Scanned pages/files
Request | Server response | Status |
http://jemcq.org/ | 200 OK Content-Length: 104374 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: +ADw-title+AD4-Hacked By Tuncay117 +ADw-/title+AD4 ...[1309 bytes skipped]... el+AD0AIg-Shortcut Icon+ACI href+AD0AIg-http://i.hizliresim.com/eoLDm9.png+ACI type+AD0AIg-image/x-icon+ACIAPg +ADw-meta charset+AD0′utf-8′+AD4APA-/meta+AD4APA-html lang+AD0AIg-tr+ACIAPg +ADw-head+AD4 +ADw-meta http-equiv+AD0AIg-Content-Type+ACI content+AD0AIg-text/html+ADs charset+AD0-utf-8+ACIAPg +ADw-meta charset+AD0AIg-utf-8+ACIAPg +ADw-title+AD4-Hacked By Tuncay117 +ADw-/title+AD4 +ADw-script type+AD0AIg-text/javascript+ACI src+AD0AIg-https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js+ACIAPgA8-/script+AD4 +ADw-link rel+AD0AIg-stylesheet+ACI type+AD0AIg-text/css+ACI href+AD0AIg-fiddle.jshell.net/jonnyc/Ujz4P/3/show/css/normalize.css+ACIAPg +ADw-link rel+AD0AIg-stylesheet+ACI type+AD0AIg-text/css+ACI href+AD0AIg-fiddle.jshell.net/jonnyc/Ujz4P/3/show/css/result-light.css+ACIAPg +ADw-style ...[113301 bytes skipped]... | ||
http://jemcq.org/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 93085 Content-Type: application/javascript | clean |
http://jemcq.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://jemcq.org/wp-content/plugins/sidebar-login/assets/js/blockui.min.js?ver=2.57 | 200 OK Content-Length: 9125 Content-Type: application/javascript | clean |
http://jemcq.org/wp-content/plugins/sidebar-login/assets/js/sidebar-login.min.js?ver=2.6.0 | 200 OK Content-Length: 1306 Content-Type: application/javascript | clean |
http://jemcq.org/wp-includes/js/swfobject.js?ver=2.2-20120417 | 200 OK Content-Length: 10231 Content-Type: application/javascript | clean |
http://jemcq.org/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.44.0-2013.09.15 | 200 OK Content-Length: 14701 Content-Type: application/javascript | clean |
http://jemcq.org/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.5.3 | 200 OK Content-Length: 8326 Content-Type: application/javascript | clean |
http://jemcq.org/wp-content/themes/reborn/js/jquery.easing.1.3.js?ver=1.3 | 200 OK Content-Length: 8097 Content-Type: application/javascript | clean |
http://jemcq.org/wp-content/themes/reborn/js/jquery.transit.min.js?ver=0.9.9 | 200 OK Content-Length: 7507 Content-Type: application/javascript | clean |
http://jemcq.org/wp-content/themes/reborn/js/jquery.mousewheel.min.js?ver=3.0.6 | 200 OK Content-Length: 1392 Content-Type: application/javascript | clean |
http://jemcq.org/wp-content/themes/reborn/js/modernizr.custom.js?ver=2.6.2 | 200 OK Content-Length: 9171 Content-Type: application/javascript | clean |
http://jemcq.org/wp-content/themes/reborn/js/jQuery.browser.mobile.js?ver=1.0.2 | 200 OK Content-Length: 2209 Content-Type: application/javascript | clean |
http://jemcq.org/wp-content/themes/reborn/js/jquery.touchSwipe-1.2.5.js?ver=1.5 | 200 OK Content-Length: 16207 Content-Type: application/javascript | clean |
http://jemcq.org/wp-content/themes/reborn/js/jquery.prettyPhoto.js?ver=3.1.5 | 200 OK Content-Length: 22060 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: jemcq.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 18 Oct 2014 06:44:29 GMT
Server: Apache/2.4.10 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html; charset=UTF-7
X-Pingback: http://jemcq.org/xmlrpc.php
X-Powered-By: PHP/5.3.29
GET / HTTP/1.1
Host: jemcq.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 18 Oct 2014 06:44:29 GMT
Server: Apache/2.4.10 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html; charset=UTF-7
X-Pingback: http://jemcq.org/xmlrpc.php
X-Powered-By: PHP/5.3.29
Second query (visit from search engine):
GET / HTTP/1.1
Host: jemcq.org
Referer: http://www.google.com/search?q=jemcq.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: jemcq.org
Referer: http://www.google.com/search?q=jemcq.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jemcq.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://jemcq.org/
Result: jemcq.org is not infected or malware details are not published yet.
Result: jemcq.org is not infected or malware details are not published yet.