Scanned pages/files
| Request | Server response | Status |
http://farmaciamercedes.co.cr/ | 200 OK Content-Length: 42565 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: !--Hacked by -- <!--Hacked by -->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html prefix="og: http://ogp.me/ns#" xmlns="http://www.w3.org/1999/xhtml" xml:lang="es-es" lang="es-es" > <head> <!--===============FreiChatX========START========================--> <!-- For uninstalling ME , first remove/comment all FreiChatX related code i.e ...[51568 bytes skipped]... | ||
http://farmaciamercedes.co.cr/freichat/client/main.php?id=b43a44656a81dae68c3fa61db33961c9&xhash=57fa6a591451ec4fab93b2f60b4a122b | 200 OK Content-Length: 302211 Content-Type: application/x-javascript | clean |
https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js | 200 OK Content-Length: 96381 Content-Type: text/javascript | clean |
https://ajax.aspnetcdn.com/ajax/jquery.migrate/jquery-migrate-1.2.1.min.js | 200 OK Content-Length: 7203 Content-Type: application/x-javascript | clean |
http://farmaciamercedes.co.cr/plugins/system/jqueryeasy/jquerynoconflict.js | 200 OK Content-Length: 20 Content-Type: application/javascript | clean |
http://farmaciamercedes.co.cr/media/system/js/mootools-core.js | 200 OK Content-Length: 83893 Content-Type: application/javascript | clean |
http://farmaciamercedes.co.cr/media/system/js/core.js | 200 OK Content-Length: 4104 Content-Type: application/javascript | clean |
http://farmaciamercedes.co.cr/media/jui/js/bootstrap.min.js | 200 OK Content-Length: 29156 Content-Type: application/javascript | clean |
http://farmaciamercedes.co.cr/components/com_k2/js/k2.js?v2.6.7&sitepath=/ | 200 OK Content-Length: 8007 Content-Type: application/javascript | clean |
http://farmaciamercedes.co.cr/plugins/system/joomsharebarpro/joomsharebarpro/js/jsb.min.js | 200 OK Content-Length: 4193 Content-Type: application/javascript | clean |
http://farmaciamercedes.co.cr/plugins/system/joomsharebarpro/joomsharebarpro/socialite/socialite_new.min.js | 200 OK Content-Length: 10731 Content-Type: application/javascript | clean |
http://farmaciamercedes.co.cr/media/com_acymailing/js/acymailing_module.js?v=480 | 200 OK Content-Length: 14413 Content-Type: application/javascript | clean |
http://farmaciamercedes.co.cr/templates/farmacia_mercedes/js/zebra_datepicker.js | 200 OK Content-Length: 21889 Content-Type: application/javascript | clean |
http://farmaciamercedes.co.cr/templates/farmacia_mercedes/js/jquery.hjt.navv.js | 200 OK Content-Length: 1064 Content-Type: application/javascript | clean |
http://farmaciamercedes.co.cr/templates/farmacia_mercedes/js/tinynav.min.js | 200 OK Content-Length: 833 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: farmaciamercedes.co.cr
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 26 Dec 2015 13:44:33 GMT
Server: Apache/2.4.12
Content-Type: text/html
X-Powered-By: PHP/5.4.43
GET / HTTP/1.1
Host: farmaciamercedes.co.cr
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 26 Dec 2015 13:44:33 GMT
Server: Apache/2.4.12
Content-Type: text/html
X-Powered-By: PHP/5.4.43
Second query (visit from search engine):
GET / HTTP/1.1
Host: farmaciamercedes.co.cr
Referer: http://www.google.com/search?q=farmaciamercedes.co.cr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: farmaciamercedes.co.cr
Referer: http://www.google.com/search?q=farmaciamercedes.co.cr
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=farmaciamercedes.co.cr
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://farmaciamercedes.co.cr/
Result: farmaciamercedes.co.cr is not infected or malware details are not published yet.
Result: farmaciamercedes.co.cr is not infected or malware details are not published yet.