Scanned pages/files
Request | Server response | Status |
http://jardin.com.ua/ | 200 OK Content-Length: 61984 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: hacked by nofawkX-al ...[808 bytes skipped]... /> <meta name="viewport" content="width=device-width; initial-scale=0.85; maximum-scale=0.85; user-scalable=0;" /> <link rel="shortcut icon" href="http://jardin.com.ua/sites/all/themes/jardin2/favicon.ico" type="image/vnd.microsoft.icon" /> <meta name="generator" content="Drupal 7 (http://drupal.org)" /> <link rel="canonical" href="http://jardin.com.ua/" /> <title>hacked by nofawkX-al</title> <style type="text/css" media="all">@import url("http://jardin.com.ua/modules/system/system.base.css?njieta"); @import url("http://jardin.com.ua/modules/system/system.menus.css?njieta"); @import url("http://jardin.com.ua/modules/system/system.messages.css?njieta"); @import url("http://jardin.com.ua/modules/system/system.theme.css?njieta");</style> <style type="text/css" media="all">@import url("http://jardin.com.ua/mod ...[71663 bytes skipped]... | ||
http://jardin.com.ua/sites/all/modules/jquery_update/replace/jquery/jquery.min.js?v=1.5.2 | 200 OK Content-Length: 85925 Content-Type: application/javascript | clean |
http://jardin.com.ua/misc/jquery.once.js?v=1.2 | 200 OK Content-Length: 2974 Content-Type: application/javascript | clean |
http://jardin.com.ua/misc/drupal.js?njieta | 200 OK Content-Length: 13852 Content-Type: application/javascript | clean |
http://jardin.com.ua/sites/all/modules/jquery_update/replace/ui/external/jquery.cookie.js?v=67fb34f6a866c40d0570 | 200 OK Content-Length: 3655 Content-Type: application/javascript | clean |
http://jardin.com.ua/sites/all/modules/jquery_update/replace/misc/jquery.form.js?v=2.67 | 200 OK Content-Length: 10560 Content-Type: application/javascript | clean |
http://jardin.com.ua/misc/ajax.js?v=7.12 | 200 OK Content-Length: 22510 Content-Type: application/javascript | clean |
http://jardin.com.ua/sites/default/files/languages/ru_dHdEN1QQWxB641BgQePtyIROIc_FeXNKQKmpmCvsgcA.js?njieta | 200 OK Content-Length: 4587 Content-Type: application/javascript | clean |
http://jardin.com.ua/sites/all/modules/lightbox2/js/lightbox.js?1437672665 | 200 OK Content-Length: 45178 Content-Type: application/javascript | clean |
http://jardin.com.ua/sites/all/modules/views/js/base.js?njieta | 200 OK Content-Length: 3098 Content-Type: application/javascript | clean |
http://jardin.com.ua/misc/progress.js?v=7.12 | 200 OK Content-Length: 3112 Content-Type: application/javascript | clean |
http://jardin.com.ua/sites/all/modules/views/js/ajax_view.js?njieta | 200 OK Content-Length: 4678 Content-Type: application/javascript | clean |
http://jardin.com.ua/sites/all/themes/jardin2/js/mootools-1.2.3-core.js?njieta | 200 OK Content-Length: 100240 Content-Type: application/javascript | clean |
http://jardin.com.ua/sites/all/themes/jardin2/js/mootools-1.2.3.1-more.js?njieta | 200 OK Content-Length: 142698 Content-Type: application/javascript | clean |
http://jardin.com.ua/sites/all/themes/jardin2/js/moosized.1.0.js?njieta | 200 OK Content-Length: 3939 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: jardin.com.ua
Result:
HTTP/1.1 200 OK
Cache-Control: public, max-age=43200
Connection: close
Date: Thu, 23 Jul 2015 19:36:07 GMT
ETag: "1437672665-0"
Server: nginx/1.8.0
Vary: Cookie,Accept-Encoding
Content-Language: ru
Content-Type: text/html; charset=utf-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Thu, 23 Jul 2015 17:31:05 +0000
Link: <http://jardin.com.ua/>; rel="canonical"
X-Drupal-Cache: HIT
X-Generator: Drupal 7 (http://drupal.org)
X-Powered-By: PHP/5.2.6-1+lenny16
GET / HTTP/1.1
Host: jardin.com.ua
Result:
HTTP/1.1 200 OK
Cache-Control: public, max-age=43200
Connection: close
Date: Thu, 23 Jul 2015 19:36:07 GMT
ETag: "1437672665-0"
Server: nginx/1.8.0
Vary: Cookie,Accept-Encoding
Content-Language: ru
Content-Type: text/html; charset=utf-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Thu, 23 Jul 2015 17:31:05 +0000
Link: <http://jardin.com.ua/>; rel="canonical"
X-Drupal-Cache: HIT
X-Generator: Drupal 7 (http://drupal.org)
X-Powered-By: PHP/5.2.6-1+lenny16
Second query (visit from search engine):
GET / HTTP/1.1
Host: jardin.com.ua
Referer: http://www.google.com/search?q=jardin.com.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: jardin.com.ua
Referer: http://www.google.com/search?q=jardin.com.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jardin.com.ua
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://jardin.com.ua/
Result: jardin.com.ua is not infected or malware details are not published yet.
Result: jardin.com.ua is not infected or malware details are not published yet.