Scanned pages/files
| Request | Server response | Status |
http://moradabadyellowpages.com/ | 200 OK Content-Length: 52037 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED BY VIRUSHACKER <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title> Moradabad, Moradabad Yellow Pages</title> <META NAME="DESCRIPTION" CONTENT="HACKED BY VIRUSHACKER"> <META NAME="KEYWORDS" CONTENT="moradabad , moradabad yellow pages"> <meta http-equiv="pragma" content="no-cache" /> <meta name="revisit-after" content="1" /> <meta name="description" content=""/> <meta name="robots" content="all" /> <meta name="distribution" content="Global" /> <meta name="rating" content="General" /> <meta name="copyright" conten ...[64684 bytes skipped]... | ||
http://moradabadyellowpages.com/facebox/jquery.js | 404 Not Found Content-Length: 334 Content-Type: text/html | clean |
http://moradabadyellowpages.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://moradabadyellowpages.com/facebox/facebox.js | 200 OK Content-Length: 9290 Content-Type: application/javascript | clean |
http://moradabadyellowpages.com/scriptaculous/lib/prototype.js | 200 OK Content-Length: 68567 Content-Type: application/javascript | clean |
http://moradabadyellowpages.com/scriptaculous/src/effects.js | 200 OK Content-Length: 38597 Content-Type: application/javascript | clean |
http://moradabadyellowpages.com/fabtabulous.js | 200 OK Content-Length: 1468 Content-Type: application/javascript | clean |
http://moradabadyellowpages.com/validation.js | 200 OK Content-Length: 10449 Content-Type: application/javascript | clean |
http://moradabadyellowpages.com/fckeditor/fckeditor.js | 200 OK Content-Length: 9194 Content-Type: application/javascript | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 27376 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: moradabadyellowpages.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 19 Dec 2015 12:04:31 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Length: 52037
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=0937e76c2753da4deab4b97b30870826; path=/
X-Powered-By: PHP/5.5.29
...52037 bytes of data.
GET / HTTP/1.1
Host: moradabadyellowpages.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 19 Dec 2015 12:04:31 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Length: 52037
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=0937e76c2753da4deab4b97b30870826; path=/
X-Powered-By: PHP/5.5.29
...52037 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: moradabadyellowpages.com
Referer: http://www.google.com/search?q=moradabadyellowpages.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: moradabadyellowpages.com
Referer: http://www.google.com/search?q=moradabadyellowpages.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=moradabadyellowpages.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://moradabadyellowpages.com/
Result: moradabadyellowpages.com is not infected or malware details are not published yet.
Result: moradabadyellowpages.com is not infected or malware details are not published yet.