Scanned pages/files
Request | Server response | Status |
http://khaitrico.com/ | 200 OK Content-Length: 27216 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HackeD by Newo ...[2732 bytes skipped]... <header> <div id="logo"><a href=""><img src="images/logo.png" alt=""></a></div> <div class="header_nd"> <center style="font-family: Arial, Helvetica, sans-serif; font-size: 12px; line-height: normal; background-color: rgb(255, 255, 255);"><font color="#0000e0">HackeD by Newo</font></center><h3 style="margin: 0px; padding-bottom: 0px; font-size: 12px; color: rgb(0, 0, 0); font-family: Arial, Helvetica, sans-serif; line-height: normal; background-color: rgb(255, 255, 255);"> </h3><center style="font-family: Arial, Helvetica, sans-serif; font-size: 12px; line-height: normal; background-color: rgb(255, 255, 255);"><font color="red"><b>Special Thanks </b></font><b><font ...[30163 bytes skipped]... | ||
http://khaitrico.com/js/jquery-1.6.js | 200 OK Content-Length: 91358 Content-Type: application/x-javascript | clean |
http://khaitrico.com/js/Forum_400.font.js | HTTP/1.1 301 Moved Permanently Date: Sun, 01 Mar 2015 03:59:01 GMT Location: http://khaitrico.com/js.html Server: Microsoft-IIS/7.0 Content-Length: 151 Content-Type: text/html; charset=UTF-8 X-Powered-By: ASP.NET | clean |
http://khaitrico.com/js.html | HTTP/1.1 302 Found Cache-Control: private Date: Sun, 01 Mar 2015 03:59:02 GMT Location: /404.html Server: Microsoft-IIS/7.0 Content-Length: 128 Content-Type: text/html; charset=utf-8 Set-Cookie: ASP.NET_SessionId=azkzlurbo00nkh45a1rzoxvz; path=/; HttpOnly X-AspNet-Version: 2.0.50727 X-Powered-By: ASP.NET | clean |
http://khaitrico.com/404.html | 200 OK Content-Length: 292 Content-Type: text/html | clean |
http://khaitrico.com/test404page.js | 404 Not Found Content-Length: 1052 Content-Type: text/html | clean |
http://khaitrico.com/js/jquery.easing.1.3.js | 200 OK Content-Length: 8301 Content-Type: application/x-javascript | clean |
http://khaitrico.com/js/tms-0.3.js | 200 OK Content-Length: 8715 Content-Type: application/x-javascript | clean |
http://khaitrico.com/js/tms_presets.js | 200 OK Content-Length: 19135 Content-Type: application/x-javascript | clean |
http://khaitrico.com/js/script.js | 200 OK Content-Length: 472 Content-Type: application/x-javascript | clean |
http://khaitrico.com/js/atooltip.jquery.js | 200 OK Content-Length: 3716 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: khaitrico.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Sun, 01 Mar 2015 03:58:54 GMT
Server: Microsoft-IIS/7.0
Content-Length: 38794
Content-Type: text/html; charset=utf-8
Set-Cookie: ASP.NET_SessionId=y335r4vkbuwm13mxyrhr2o3p; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Died: timeout at scan.pm line 1566.
X-Powered-By: ASP.NET
...38794 bytes of data.
GET / HTTP/1.1
Host: khaitrico.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Sun, 01 Mar 2015 03:58:54 GMT
Server: Microsoft-IIS/7.0
Content-Length: 38794
Content-Type: text/html; charset=utf-8
Set-Cookie: ASP.NET_SessionId=y335r4vkbuwm13mxyrhr2o3p; path=/; HttpOnly
X-AspNet-Version: 2.0.50727
X-Died: timeout at scan.pm line 1566.
X-Powered-By: ASP.NET
...38794 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: khaitrico.com
Referer: http://www.google.com/search?q=khaitrico.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: khaitrico.com
Referer: http://www.google.com/search?q=khaitrico.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=khaitrico.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://khaitrico.com/
Result: khaitrico.com is not infected or malware details are not published yet.
Result: khaitrico.com is not infected or malware details are not published yet.