Scanned pages/files
Request | Server response | Status |
http://jumboleathers.com/ | 200 OK Content-Length: 27639 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Malw4r3 ...[961 bytes skipped]... $('#nav_up,#nav_down').stop().animate({'opacity':'1'}); }); $('#nav_down').click( function (e) { $('html, body').animate({scrollTop: $elem.height()}, 800); } ); $('#nav_up').click( function (e) { $('html, body').animate({scrollTop: '0px'}, 800); } ); }); </script> <title>Hacked By Malw4r3</title> <meta http-equiv="keywords" content="Hacked By Malw4r3" /> <meta http-equiv="description" content="Hacked By Malw4r3" /> <link href='http://fonts.googleapis.com/css?family=Carrois+Gothic' rel='stylesheet' type='text/css'> <script type="text/javascript" src="js/jquery.cycle.all.js"></script> <script type="text/javascript" language="javascript" src="js/jquery.carouFredSel-5.5.0-packed.js"></script>< ...[31953 bytes skipped]... | ||
http://jumboleathers.com/js/jquery.min.js | 200 OK Content-Length: 94019 Content-Type: application/javascript | clean |
http://jumboleathers.com/scroll-startstop.events.jquery.js | 404 Not Found Content-Length: 11812 Content-Type: text/html | clean |
http://code.jquery.com/jquery-1.9.1.js | 200 OK Content-Length: 268381 Content-Type: application/javascript | clean |
http://jumboleathers.com/cgi-sys/js/simple-expand.min.js | 200 OK Content-Length: 2782 Content-Type: application/javascript | clean |
http://jumboleathers.com/test404page.js | 404 Not Found Content-Length: 11812 Content-Type: text/html | clean |
http://jumboleathers.com/js/jquery.cycle.all.js | 200 OK Content-Length: 52444 Content-Type: application/javascript | clean |
http://jumboleathers.com/js/jquery.carouFredSel-5.5.0-packed.js | 200 OK Content-Length: 32332 Content-Type: application/javascript | clean |
http://jumboleathers.com/js/usmani.js | 200 OK Content-Length: 4159 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: jumboleathers.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 07 Dec 2015 12:47:36 GMT
Pragma: no-cache
Server: nginx/1.8.0
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=39827c87a8d524f27f47720adc84b5de; path=/
X-UA-Compatible: IEEmulate=IE8
GET / HTTP/1.1
Host: jumboleathers.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 07 Dec 2015 12:47:36 GMT
Pragma: no-cache
Server: nginx/1.8.0
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=39827c87a8d524f27f47720adc84b5de; path=/
X-UA-Compatible: IEEmulate=IE8
Second query (visit from search engine):
GET / HTTP/1.1
Host: jumboleathers.com
Referer: http://www.google.com/search?q=jumboleathers.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: jumboleathers.com
Referer: http://www.google.com/search?q=jumboleathers.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jumboleathers.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://jumboleathers.com/
Result: jumboleathers.com is not infected or malware details are not published yet.
Result: jumboleathers.com is not infected or malware details are not published yet.