Scanned pages/files
| Request | Server response | Status |
http://jcinfocenter.com/ | 200 OK Content-Length: 2779 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by Garuda Cyber Attacker <html> <head> <script src='http://cyber-dc.hol.es/salju.js' type='text/javascript'></script> <title>root@kheren16:~ #</title> <meta content='Hacked by Garuda Cyber Attacker' name='description'/> <meta content='Hacked by Garuda Cyber Attacker' name='keywords'/> <meta content='Hacked by Garuda Cyber Attacker' name='Abstract'/> <link href="http://fonts.googleapis.com/css?family=Share+Tech+Mono" rel="stylesheet" type="text/css"> </head> <style type="text/css"> body {background:black; color:#FFFFFF; text-decoration:no ...[2634 bytes skipped]... | ||
http://cyber-dc.hol.es/salju.js | HTTP/1.1 200 OK Connection: close Date: Fri, 17 Jul 2015 16:25:22 GMT Server: nginx/1.7.11 Vary: Accept-Encoding Content-Type: text/html | clean |
http://www.hostinger.lt/klaida_404 | 200 OK Content-Length: 11736 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js | 200 OK Content-Length: 91556 Content-Type: text/javascript | clean |
http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.14/jquery-ui.min.js | 200 OK Content-Length: 201658 Content-Type: text/javascript | clean |
http://cyber-dc.hol.es/js/site.php | HTTP/1.1 200 OK Connection: close Date: Fri, 17 Jul 2015 16:25:23 GMT Server: nginx/1.7.11 Content-Type: text/html; charset=UTF-8 | clean |
http://www.hostinger.lt/test404page.js | HTTP/1.1 302 Found Connection: close Date: Fri, 17 Jul 2015 16:25:24 GMT Location: http://redirect.main-hosting.com/error404.php/XXX Server: Apache Content-Length: 233 Content-Type: text/html; charset=iso-8859-1 | clean |
http://redirect.main-hosting.com/error404.php/xxx | HTTP/1.1 200 OK Connection: close Date: Fri, 17 Jul 2015 16:25:24 GMT Server: Apache Content-Length: 157 Content-Type: text/html; charset=utf-8 X-Powered-By: PHP/5.2.17 | clean |
http://www.hostinger.lt/klaida_404? | 200 OK Content-Length: 11736 Content-Type: text/html | clean |
http://www.hostinger.lt/js/site.php | 200 OK Content-Length: 1945 Content-Type: text/html | clean |
http://www.hostinger.lt/js/popup.js | 200 OK Content-Length: 3556 Content-Type: application/javascript | clean |
http://cyber-dc.hol.es/js/popup.js | HTTP/1.1 200 OK Connection: close Date: Fri, 17 Jul 2015 16:25:25 GMT Server: nginx/1.7.11 Vary: Accept-Encoding Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: jcinfocenter.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 17 Jul 2015 16:25:21 GMT
Server: Apache
Content-Type: text/html
X-Powered-By: PHP/5.4.42
X-Powered-By: PleskLin
GET / HTTP/1.1
Host: jcinfocenter.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 17 Jul 2015 16:25:21 GMT
Server: Apache
Content-Type: text/html
X-Powered-By: PHP/5.4.42
X-Powered-By: PleskLin
Second query (visit from search engine):
GET / HTTP/1.1
Host: jcinfocenter.com
Referer: http://www.google.com/search?q=jcinfocenter.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: jcinfocenter.com
Referer: http://www.google.com/search?q=jcinfocenter.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jcinfocenter.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://jcinfocenter.com/
Result: jcinfocenter.com is not infected or malware details are not published yet.
Result: jcinfocenter.com is not infected or malware details are not published yet.