Scanned pages/files
Request | Server response | Status |
http://jaredburgess.com/ | 200 OK Content-Length: 25897 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by Zone_41_DZ ...[3035 bytes skipped]... > // --> </SCRIPT> <!--table depth starts at:0--> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office"> <head> <title>Hacked by Zone_41_DZ</title> <link rel="shortcut icon" href="http://www.rugby-guyane.com/data/Image/icone_Warning.jpg"/> <p align="center"> <embed width="1250" height="350" __idm_id__="2738177" wmode="transparent" type="application/x-shockwave-flash" src="https://www.youtube.com/v/JDlcFa594lk&feature=youtu.be&feature=related&autoplay=1"></embed> <link href='http://fonts.googleapis.com/css?family=Orbitron:700' rel='styl ...[28531 bytes skipped]... | ||
http://www.jaredburgess.com/dopopup.js | 200 OK Content-Length: 11661 Content-Type: text/javascript | clean |
http://www.jaredburgess.com/popup_cache.js | 200 OK Content-Length: 706 Content-Type: text/javascript | clean |
http://www.jaredburgess.com/homepopup.js | 200 OK Content-Length: 13345 Content-Type: text/javascript | clean |
http://www.agentpanelgolddb.com/bottommenu/jquery-1.3.2.min.js | 200 OK Content-Length: 57254 Content-Type: text/javascript | clean |
http://jaredburgess.com/custompages_buyers.php | 200 OK Content-Length: 22127 Content-Type: text/html | clean |
http://www.jaredburgess.com/layeredwindow.js | 200 OK Content-Length: 20061 Content-Type: text/javascript | clean |
http://jaredburgess.com/custompages_sellers.php | 200 OK Content-Length: 22400 Content-Type: text/html | clean |
http://jaredburgess.com/test404page.js | 404 Not Found Content-Length: 294 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: jaredburgess.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 21 Aug 2014 22:39:43 GMT
Pragma: no-cache
Server: Apache/2.2.15 (CentOS)
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Thu, 21 Aug 2014 22:39:43 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Set-Cookie: PHPSESSID=4jkpthjshqvu92amcjc0rttbk5; path=/
Set-Cookie: CLIENTID41572=deleted; expires=Wed, 21-Aug-2013 22:39:42 GMT; path=/
Set-Cookie: TEMPID41572=350548795; expires=Fri, 21-Aug-2015 22:39:43 GMT; path=/
Set-Cookie: SESSION41572=909128275; path=/
X-Powered-By: PHP/5.3.3
GET / HTTP/1.1
Host: jaredburgess.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 21 Aug 2014 22:39:43 GMT
Pragma: no-cache
Server: Apache/2.2.15 (CentOS)
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Last-Modified: Thu, 21 Aug 2014 22:39:43 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Set-Cookie: PHPSESSID=4jkpthjshqvu92amcjc0rttbk5; path=/
Set-Cookie: CLIENTID41572=deleted; expires=Wed, 21-Aug-2013 22:39:42 GMT; path=/
Set-Cookie: TEMPID41572=350548795; expires=Fri, 21-Aug-2015 22:39:43 GMT; path=/
Set-Cookie: SESSION41572=909128275; path=/
X-Powered-By: PHP/5.3.3
Second query (visit from search engine):
GET / HTTP/1.1
Host: jaredburgess.com
Referer: http://www.google.com/search?q=jaredburgess.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: jaredburgess.com
Referer: http://www.google.com/search?q=jaredburgess.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jaredburgess.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://jaredburgess.com/
Result: jaredburgess.com is not infected or malware details are not published yet.
Result: jaredburgess.com is not infected or malware details are not published yet.