Scanned pages/files
| Request | Server response | Status |
http://theaffiliatehelpdesk.com/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 24 Sep 2014 05:17:32 GMT Location: http://helpdesk.theaffiliatehelpdesk.com/home/1/MyLSNClub.html Server: Apache Content-Type: text/html X-Pad: avoid browser bug X-Powered-By: PHP/5.3.28 | clean |
http://helpdesk.theaffiliatehelpdesk.com/home/1/mylsnclub.html | 200 OK Content-Length: 15334 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: haCked by Angel7 ...[1003 bytes skipped]... r/> <td bgcolor="#FFFFFF"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td valign="top" class="header_bg" ><a href="http://helpdesk.theaffiliatehelpdesk.com/" style="text-decoration:none"> <div align="left" class="logo_text">Extreme Crew<br /> <span class="slogan_text">haCked by Angel7</span><br /> </div></a></td> </tr> <tr> <td valign="top"><table width="98%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td height="35" class="pageheading">Welcome to Extreme Crew!</td> </tr> <tr> <td class ...[17190 bytes skipped]... | ||
http://helpdesk.theaffiliatehelpdesk.com/ | 200 OK Content-Length: 5855 Content-Type: text/html | clean |
http://helpdesk.theaffiliatehelpdesk.com/member_login.php | 200 OK Content-Length: 6566 Content-Type: text/html | clean |
http://helpdesk.theaffiliatehelpdesk.com/javascript/form_validator.js | 200 OK Content-Length: 8849 Content-Type: application/javascript | clean |
http://helpdesk.theaffiliatehelpdesk.com/javascript/common_function.js | 200 OK Content-Length: 14460 Content-Type: application/javascript | clean |
http://helpdesk.theaffiliatehelpdesk.com/index.php | 200 OK Content-Length: 5855 Content-Type: text/html | clean |
http://helpdesk.theaffiliatehelpdesk.com/home/1/MyLSNClub.html | 200 OK Content-Length: 15334 Content-Type: text/html | clean |
http://helpdesk.theaffiliatehelpdesk.com/knowledge/1/MyLSNClub.com.html | 200 OK Content-Length: 11053 Content-Type: text/html | clean |
http://helpdesk.theaffiliatehelpdesk.com/javascript/checkbox_functions.js | 200 OK Content-Length: 2682 Content-Type: application/javascript | clean |
http://helpdesk.theaffiliatehelpdesk.com/javascript/calendar/calendar.js | 200 OK Content-Length: 36468 Content-Type: application/javascript | clean |
http://helpdesk.theaffiliatehelpdesk.com/javascript/calendar/calendar-en.js | 200 OK Content-Length: 1084 Content-Type: application/javascript | clean |
http://helpdesk.theaffiliatehelpdesk.com/javascript/calendar/calendar-setup.js | 200 OK Content-Length: 5649 Content-Type: application/javascript | clean |
http://helpdesk.theaffiliatehelpdesk.com/javascript/nodropin.js | 200 OK Content-Length: 7120 Content-Type: application/javascript | clean |
http://helpdesk.theaffiliatehelpdesk.com/knowledge/1/ | HTTP/1.1 302 Found Connection: close Date: Wed, 24 Sep 2014 05:17:41 GMT Location: http://www.gogvo.com/404.html Server: Apache Content-Length: 213 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.gogvo.com/404.html | HTTP/1.1 200 OK Connection: close Date: Wed, 24 Sep 2014 05:17:41 GMT Accept-Ranges: bytes ETag: "2bd0007-d6-4e9923a08e0c0" Server: Apache Content-Length: 214 Content-Type: text/html; charset=UTF-8 Last-Modified: Fri, 25 Oct 2013 15:15:55 GMT | clean |
http://www.joeltherien.com/go/pureleverage | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 24 Sep 2014 05:17:47 GMT Location: http://etison.backpackcrm.com/go/351?affiliate_id=428822&aff_sub=&aff_sub2=&url_id=101 Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.2.13 | clean |
http://etison.backpackcrm.com/go/351?affiliate_id=428822&aff_sub=&aff_sub2=&url_id=101 | HTTP/1.1 301 Moved Permanently Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Wed, 24 Sep 2014 05:17:42 GMT Location: https://etison.backpackcrm.com/go/351?affiliate_id=428822&aff_sub=&aff_sub2=&url_id=101 Server: cloudflare-nginx Content-Type: text/html Expires: Thu, 01 Jan 1970 00:00:01 GMT CF-RAY: 16ec8464402c08b1-FRA Set-Cookie: __cfduid=de608b78d6a18acdaf320c8da0ffe89cf1411535862449; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.backpackcrm.com; HttpOnly | clean |
