" link="#FFFFFF" vlink="#FFFFFF"> <ce ...[69027 bytes skipped]... | ||
http://eyebank.com.jo/library/login.js | 200 OK Content-Length: 2249 Content-Type: application/javascript | clean |
http://eyebank.com.jo/library/var.js | 200 OK Content-Length: 3804 Content-Type: application/javascript | clean |
http://eyebank.com.jo/library/menu.js | 200 OK Content-Length: 21860 Content-Type: application/javascript | clean |
http://eyebank.com.jo/library/flash.js | 200 OK Content-Length: 531 Content-Type: application/javascript | clean |
http://eyebank.com.jo/index_ar.php | 200 OK Content-Length: 56243 Content-Type: text/html | clean |
http://eyebank.com.jo/index.php | 200 OK Content-Length: 53787 Content-Type: text/html | clean |
http://eyebank.com.jo/doctorsRegisteration.php?reg=1 | 200 OK Content-Length: 42504 Content-Type: text/html | clean |
http://eyebank.com.jo/library/registration.js | 200 OK Content-Length: 2930 Content-Type: application/javascript | clean |
http://eyebank.com.jo/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://eyebank.com.jo/inner.php?type=3&id=1 | 200 OK Content-Length: 41086 Content-Type: text/html | clean |
http://eyebank.com.jo/inner.php?type=3&id=2 | 200 OK Content-Length: 41138 Content-Type: text/html | clean |
http://eyebank.com.jo/inner.php?type=3&id=3 | 200 OK Content-Length: 42317 Content-Type: text/html | clean |
http://eyebank.com.jo/inner.php?type=2&id=13 | 200 OK Content-Length: 45596 Content-Type: text/html | clean |
http://eyebank.com.jo/doner.php | 200 OK Content-Length: 45003 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: eyebank.com.jo
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 26 Jun 2015 17:30:04 GMT
Pragma: no-cache
Server: nginx admin
Vary: Accept-Encoding
Content-Length: 53787
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=c8cc1b0e3ce47dfb9b08d7d32f727775; path=/
X-Cache: HIT from Backend
...53787 bytes of data.
GET / HTTP/1.1
Host: eyebank.com.jo
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 26 Jun 2015 17:30:04 GMT
Pragma: no-cache
Server: nginx admin
Vary: Accept-Encoding
Content-Length: 53787
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=c8cc1b0e3ce47dfb9b08d7d32f727775; path=/
X-Cache: HIT from Backend
...53787 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: eyebank.com.jo
Referer: http://www.google.com/search?q=eyebank.com.jo
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: eyebank.com.jo
Referer: http://www.google.com/search?q=eyebank.com.jo
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=eyebank.com.jo
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://eyebank.com.jo/
Result: eyebank.com.jo is not infected or malware details are not published yet.
Result: eyebank.com.jo is not infected or malware details are not published yet.