Scanned pages/files
Request | Server response | Status |
http://jamnetinc.com/ | 200 OK Content-Length: 7535 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By اَرَهَاَبَيَ   <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html><head> <style> body { scrollbar-3dlight-color: #FFFFFF; scrollbar-arrow-color: #FFFFFF; scrollbar-darkshadow-color: #FFFFFF; scrollbar-face-color: #000000; scrollbar-highlight-color: #FFFFFF; scrollbar-shadow-color: #FFFFFF; scrollbar-track-color: #FFFFFF} DIV { FONT-FAMILY: arial,sans-serif } .med { PADDIN ...[8721 bytes skipped]... | ||
http://jamnetinc.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Mon, 11 Aug 2014 04:43:19 GMT Location: http://11oo12.pp.ua Server: Apache Content-Length: 203 Content-Type: text/html; charset=iso-8859-1 | clean |
http://11oo12.pp.ua/ | HTTP/1.1 302 Found Connection: close Date: Mon, 11 Aug 2014 04:42:33 GMT Location: http://mobile.juicyads.com/service_redirect.php?p=28321&s=63810&u=http://for-you-porn.pw/readme.html Server: Apache/2.2.16 (Debian) Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.3-7+squeeze14 | clean |
http://mobile.juicyads.com/service_redirect.php?p=28321&s=63810&u=http://for-you-porn.pw/readme.html | HTTP/1.1 302 Moved Temporarily Connection: close Date: Mon, 11 Aug 2014 04:43:20 GMT Location: http://for-you-porn.pw/readme.html Server: nginx Content-Type: text/html Set-Cookie: juicynomobile=1; expires=Thu, 14-Aug-2014 04:43:20 GMT; Max-Age=259200 Set-Cookie: incap_ses_108_162936=qm3vBdYDp1QzUVRxnrF/AehJ6FMAAAAAbP9PSDt2G2XLkerQLUZ8lA==; path=/; Domain=.juicyads.com Set-Cookie: ___utmvmlcuXcMF=WGLcEMuPQvf; path=/; Max-Age=900 Set-Cookie: ___utmvalcuXcMF=wsSuNQw; path=/; Max-Age=900 Set-Cookie: ___utmvblcuXcMF=iZg XkpOyalV: ztm; path=/; Max-Age=900 Set-Cookie: visid_incap_162936=MNpQ0VoqRHazttRQ4cO/cOhJ6FMAAAAAQUIPAAAAAAAfq+ZSHorRWUd6Hczofdvi; expires=Tue, 09 Aug 2016 15:52:03 GMT; path=/; Domain=.juicyads.com Set-Cookie: nlbi_162936=CwFJDUYhN3VBCNUoKQMS0gAAAADBeFuoUbw/6ujqb05jrZ6H; path=/; Domain=.juicyads.com X-CDN: Incapsula X-Iinfo: 5-129238984-129238985 NNNY CT(125 -1 0) RT(1407732200050 0) q(0 0 1 0) r(4 4) U9 X-Powered-By: PHP/5.5.7 | clean |
http://for-you-porn.pw/readme.html | 200 OK Content-Length: 4640 Content-Type: text/html | clean |
http://for-you-porn.pw/jquery.js | HTTP/1.1 302 Found Connection: close Date: Mon, 11 Aug 2014 04:42:34 GMT Location: http://for-you-porn.pw Server: Apache/2.2.16 (Debian) Vary: Accept-Encoding Content-Length: 287 Content-Type: text/html; charset=iso-8859-1 | clean |
http://for-you-porn.pw/ | 200 OK Content-Length: 88642 Content-Type: text/html | clean |
http://for-you-porn.pw/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 96402 Content-Type: application/javascript | clean |
http://for-you-porn.pw/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://for-you-porn.pw/wp-content/themes/twentytwelve/js/navigation.js?ver=20140318 | 200 OK Content-Length: 1168 Content-Type: application/javascript | clean |
http://for-you-porn.pw/?page_id=2 | 200 OK Content-Length: 12213 Content-Type: text/html | clean |
http://for-you-porn.pw/wp-includes/js/comment-reply.min.js?ver=3.9.2 | 200 OK Content-Length: 757 Content-Type: application/javascript | clean |
http://for-you-porn.pw/sofdown.php?key=PDF | HTTP/1.1 302 Moved Temporarily Connection: close Date: Mon, 11 Aug 2014 04:42:37 GMT Location: http://www.downloadthesefiles.com/newdownload/?ci=9765&q=PDF Server: Apache/2.2.16 (Debian) Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.3-7+squeeze14 | clean |
http://www.downloadthesefiles.com/newdownload/?ci=9765&q=pdf | 200 OK Content-Length: 9616 Content-Type: text/html | clean |
http://www.downloadthesefiles.com/LPfiles/js/jquery.js | 200 OK Content-Length: 94840 Content-Type: text/html | clean |
http://www.downloadthesefiles.com/a | 404 Not Found Content-Length: 291 Content-Type: text/html | clean |
http://www.downloadthesefiles.com/test404page.js | 404 Not Found Content-Length: 304 Content-Type: text/html | clean |
http://www.downloadthesefiles.com/LPfiles/js/ | 403 Forbidden Content-Length: 305 Content-Type: text/html | clean |
http://www.html-manager.net/AMddlT2.js | 200 OK Content-Length: 991 Content-Type: text/html | clean |
http://www.downloadthesefiles.com/LPfiles/js/common2.js | 200 OK Content-Length: 10925 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: jamnetinc.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 11 Aug 2014 04:43:18 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 7535
Content-Type: text/html
Last-Modified: Fri, 07 Feb 2014 07:57:37 GMT
...7535 bytes of data.
GET / HTTP/1.1
Host: jamnetinc.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 11 Aug 2014 04:43:18 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 7535
Content-Type: text/html
Last-Modified: Fri, 07 Feb 2014 07:57:37 GMT
...7535 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: jamnetinc.com
Referer: http://www.google.com/search?q=jamnetinc.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: jamnetinc.com
Referer: http://www.google.com/search?q=jamnetinc.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jamnetinc.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://jamnetinc.com/
Result: jamnetinc.com is not infected or malware details are not published yet.
Result: jamnetinc.com is not infected or malware details are not published yet.