Scanned pages/files
Request | Server response | Status |
http://medgourmet.com/ | 200 OK Content-Length: 20720 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By: ...[14714 bytes skipped]... \"\";}}} setInterval(flicker,100);}</script> <div class=\"xxx\"><div style=\"background:black url(http://1.bp.blogspot.com/-oXAQc-BXZh0/UqcoBwUCzaI/AAAAAAAAAI8/4dlhHJ8G0WQ/s1600/port_listener.gif)\" class=\"xxx\"> <p></p><h2><span class=\"style1\"><center><font size=\"9\" color=\"#000\"><font size=\"25\" color=\"#000\">«à¹à®ã</font> Hacked By:</font><font color=\"#FF0000\"><span class=\"neon\"> <font color=\"#FFFFFF\">4Ri3 60ndr0n9</font></span></font> <font size=\"25\" face=\"\" color=\"#000\">ãà®à¹Â»</font></center></span></h2><font size=\"9\" color=\"#FFF\"></font></div></div><br/> <center><font size=\"9\" color=\"#FFF\"><style type=\"text/css\">#image{}</ ...[8687 bytes skipped]... | ||
http://medgourmet.com/\"http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js\" | 404 Not Found Content-Length: 491 Content-Type: text/html | clean |
http://medgourmet.com/test404page.js | 404 Not Found Content-Length: 491 Content-Type: text/html | clean |
http://medgourmet.com/\"http://jqueryrotate.googlecode.com/svn/trunk/jQueryRotate.js\" | 404 Not Found Content-Length: 491 Content-Type: text/html | clean |
http://medgourmet.com/\"http://www.p0wersurge.com/js/jquery-css-transform.js\" | 404 Not Found Content-Length: 491 Content-Type: text/html | clean |
http://medgourmet.com/\"http://www.p0wersurge.com/js/rotate3Di.js\" | 404 Not Found Content-Length: 491 Content-Type: text/html | clean |
http://medgourmet.com/\"http://www.widgeo.net/effets/effets.php?id=1&adult=0&cat=informatique&msg=Security | 404 Not Found Content-Length: 491 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: medgourmet.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 01 May 2014 02:12:06 GMT
Accept-Ranges: bytes
ETag: "3bed115-50f0-4f78034e98b70"
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips DAV/2 mod_jk/1.2.37 mod_bwlimited/1.4 mod_qos/10.10
Content-Length: 20720
Content-Type: text/html
Last-Modified: Sun, 20 Apr 2014 21:38:42 GMT
...20720 bytes of data.
GET / HTTP/1.1
Host: medgourmet.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 01 May 2014 02:12:06 GMT
Accept-Ranges: bytes
ETag: "3bed115-50f0-4f78034e98b70"
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips DAV/2 mod_jk/1.2.37 mod_bwlimited/1.4 mod_qos/10.10
Content-Length: 20720
Content-Type: text/html
Last-Modified: Sun, 20 Apr 2014 21:38:42 GMT
...20720 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: medgourmet.com
Referer: http://www.google.com/search?q=medgourmet.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: medgourmet.com
Referer: http://www.google.com/search?q=medgourmet.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=medgourmet.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://medgourmet.com/
Result: medgourmet.com is not infected or malware details are not published yet.
Result: medgourmet.com is not infected or malware details are not published yet.