Scanned pages/files
Request | Server response | Status |
http://jayeshsaving.com/ | 200 OK Content-Length: 11766 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: ~[+]~ Hacked By W@X V@MP!R3 ~[+]~ <html><head><title>~[+]~ Hacked By W@X V@MP!R3 ~[+]~</title><style type="text/css">body {background-color:#000000;color:#FFFFFF;magin:0px;padding:0px;font-family:Trebuchet MS;cursor:url("http://cur.cursors-4u.net/cursors/cur-11/cur1027.ani");}</style><script>var s1='http://s7.directupload.net/images/130206/yl4rmgvc.swf';
var s2='http://syriab-bd.hak.su/KinGoFConTroL.swf'; var r=Math.floor(Math.random() * (3-1))+1; document.write('<e ...[13199 bytes skipped]... | ||
http://jayeshsaving.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Thu, 21 May 2015 22:03:55 GMT Location: http://meddelivery24.com/ Server: Apache Content-Length: 275 Content-Type: text/html; charset=iso-8859-1 | clean |
http://meddelivery24.com/ | HTTP/1.1 302 Found Connection: Keep-Alive Date: Thu, 21 May 2015 22:03:55 GMT Location: http://ww7.meddelivery24.com Server: Apache Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 Keep-Alive: timeout=5, max=97 Set-Cookie: gvc=911vr1797914354009461; expires=Tue, 19-May-2020 22:03:55 GMT; path=/; domain=meddelivery24.com; httponly | clean |
http://ww7.meddelivery24.com/ | 200 OK Content-Length: 7874 Content-Type: text/html | clean |
http://d32ffatx74qnju.cloudfront.net/scripts/js3caf.js | 200 OK Content-Length: 4191 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: jayeshsaving.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 21 May 2015 22:03:54 GMT
Server: Apache
Content-Type: text/html
GET / HTTP/1.1
Host: jayeshsaving.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 21 May 2015 22:03:54 GMT
Server: Apache
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: jayeshsaving.com
Referer: http://www.google.com/search?q=jayeshsaving.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: jayeshsaving.com
Referer: http://www.google.com/search?q=jayeshsaving.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jayeshsaving.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://jayeshsaving.com/
Result: jayeshsaving.com is not infected or malware details are not published yet.
Result: jayeshsaving.com is not infected or malware details are not published yet.