Scanned pages/files
| Request | Server response | Status |
http://goris.am/ | 200 OK Content-Length: 60374 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED BY AYYILDIZ TEAM INTERNATIONAL FORCE ...[4145 bytes skipped]... lt;/div> </div> <script type="text/javascript" src="/templates/gorisam/swfobject.js"></script> <div id="art-flash-area"> <div id="art-flash-container"> <link rel="Shortcut Icon" href="http://i.hizliresim.com/e2y0mL.png" type="image/x-icon" /> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>HACKED BY AYYILDIZ TEAM INTERNATIONAL FORCE</title> <!--âsadece metni degistiriniz â--> <table width="409" height="153" border="0"> <tbody> <tr> <td width="510" height="149"> <h2 align="center" class="style1" style="text-align: center;"><marquee align="middle" scrollamount="1" width="100%" direction="up" scrolldelay="2" style="height: 180px; color: #ffffff; font-size: medium;"> <center> <p class="style3"> ...[72349 bytes skipped]... | ||
http://goris.am/plugins/system/rokbox/rokbox.js | 200 OK Content-Length: 22076 Content-Type: application/x-javascript | clean |
http://goris.am/plugins/system/rokbox/themes/light/rokbox-config.js | 200 OK Content-Length: 2598 Content-Type: application/x-javascript | clean |
http://goris.am/templates/gorisam/jquery.js | 200 OK Content-Length: 72174 Content-Type: application/x-javascript | clean |
http://goris.am/templates/gorisam/script.js | 200 OK Content-Length: 6452 Content-Type: application/x-javascript | clean |
http://goris.am/templates/gorisam/swfobject.js | 200 OK Content-Length: 10235 Content-Type: application/x-javascript | clean |
http://goris.am/index.php/hy/ads-goris | 200 OK Content-Length: 64797 Content-Type: text/html | clean |
http://goris.am/index.php/hy/b-and-b-in-goris-armenia | 200 OK Content-Length: 46886 Content-Type: text/html | clean |
http://goris.am/media/system/js/caption.js | 200 OK Content-Length: 1963 Content-Type: application/x-javascript | clean |
http://goris.am/index.php/en/b-and-b-in-goris-armenia | 200 OK Content-Length: 22753 Content-Type: text/html | clean |
http://goris.am/index.php/en/ads | 200 OK Content-Length: 36378 Content-Type: text/html | clean |
http://goris.am/index.php/en/ads/all_ads | 200 OK Content-Length: 26492 Content-Type: text/html | clean |
http://goris.am/index.php/hy/ads-goris/all_ads | 200 OK Content-Length: 54343 Content-Type: text/html | clean |
http://goris.am/index.php/hy/ads-goris/2- | 200 OK Content-Length: 54600 Content-Type: text/html | clean |
http://goris.am/index.php/en/ads/2- | 200 OK Content-Length: 26831 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: goris.am
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=0
Connection: close
Date: Tue, 17 Mar 2015 11:57:11 GMT
Pragma: no-cache
Server: nginx
Content-Type: text/html; charset=utf-8
Expires: Tue, 17 Mar 2015 11:57:11 GMT
Last-Modified: Tue, 17 Mar 2015 11:57:11 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: e80dfe25055d5baefa2e51d913ea381b=71af598f6286c0a22dfd936ff8cc5923; path=/
Set-Cookie: lang=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
Set-Cookie: jfcookie=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
Set-Cookie: jfcookie[lang]=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
GET / HTTP/1.1
Host: goris.am
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=0
Connection: close
Date: Tue, 17 Mar 2015 11:57:11 GMT
Pragma: no-cache
Server: nginx
Content-Type: text/html; charset=utf-8
Expires: Tue, 17 Mar 2015 11:57:11 GMT
Last-Modified: Tue, 17 Mar 2015 11:57:11 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: e80dfe25055d5baefa2e51d913ea381b=71af598f6286c0a22dfd936ff8cc5923; path=/
Set-Cookie: lang=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
Set-Cookie: jfcookie=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
Set-Cookie: jfcookie[lang]=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: goris.am
Referer: http://www.google.com/search?q=goris.am
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: goris.am
Referer: http://www.google.com/search?q=goris.am
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=goris.am
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://goris.am/
Result: goris.am is not infected or malware details are not published yet.
Result: goris.am is not infected or malware details are not published yet.