Scanned pages/files
Request | Server response | Status |
http://jcrpersianas.com.br/ | 200 OK Content-Length: 9411 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By XBaha Hacker ...[676 bytes skipped]... e="text/javascript" src="js/jquery-1.7.1.min.js"></script> <script type="text/javascript" src="js/jquery.nivo.slider.pack.js"></script> <script type="text/javascript"> $(window).load(function() { $('#slider').nivoSlider({ animSpeed: 500, pauseTime: 7000, effect: 'sliceDownRight', }); }); </script> <meta name="keywords" content="Hacked By XBaha Hacker" /> <meta name="description" content="Hacked By XBaha Hacker" /> <title>Hacked By XBaha Hacker</title> </head> <body> <div id="jcr-top"> <div id="jcr-top-interno"> <h1> <a href="index.php"><strong>Hacked By XBaha Hacker</strong></a> </h1> <div id="jcr-rede-social"> <a href="https://www.facebook.com/pages/JCR-Persianas-P%C3%A1gina-Oficial/2747851 ...[10800 bytes skipped]... | ||
http://jcrpersianas.com.br/js/jquery-1.7.1.min.js | 200 OK Content-Length: 93868 Content-Type: application/javascript | clean |
http://jcrpersianas.com.br/js/jquery.nivo.slider.pack.js | 200 OK Content-Length: 11550 Content-Type: application/javascript | clean |
http://jcrpersianas.com.br/index.php | 200 OK Content-Length: 9411 Content-Type: text/html | clean |
http://jcrpersianas.com.br/empresa.php | 200 OK Content-Length: 5385 Content-Type: text/html | clean |
http://jcrpersianas.com.br/js/jquery.maskedinput.min.js | 200 OK Content-Length: 3343 Content-Type: application/javascript | clean |
http://jcrpersianas.com.br/js/jquery.validate-1.8.1.js | 200 OK Content-Length: 38276 Content-Type: application/javascript | clean |
http://jcrpersianas.com.br/linha_produtos.php?idtipo=2 | 200 OK Content-Length: 5311 Content-Type: text/html | clean |
http://jcrpersianas.com.br/linha_produtos.php?idtipo=4 | 200 OK Content-Length: 5813 Content-Type: text/html | clean |
http://jcrpersianas.com.br/linha_produtos.php?idtipo=8 | 200 OK Content-Length: 5567 Content-Type: text/html | clean |
http://jcrpersianas.com.br/linha_produtos.php?idtipo=9 | 200 OK Content-Length: 5658 Content-Type: text/html | clean |
http://jcrpersianas.com.br/portfolio.php | 200 OK Content-Length: 5856 Content-Type: text/html | clean |
http://jcrpersianas.com.br/novidades.php | 200 OK Content-Length: 6965 Content-Type: text/html | clean |
http://jcrpersianas.com.br/orcamento.php | 200 OK Content-Length: 5008 Content-Type: text/html | clean |
http://jcrpersianas.com.br/contato.php | 200 OK Content-Length: 7123 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: jcrpersianas.com.br
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Connection: close
Date: Fri, 27 Nov 2015 01:23:30 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Expires: Sun, 27 Dec 2015 01:23:30 GMT
X-Powered-By: PHP/5.5.27
GET / HTTP/1.1
Host: jcrpersianas.com.br
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Connection: close
Date: Fri, 27 Nov 2015 01:23:30 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Expires: Sun, 27 Dec 2015 01:23:30 GMT
X-Powered-By: PHP/5.5.27
Second query (visit from search engine):
GET / HTTP/1.1
Host: jcrpersianas.com.br
Referer: http://www.google.com/search?q=jcrpersianas.com.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: jcrpersianas.com.br
Referer: http://www.google.com/search?q=jcrpersianas.com.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jcrpersianas.com.br
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://jcrpersianas.com.br/
Result: jcrpersianas.com.br is not infected or malware details are not published yet.
Result: jcrpersianas.com.br is not infected or malware details are not published yet.