Scanned pages/files
Request | Server response | Status |
http://tak-forosh.in/ | 200 OK Content-Length: 15647 Content-Type: text/html | clean |
http://tak-forosh.in/./css/jquery-1.7.1.min.js | 200 OK Content-Length: 93868 Content-Type: application/javascript | clean |
http://tak-forosh.in/statics/js/jquery.dd.js | 200 OK Content-Length: 13774 Content-Type: application/javascript | clean |
http://tak-forosh.in/statics/js/jquery.showMessage.js | 200 OK Content-Length: 2255 Content-Type: application/javascript | clean |
http://tak-forosh.in/./css/jquery.cycle2.min.js | 200 OK Content-Length: 21660 Content-Type: application/javascript | clean |
http://tak-forosh.in/statics/js/main.js | 200 OK Content-Length: 7089 Content-Type: application/javascript | clean |
http://tak-forosh.in/./index.php | 200 OK Content-Length: 15647 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by MrSaveH <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" dir="rtl" lang="fa-IR"> <head profile="http://gmpg.org/xfn/11"> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" /> <title>Hacked by MrSaveH</title> <link rel="stylesheet" href="./css/style.css" type="text/css" media="screen" /> </script> <link rel='stylesheet' id='cyclone-template-style-standard-css' href='./css/slider.css' type='text/css' media='all' /> <link rel="stylesheet" type="text/css" href="statics/css/dd.css" /> <link rel="stylesheet" type="text/css" href="buttons/buttons.css" /> <script type='t ...[18779 bytes skipped]... | ||
http://tak-forosh.in/././css/jquery-1.7.1.min.js | 200 OK Content-Length: 93868 Content-Type: application/javascript | clean |
http://tak-forosh.in/./statics/js/jquery.dd.js | 200 OK Content-Length: 13774 Content-Type: application/javascript | clean |
http://tak-forosh.in/./statics/js/jquery.showMessage.js | 200 OK Content-Length: 2255 Content-Type: application/javascript | clean |
http://tak-forosh.in/././css/jquery.cycle2.min.js | 200 OK Content-Length: 21660 Content-Type: application/javascript | clean |
http://tak-forosh.in/./statics/js/main.js | 200 OK Content-Length: 7089 Content-Type: application/javascript | clean |
http://tak-forosh.in/././index.php | 200 OK Content-Length: 15647 Content-Type: text/html | clean |
http://tak-forosh.in/./././css/jquery-1.7.1.min.js | 200 OK Content-Length: 93868 Content-Type: application/javascript | clean |
http://tak-forosh.in/././statics/js/jquery.dd.js | 200 OK Content-Length: 13774 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tak-forosh.in
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 20 Dec 2015 18:49:31 GMT
Pragma: no-cache
Accept-Ranges: bytes
Server: LiteSpeed
Content-Length: 15647
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=6itv50e7b3soakrr42ov22ggi3; path=/
X-Powered-By: PHP/5.3.29
...15647 bytes of data.
GET / HTTP/1.1
Host: tak-forosh.in
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 20 Dec 2015 18:49:31 GMT
Pragma: no-cache
Accept-Ranges: bytes
Server: LiteSpeed
Content-Length: 15647
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=6itv50e7b3soakrr42ov22ggi3; path=/
X-Powered-By: PHP/5.3.29
...15647 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: tak-forosh.in
Referer: http://www.google.com/search?q=tak-forosh.in
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tak-forosh.in
Referer: http://www.google.com/search?q=tak-forosh.in
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tak-forosh.in
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tak-forosh.in/
Result: tak-forosh.in is not infected or malware details are not published yet.
Result: tak-forosh.in is not infected or malware details are not published yet.