Scanned pages/files
Request | Server response | Status |
http://kaldaneh.com/ | 200 OK Content-Length: 12349 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By WouNded ...[3692 bytes skipped]... ; <td><img src='images/box_right_top.gif'></td> <td background='images/box_top_tile.gif' width=100%></td> <td><img src='images/box_left_top.gif'></td> </tr> <tr> <td background='images/box_right_tile.gif'></td> <td bgcolor=white> <div id='maintextpad'><p>Hacked By WouNded</p><p><br><table width=90% align=center><tr><td align=right><span class=newsTitle>Ùر ÙÙت٠ÛÚ© ØºØ°Ø§Û ÙØ°ÛØ° با Ù ØصÙÙات کاÙداÙÙ</span> (<font dir=ltr>1389/7/17</font>)</td></tr><tr><td><p>بازدÛدکÙÙدگا٠Ùب ساÛت شرکت صÙاÛع غذاÛÛ Ù¾Ø¯Ø±Ø¨Ø²Ø±Ú¯ از اÛ٠پس Ù Û ØªÙاÙÙد Ùر ÙÙت٠دستÙر پخت ÛÚ© ØºØ°Ø§Û ÙØ°Û ...[11147 bytes skipped]... | ||
http://kaldaneh.com/js/ajax.js | 200 OK Content-Length: 1879 Content-Type: text/javascript | clean |
http://kaldaneh.com/index.php | 200 OK Content-Length: 12349 Content-Type: text/html | clean |
http://kaldaneh.com/?pg=products | 200 OK Content-Length: 9965 Content-Type: text/html | clean |
http://kaldaneh.com/js/ajaxtabs.js | 200 OK Content-Length: 11699 Content-Type: text/javascript | clean |
http://kaldaneh.com/?pg=resellers | 200 OK Content-Length: 24069 Content-Type: text/html | clean |
http://kaldaneh.com/?pg=news | 200 OK Content-Length: 10241 Content-Type: text/html | clean |
http://kaldaneh.com/?pg=gallery | 200 OK Content-Length: 10545 Content-Type: text/html | clean |
http://kaldaneh.com/?pg=production | 200 OK Content-Length: 12145 Content-Type: text/html | clean |
http://kaldaneh.com/?pg=lab | 200 OK Content-Length: 17253 Content-Type: text/html | clean |
http://kaldaneh.com/?pg=standards | 200 OK Content-Length: 18416 Content-Type: text/html | clean |
http://kaldaneh.com/?pg=calorie | 200 OK Content-Length: 17648 Content-Type: text/html | clean |
http://kaldaneh.com/?pg=order | 200 OK Content-Length: 9571 Content-Type: text/html | clean |
http://kaldaneh.com/?pg=about | 200 OK Content-Length: 10589 Content-Type: text/html | clean |
http://kaldaneh.com/?pg=comment | 200 OK Content-Length: 9427 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: kaldaneh.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 30 Mar 2015 04:42:26 GMT
Pragma: no-cache
Server: Apache/2.2.15
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=oimiitsvjfd6o68tmj4dm6il43; path=/
X-Powered-By: PHP/5.3.3
GET / HTTP/1.1
Host: kaldaneh.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 30 Mar 2015 04:42:26 GMT
Pragma: no-cache
Server: Apache/2.2.15
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=oimiitsvjfd6o68tmj4dm6il43; path=/
X-Powered-By: PHP/5.3.3
Second query (visit from search engine):
GET / HTTP/1.1
Host: kaldaneh.com
Referer: http://www.google.com/search?q=kaldaneh.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: kaldaneh.com
Referer: http://www.google.com/search?q=kaldaneh.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=kaldaneh.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://kaldaneh.com/
Result: kaldaneh.com is not infected or malware details are not published yet.
Result: kaldaneh.com is not infected or malware details are not published yet.