Scanned pages/files
Request | Server response | Status |
http://www.medico-jobs.bg/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 13 Jul 2015 04:10:28 GMT Pragma: no-cache Location: http://medico-jobs.bg/ Server: Apache/2 Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=tb88utfhkou1pgmkgqlho73mc3; path=/ X-Powered-By: PHP/5.3.29 | clean |
http://medico-jobs.bg/ | 200 OK Content-Length: 51117 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by AlfabetoVirtual ...[6867 bytes skipped]... itle"); jQuery(this).attr('title',title); }) } // Supported file extensions var thumbnails = jQuery("a:has(img)").not(".nolightbox").filter( function() { return /\.(jpe?g|png|gif|bmp)$/i.test(jQuery(this).attr('href')) }); jQuery("a.fancybox").fancybox({ 'cyclic': false, 'autoScale': false, 'padding': </script><script>document.title = 'Hacked by AlfabetoVirtual';</script><style>body {font-family: Lucida Console, cursive, sans-serif;background-color: #000000;color:white; text-shadow:0 0 100px black;font-size:20px;}</style><center><br /><br /><br /><br /><br /><br /><h1>Hacked by AlfabetoVirtual</h1><h2 style='color: white'>Hackeado por AlfabetoVirtual</h2>#BrazilUnderground #CadeiaNoPt #KissMyAssDilma Sozinho e sempre, mimizinho de grupinho to ...[52375 bytes skipped]... | ||
http://medico-jobs.bg/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 95807 Content-Type: application/javascript | clean |
http://medico-jobs.bg/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://medico-jobs.bg/wp-content/plugins/fancybox-for-wordpress/fancybox/jquery.fancybox.js?ver=1.3.4 | 200 OK Content-Length: 15667 Content-Type: application/javascript | clean |
http://medico-jobs.bg/wp-content/plugins/smooth-page-scroll-to-top/files/smooth_scroll.js | 200 OK Content-Length: 745 Content-Type: application/javascript | clean |
http://medico-jobs.bg/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105 | 200 OK Content-Length: 12113 Content-Type: application/javascript | clean |
http://medico-jobs.bg/wp-content/themes/EMC/js/functions.js?ver=2013-07-18 | 200 OK Content-Length: 2037 Content-Type: application/javascript | clean |
http://medico-jobs.bg/wp-content/plugins/wordpress-popup/js/public.min.js?ver=4.0.1 | 200 OK Content-Length: 8424 Content-Type: application/javascript | clean |
http://medico-jobs.bg/wp-includes/js/jquery/jquery.form.min.js?ver=3.37.0 | 200 OK Content-Length: 14720 Content-Type: application/javascript | clean |
http://medico-jobs.bg/wp-content/plugins/ninja-forms//js/min/ninja-forms-display.min.js?ver=4.0.1 | 200 OK Content-Length: 19609 Content-Type: application/javascript | clean |
http://medico-jobs.bg/wp-content/plugins/ml-slider/assets/sliders/nivoslider/jquery.nivo.slider.pack.js?ver=2.2.2 | 200 OK Content-Length: 12201 Content-Type: application/javascript | clean |
http://medico-jobs.bg/wp-content/plugins/visual-form-builder/js/jquery.validate.min.js?ver=1.9.0 | 200 OK Content-Length: 21601 Content-Type: application/javascript | clean |
http://medico-jobs.bg/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.10.4 | 200 OK Content-Length: 4289 Content-Type: application/javascript | clean |
http://medico-jobs.bg/wp-includes/js/jquery/ui/jquery.ui.datepicker.min.js?ver=1.10.4 | 200 OK Content-Length: 35806 Content-Type: application/javascript | clean |
http://medico-jobs.bg/wp-content/plugins/visual-form-builder/js/vfb-validation.min.js?ver=4.0.1 | 200 OK Content-Length: 957 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: medico-jobs.bg
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 13 Jul 2015 04:10:29 GMT
Pragma: no-cache
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=uao53nqt59aijjmuv6hbob2737; path=/
X-Powered-By: PHP/5.3.29
GET / HTTP/1.1
Host: medico-jobs.bg
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 13 Jul 2015 04:10:29 GMT
Pragma: no-cache
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=uao53nqt59aijjmuv6hbob2737; path=/
X-Powered-By: PHP/5.3.29
Second query (visit from search engine):
GET / HTTP/1.1
Host: medico-jobs.bg
Referer: http://www.google.com/search?q=medico-jobs.bg
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: medico-jobs.bg
Referer: http://www.google.com/search?q=medico-jobs.bg
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=medico-jobs.bg
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://medico-jobs.bg/
Result: medico-jobs.bg is not infected or malware details are not published yet.
Result: medico-jobs.bg is not infected or malware details are not published yet.