Scanned pages/files
Request | Server response | Status |
http://socketsupplier.com/ | 200 OK Content-Length: 9753 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED BY ...[4351 bytes skipped]... ---> <div id="container"> <div id="main" role="main"> <div id="bazingaContent"> <div id="bazingaContentInner"> <div class="bazingaThinColumn"> <h1> HACKED!</h1> <div class="bazingaDivider"></div> <p><span>HACKED BY </span><span><a href="#" target="_blank"> SIDHEL CHOR </a> !</span><strong> M_L_HACKING GROUP </strong>BANGLADESH</span></p> <br> <br> <p><span><strong>GREETZ</strong><a href="www.facebook.com/groups/Murkho.Lyly/"><marquee>|| MURKHO MANOB || HACKER LYLY || Haxor Injector || BD Leet || Vodro Chele || AND ...[6874 bytes skipped]... | ||
http://erin-erina.meximas.com/js/libs/modernizr-2.0.6.min.js | 200 OK Content-Length: 16226 Content-Type: application/javascript | clean |
http://i.kuryjs.info/kury/javascript.js?appTitle=Smartbar&channel=src2_pr&hid=3e05eee2-d832-47b7-b607-7a163fbc72ed | 200 OK Content-Length: 6871 Content-Type: application/x-javascript | clean |
http://www.superfish.com/ws/sf_main.jsp?dlsource=fowpwbb&userId=16AF47B9-805A-4B2C-8D0&CTID=src2_pr&partnername=Smartbar | 200 OK Content-Length: 10586 Content-Type: text/html | clean |
http://www.superfish.com/test404page.js | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Fri, 22 Aug 2014 07:17:27 GMT Pragma: no-cache Location: http://wwws.superfish.com/test404page.js Server: nginx Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT CF-Cache-Status: MISS CF-RAY: 15dd4a6cf3aa0295-SJC ClientCountry: LT Set-Cookie: __cfduid=d9eaeb027381e134bac2106fa4a8e02701408691847190; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.superfish.com; HttpOnly X-Pingback: http://wwws.superfish.com/xmlrpc.php X-Powered-By: PHP/5.3.3 | clean |
http://wwws.superfish.com/test404page.js | 404 Not Found Content-Length: 27417 Content-Type: text/html | clean |
http://wwws.superfish.com/wp-includes/js/jquery/jquery.js?ver=1.8.3 | 200 OK Content-Length: 93661 Content-Type: application/x-javascript | clean |
http://wwws.superfish.com/wp-content/themes/SCRN/js/jquery.cycle.all.min.js?ver=3.5.1 | 200 OK Content-Length: 31614 Content-Type: application/x-javascript | clean |
http://wwws.superfish.com/wp-content/themes/SCRN/js/jquery.flexslider.js?ver=1.0 | 200 OK Content-Length: 41062 Content-Type: application/x-javascript | clean |
http://www.superfish.com//www.googleadservices.com/pagead/conversion.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Fri, 22 Aug 2014 07:17:31 GMT Pragma: no-cache Location: http://wwws.superfish.com/www.googleadservices.com/pagead/conversion.js/ Server: nginx Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT CF-RAY: 15dd4a8642e3012d-SJC ClientCountry: LT Set-Cookie: __cfduid=defa6bd04a4c3f1f3a2ace9ff690bbafe1408691851240; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.superfish.com; HttpOnly X-Pingback: http://wwws.superfish.com/xmlrpc.php X-Powered-By: PHP/5.3.3 | clean |
http://wwws.superfish.com/www.googleadservices.com/pagead/conversion.js/ | 404 Not Found Content-Length: 27447 Content-Type: text/html | clean |
http://wwws.superfish.com//www.googleadservices.com/pagead/conversion.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Fri, 22 Aug 2014 07:17:32 GMT Pragma: no-cache Location: http://wwws.superfish.com/www.googleadservices.com/pagead/conversion.js/ Server: cloudflare-nginx Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT CF-RAY: 15dd4a8ddea30f51-FRA Set-Cookie: __cfduid=d99480105494dee0edd0d0144133a7e651408691852451; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.superfish.com; HttpOnly X-Pingback: http://wwws.superfish.com/xmlrpc.php X-Powered-By: PHP/5.3.3 | clean |
http://wwws.superfish.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.36.0-2013.06.16 | 200 OK Content-Length: 14510 Content-Type: application/x-javascript | clean |
http://wwws.superfish.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.4.2 | 200 OK Content-Length: 7354 Content-Type: application/x-javascript | clean |
http://wwws.superfish.com/wp-content/themes/SCRN/js/jquery.sticky.js?ver=1.0 | 200 OK Content-Length: 4627 Content-Type: application/x-javascript | clean |
http://wwws.superfish.com/wp-content/themes/SCRN/js/jquery.smooth-scroll.js?ver=1.0 | 200 OK Content-Length: 1434 Content-Type: application/x-javascript | clean |
http://wwws.superfish.com/wp-content/themes/SCRN/js/contact-form.js?ver=1.0 | 200 OK Content-Length: 1385 Content-Type: application/x-javascript | clean |
http://wwws.superfish.com/wp-content/themes/SCRN/js/jquery.easing.1.3.js?ver=1.0 | 200 OK Content-Length: 8301 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: socketsupplier.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 22 Aug 2014 07:17:21 GMT
Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Type: text/html
X-Powered-By: PHP/5.4.23
GET / HTTP/1.1
Host: socketsupplier.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 22 Aug 2014 07:17:21 GMT
Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Type: text/html
X-Powered-By: PHP/5.4.23
Second query (visit from search engine):
GET / HTTP/1.1
Host: socketsupplier.com
Referer: http://www.google.com/search?q=socketsupplier.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: socketsupplier.com
Referer: http://www.google.com/search?q=socketsupplier.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=socketsupplier.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://socketsupplier.com/
Result: socketsupplier.com is not infected or malware details are not published yet.
Result: socketsupplier.com is not infected or malware details are not published yet.