Scanned pages/files
| Request | Server response | Status |
http://www.haachuza.com/ | 200 OK Content-Length: 14709 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By ...[7342 bytes skipped]... <div class="div_h1"><h1 style="color: #150d0b;" title="">×××××× - ××£ ×××ת</h1></div> <div class="line_h" style="background-color: #150d0b;" > </div> <div class="div_content"><h1 class="example2" style="text-align: center;"><span style="font-family: 'arial black', 'avant garde'; font-size: 36px; color: #ff0000;">Hacked By <span style="text-decoration: underline;"><strong>Fallaga Team</strong></span></span></h1></div> <div class="div_space_hor_30"></div> </div> <div class="div_page_left"> <div class="div_h4"><h4 style="color: #150d0b;" title="">Hacked By Fallaga Team</h4></div> <div class="line_h" style="background-color: #1 ...[9335 bytes skipped]... | ||
http://haachuza.com/jquery/jquery-1.9.1.min.js | 200 OK Content-Length: 92629 Content-Type: application/x-javascript | clean |
http://haachuza.com/he/js/script.js?ver=03.02.2014 | 200 OK Content-Length: 8557 Content-Type: application/x-javascript | clean |
http://haachuza.com/jquery/jquery.bxslider/jquery.bxslider.min.js | 200 OK Content-Length: 19125 Content-Type: application/x-javascript | clean |
https://www.nofshim.co.il/nofashim.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 17 Apr 2015 08:01:20 GMT Location: http://www.nofshim.co.il/nofashim.js Server: Apache Vary: Accept-Encoding Content-Length: 312 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.nofshim.co.il/nofashim.js | 200 OK Content-Length: 8741 Content-Type: application/javascript | clean |
http://maps.googleapis.com/maps/api/js?sensor=false&language=iw | 200 OK Content-Length: 4334 Content-Type: text/javascript | clean |
http://www.haachuza.com/ilogin | HTTP/1.1 301 Moved Permanently Date: Fri, 17 Apr 2015 08:01:20 GMT Location: http://www.haachuza.com/ilogin/ Server: Microsoft-IIS/7.5 Content-Length: 154 Content-Type: text/html; charset=UTF-8 X-Powered-By: ASP.NET | clean |
http://www.haachuza.com/ilogin/ | 200 OK Content-Length: 1644 Content-Type: text/html | clean |
http://www.haachuza.com/ilogin/jquery.js | 200 OK Content-Length: 93867 Content-Type: application/x-javascript | clean |
http://www.haachuza.com/login.js | 404 Not Found Content-Length: 1245 Content-Type: text/html | clean |
http://www.haachuza.com/test404page.js | 404 Not Found Content-Length: 1245 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: haachuza.com
Result:
GET / HTTP/1.1
Host: haachuza.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: haachuza.com
Referer: http://www.google.com/search?q=haachuza.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: haachuza.com
Referer: http://www.google.com/search?q=haachuza.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=haachuza.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://haachuza.com/
Result: haachuza.com is not infected or malware details are not published yet.
Result: haachuza.com is not infected or malware details are not published yet.