Scanned pages/files
| Request | Server response | Status |
http://poweres.com/ | 200 OK Content-Length: 73123 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: !-- Hacked By Phenomene Dz -- ...[27081 bytes skipped]... <div class="items-row cols-1 row-0 row-fluid"> <div class="span12"> <div class="item column-1"> <!-- Icons --> <!-- Intro image --> <!-- title/author --> <!-- info TOP --> <!-- Introtext --> <div class="item_introtext"><S-cript Language='Javascript'> <!-- Hacked By Phenomene Dz --> <!-- fb.com/J1jeI document.write(unescape('%3C%73%63%72%69%70%74%20%6C%61%6E%67%75%61%67%65%3D%4A%61%76%61%53%63%72%69%70%74%3E%6D%3D%27%25%33%43%68%65%61%64%25%33%45%25%30%41%25%33%43%74%69%74%6C%65%25%33%45%48%61%63%6B%65%64%25%32%30%42%79%25%32%30%50%68%65%6E%6F%6D%65%6E%65%25%32%30%44%7A%25%33%43%2F%74%69%74%6C%65%25%33%45%25%30%41%25%33%43%6C%69%6E%6B%25%32%30%52%45%4C%25%33%44%25%32%32%53%48%4F%52%54%43%55%54%25%32%30%49%43%4F%4E%25%32%32%25%32 ...[51295 bytes skipped]... | ||
http://poweres.com/media/jui/js/jquery.min.js | 200 OK Content-Length: 95930 Content-Type: application/javascript | clean |
http://poweres.com/media/jui/js/jquery-noconflict.js | 200 OK Content-Length: 21 Content-Type: application/javascript | clean |
http://poweres.com/media/jui/js/jquery-migrate.min.js | 200 OK Content-Length: 7199 Content-Type: application/javascript | clean |
http://poweres.com/media/system/js/caption.js | 200 OK Content-Length: 491 Content-Type: application/javascript | clean |
http://poweres.com/media/system/js/mootools-core.js | 200 OK Content-Length: 83893 Content-Type: application/javascript | clean |
http://poweres.com/media/system/js/core.js | 200 OK Content-Length: 5454 Content-Type: application/javascript | clean |
http://poweres.com/media/system/js/mootools-more.js | 200 OK Content-Length: 236825 Content-Type: application/javascript | clean |
http://poweres.com/cache/widgetkit/widgetkit-b7e0c1c6.js | 200 OK Content-Length: 20858 Content-Type: application/javascript | clean |
http://poweres.com/components/com_rsform/assets/js/script.js | 200 OK Content-Length: 12081 Content-Type: application/javascript | clean |
http://poweres.com/templates/theme1654/js/jquery.mobile.customized.min.js | 200 OK Content-Length: 17537 Content-Type: application/javascript | clean |
http://poweres.com/templates/theme1654/js/jquery.easing.1.3.js | 200 OK Content-Length: 8301 Content-Type: application/javascript | clean |
http://poweres.com/media/jui/js/bootstrap.js | 200 OK Content-Length: 63523 Content-Type: application/javascript | clean |
http://poweres.com/templates/theme1654/js/jquery.isotope.min.js | 200 OK Content-Length: 15886 Content-Type: application/javascript | clean |
http://poweres.com/templates/theme1654/js/touch.gallery.js | 200 OK Content-Length: 5233 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: poweres.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 13 Sep 2015 16:52:19 GMT
Pragma: no-cache
Accept-Ranges: bytes
Age: 198
Server: nginx
Vary: Accept-Encoding
Content-Length: 73123
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sun, 13 Sep 2015 16:49:01 GMT
Ngpass_vcall: 1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vacache: HIT
...73123 bytes of data.
GET / HTTP/1.1
Host: poweres.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 13 Sep 2015 16:52:19 GMT
Pragma: no-cache
Accept-Ranges: bytes
Age: 198
Server: nginx
Vary: Accept-Encoding
Content-Length: 73123
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sun, 13 Sep 2015 16:49:01 GMT
Ngpass_vcall: 1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vacache: HIT
...73123 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: poweres.com
Referer: http://www.google.com/search?q=poweres.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: poweres.com
Referer: http://www.google.com/search?q=poweres.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=poweres.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://poweres.com/
Result: poweres.com is not infected or malware details are not published yet.
Result: poweres.com is not infected or malware details are not published yet.