https://etison.backpackcrm.com/go/351?affiliate_id=428822&aff_sub=&aff_sub2=&url_id=101 | HTTP/1.1 302 Found Cache-Control: no-cache Connection: close Date: Wed, 24 Sep 2014 05:17:43 GMT Via: 1.1 vegur Location: https://www.clickfunnels.com?affiliate_id=428822&aff_sub=&aff_sub2= Server: cloudflare-nginx Content-Type: text/html; charset=utf-8 CF-RAY: 16ec8467bb5908b1-FRA Set-Cookie: __cfduid=daf4003dd19c029a164cc875d1577343c1411535862998; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.backpackcrm.com; HttpOnly Status: 302 Found X-Rack-Cache: miss X-Request-Id: 428b8478-1e8a-44b9-85c1-33c61544856a X-Runtime: 0.019284 X-Ua-Compatible: IE=Edge | clean |
https://www.clickfunnels.com?affiliate_id=428822&aff_sub=&aff_sub2=/ | HTTP/1.1 302 Found Cache-Control: no-cache Connection: close Date: Wed, 24 Sep 2014 05:17:44 GMT Via: 1.1 vegur Location: https://successetc.clickfunnels.com/optin224311?affiliate_id=428822&aff_sub=&aff_sub2=/ Server: cloudflare-nginx Content-Type: text/html; charset=utf-8 Access-Control-Allow-Origin: * Access-Control-Request-Method: * CF-RAY: 16ec846d5d460f93-FRA Set-Cookie: __cfduid=d97c30dac33a459b792c5e8f2207c256b1411535863896; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.clickfunnels.com; HttpOnly Set-Cookie: request_method=GET; path=/ Set-Cookie: _etison_sessions_dcs24=0c368a5bb8b842073719a4404789587a; domain=.clickfunnels.com; path=/; HttpOnly X-Frame-Options: ALLOWALL X-Request-Id: 34b7c3de-e276-4511-9e9f-7c00d5130703 X-Runtime: 0.028835 | clean |
http://successetc.clickfunnels.com/test404page.js | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache Connection: close Date: Wed, 24 Sep 2014 05:17:44 GMT Via: 1.1 vegur Location: https://successetc.clickfunnels.com/test404page.js Server: cloudflare-nginx Content-Type: text/html CF-Cache-Status: MISS CF-RAY: 16ec8470d5f90f93-FRA Set-Cookie: __cfduid=d63eb50a9a3515e05e7b2cba04f26cfcd1411535864458; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.clickfunnels.com; HttpOnly X-Request-Id: c7a2cfff-500c-4fb7-9c4e-0cac28909769 X-Runtime: 0.051557 | clean |
https://successetc.clickfunnels.com/test404page.js | 200 OK Content-Length: 140 Content-Type: text/javascript | clean |
http://helpdesk.theaffiliatehelpdesk.com/view_knwbases.php?&s_question=&s_answer=&s_counter=&prod_id=1&s_dept=&sort=1 | 200 OK Content-Length: 11053 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: theaffiliatehelpdesk.com
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Wed, 24 Sep 2014 05:17:32 GMT
Location: http://helpdesk.theaffiliatehelpdesk.com/home/1/MyLSNClub.html
Server: Apache
Content-Type: text/html
X-Pad: avoid browser bug
X-Powered-By: PHP/5.3.28
GET / HTTP/1.1
Host: theaffiliatehelpdesk.com
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Wed, 24 Sep 2014 05:17:32 GMT
Location: http://helpdesk.theaffiliatehelpdesk.com/home/1/MyLSNClub.html
Server: Apache
Content-Type: text/html
X-Pad: avoid browser bug
X-Powered-By: PHP/5.3.28
Second query (visit from search engine):
GET / HTTP/1.1
Host: theaffiliatehelpdesk.com
Referer: http://www.google.com/search?q=theaffiliatehelpdesk.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: theaffiliatehelpdesk.com
Referer: http://www.google.com/search?q=theaffiliatehelpdesk.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=theaffiliatehelpdesk.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://theaffiliatehelpdesk.com/
Result: theaffiliatehelpdesk.com is not infected or malware details are not published yet.
Result: theaffiliatehelpdesk.com is not infected or malware details are not published yet.