Scanned pages/files
Request | Server response | Status |
http://fresnoseniorcareblog.com/ | 200 OK Content-Length: 74421 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: ADs charset+AD0-iso-8859-1+ACI /+AD4APA-title+AD4-Hacked by El Moujahidin+ADw-/title+AD4APA-style ty ...[1478 bytes skipped]... CTYPE html PUBLIC +ACI--//W3C//DTD XHTML 1.0 Transitional//EN+ACI +ACI-http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd+ACIAPgA8-html xmlns+AD0AIg-http://www.w3.org/1999/xhtml+ACIAPgA8-meta name+AD0AIgAi content+AD0AIgAi /+AD4APA-meta name+AD0AIg-publisher+ACI content+AD0AIg-MUS4LLAT+ACI /+AD4APA-head+AD4APA-meta http-equiv+AD0AIg-Content-Type+ACI content+AD0AIg-text/html+ADs charset+AD0-iso-8859-1+ACI /+AD4APA-title+AD4-Hacked by El Moujahidin+ADw-/title+AD4APA-style type+AD0AIg-text/css+ACIAPgA8ACE---body,td,th +AHs color: +ACM-CCCCCC+ADsAfQ-body +AHs background-color: +ACM-000000+ADsAfQ.style1 +AHs font-family: tahoma+ADs font-size: 10pt+ADsAfQ.style2 +AHs color: +ACM-FF0000+ADs font-weight: bold+ADsAfQ.style3 +AHs-color: +ACM-FFFFFF+AH0.style7 +AHs-color: +ACM-FFFFFF+ADs font-weight: bold+ADs +AH0.style8 +AHs font-family: tahoma+ADs font-size: 16pt+ADs color: +ACM-FFFFFF+ADsAfQ.style11 +AHs-font ...[80251 bytes skipped]... | ||
http://fresnoseniorcareblog.com/wp-includes/js/jquery/jquery.js | 200 OK Content-Length: 95952 Content-Type: application/javascript | clean |
http://fresnoseniorcareblog.com/wp-includes/js/jquery/jquery-migrate.min.js | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://fresnoseniorcareblog.com/wp-includes/js/jquery/ui/core.min.js | 200 OK Content-Length: 3997 Content-Type: application/javascript | clean |
http://fresnoseniorcareblog.com/wp-includes/js/jquery/ui/widget.min.js | 200 OK Content-Length: 6908 Content-Type: application/javascript | clean |
http://fresnoseniorcareblog.com/wp-includes/js/jquery/ui/accordion.min.js | 200 OK Content-Length: 8585 Content-Type: application/javascript | clean |
http://fresnoseniorcareblog.com/wp-includes/js/jquery/ui/tabs.min.js | 200 OK Content-Length: 12110 Content-Type: application/javascript | clean |
http://fresnoseniorcareblog.com/wp-content/plugins/gpp-shortcodes/js/gpp_sc_scripts.js | 200 OK Content-Length: 1769 Content-Type: application/javascript | clean |
https://maps.googleapis.com/maps/api/js?sensor=false | 200 OK Content-Length: 4473 Content-Type: text/javascript | clean |
http://ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js | 200 OK Content-Length: 228077 Content-Type: text/javascript | clean |
http://fresnoseniorcareblog.com/wp-content/themes/keilir/assets/js/jquery.snippet.min.js | 200 OK Content-Length: 68457 Content-Type: application/javascript | clean |
http://fresnoseniorcareblog.com/wp-content/themes/keilir/assets/js/jquery.nivo.slider.pack.js | 200 OK Content-Length: 12210 Content-Type: application/javascript | clean |
http://fresnoseniorcareblog.com/wp-content/themes/keilir/assets/js/jquery.timeago.js | 200 OK Content-Length: 5983 Content-Type: application/javascript | clean |
http://fresnoseniorcareblog.com/wp-content/themes/keilir/assets/js/bootstrap.min.js | 200 OK Content-Length: 19155 Content-Type: application/javascript | clean |
http://fresnoseniorcareblog.com/wp-content/themes/keilir/assets/js/jquery.magnific-popup.js | 200 OK Content-Length: 16062 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: fresnoseniorcareblog.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 22 Jun 2015 11:39:01 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=UTF-7
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=636b2023ea53a6026420becfe11421f8; path=/
X-Pingback: http://fresnoseniorcareblog.com/xmlrpc.php
X-Powered-By: PHP/5.3.24
GET / HTTP/1.1
Host: fresnoseniorcareblog.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 22 Jun 2015 11:39:01 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=UTF-7
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=636b2023ea53a6026420becfe11421f8; path=/
X-Pingback: http://fresnoseniorcareblog.com/xmlrpc.php
X-Powered-By: PHP/5.3.24
Second query (visit from search engine):
GET / HTTP/1.1
Host: fresnoseniorcareblog.com
Referer: http://www.google.com/search?q=fresnoseniorcareblog.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: fresnoseniorcareblog.com
Referer: http://www.google.com/search?q=fresnoseniorcareblog.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=fresnoseniorcareblog.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://fresnoseniorcareblog.com/
Result: fresnoseniorcareblog.com is not infected or malware details are not published yet.
Result: fresnoseniorcareblog.com is not infected or malware details are not published yet.