Scanned pages/files
Request | Server response | Status |
http://hillapex.com/ | 200 OK Content-Length: 41673 Content-Type: text/html | clean |
http://hillapex.com/javascript/jquery.min.js | 200 OK Content-Length: 85924 Content-Type: application/javascript | clean |
http://hillapex.com/javascript/slider/jquery.slider.min.js | 200 OK Content-Length: 35870 Content-Type: application/javascript | clean |
http://hillapex.com/lib/jquery.jcarousel.min.js | 200 OK Content-Length: 15956 Content-Type: application/javascript | clean |
http://hillapex.com/index.php | 200 OK Content-Length: 41673 Content-Type: text/html | clean |
http://hillapex.com/about.php | 200 OK Content-Length: 39969 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: hacked by ...[45351 bytes skipped]... gt; </tr> </table></td> </tr> <tr> <td align="center" valign="top"> <table width="97%" border="0" cellspacing="0" cellpadding="0"> <tr> <td> </td> </tr> <tr> <td align="left" valign="top" class="graytxt"> <font size="7">hacked by <font color="#FF0000">Naji</font></font><br></td> </tr> <tr> <td> </td> </tr> </table></td> </tr> </table> </td> </tr> </table></td> </tr> <tr> <td><img src="img/main-3.png" width="995" height="11" /></td>< ...[1298 bytes skipped]... | ||
http://hillapex.com/basket.php | 200 OK Content-Length: 40719 Content-Type: text/html | clean |
http://hillapex.com/products.php | 200 OK Content-Length: 136642 Content-Type: text/html | clean |
http://hillapex.com/pdetail.php?IDZ=203-0-0-0-100 | 200 OK Content-Length: 46110 Content-Type: text/html | clean |
http://hillapex.com/contacts.php | 200 OK Content-Length: 42539 Content-Type: text/html | clean |
http://hillapex.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://hillapex.com/pdetail.php?IDZ=204-0-0-0-100 | 200 OK Content-Length: 46095 Content-Type: text/html | clean |
http://hillapex.com/pdetail.php?IDZ=205-0-0-0-100 | 200 OK Content-Length: 46106 Content-Type: text/html | clean |
http://hillapex.com/pdetail.php?IDZ=206-0-0-0-100 | 200 OK Content-Length: 46121 Content-Type: text/html | clean |
http://hillapex.com/pdetail.php?IDZ=207-0-0-0-100 | 200 OK Content-Length: 46158 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: hillapex.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 11 Jul 2015 05:19:02 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=0b16b52c24ce795cb147dd4d7e47c6f5; path=/
X-Powered-By: PHP/5.4.40
GET / HTTP/1.1
Host: hillapex.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 11 Jul 2015 05:19:02 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=0b16b52c24ce795cb147dd4d7e47c6f5; path=/
X-Powered-By: PHP/5.4.40
Second query (visit from search engine):
GET / HTTP/1.1
Host: hillapex.com
Referer: http://www.google.com/search?q=hillapex.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: hillapex.com
Referer: http://www.google.com/search?q=hillapex.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=hillapex.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://hillapex.com/
Result: hillapex.com is not infected or malware details are not published yet.
Result: hillapex.com is not infected or malware details are not published yet.