Scanned pages/files
Request | Server response | Status |
http://varahichemicals.com/ | 200 OK Content-Length: 8090 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED BY 1923 TURK GRUP / TURK BEY <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-gb" lang="en-gb" > <head> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <meta name="robots" content="index, follow" /> <meta name="keywords" content="MetaKeys" /> <meta name="title" content="HACKED BY 1923 TURK GRUP / TURK BEY" /> <meta name="author" content="Administrator" /> <meta name="description" content="MetaDesc" /> <meta name="generator" content="Joomla! 1.5 - Open Source Content Management" /> <title>HACKED BY 1923 TURK GRUP / TURK BEY</title> <link href="/templates/varahichemicals/favicon.ico" rel="shortcut icon" type="image/x-icon" /> <style type="text/css ...[9154 bytes skipped]... | ||
http://varahichemicals.com/components/com_virtuemart/fetchscript.php?gzip=0&subdir[0]=/themes/ja_larix&file[0]=theme.js | 200 OK Content-Length: 3609 Content-Type: text/javascript | clean |
http://varahichemicals.com/index.php?option=com_content&view=article&id=1&Itemid=1 | 200 OK Content-Length: 8090 Content-Type: text/html | clean |
http://varahichemicals.com/index.php?option=com_virtuemart&Itemid=6 | HTTP/1.1 303 See other Connection: close Date: Sat, 07 Jun 2014 06:16:20 GMT Location: http://varahichemicals.com/index.php?option=com_virtuemart&Itemid=6&vmcchk=1&Itemid=6 Server: nginx/1.6.0 Content-Length: 0 Content-Type: text/html P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Set-Cookie: 05611e0d915cfb90a538cd841f97f0d7=2c31ad7b86c83290c2b3b87746f0bbd5; path=/ Set-Cookie: virtuemart=2c31ad7b86c83290c2b3b87746f0bbd5 | clean |
http://varahichemicals.com/index.php?option=com_virtuemart&itemid=6&vmcchk=1&itemid=6 | 200 OK Content-Length: 10632 Content-Type: text/html | clean |
http://varahichemicals.com/components/com_virtuemart/fetchscript.php?gzip=0&subdir[0]=/themes/ja_larix&file[0]=theme.js&subdir[1]=/js&file[1]=sleight.js&subdir[2]=/js/mootools&file[2]=mootools-release-1.11.js&subdir[3]=/js/mootools&file[3]=mooPrompt.js | 200 OK Content-Length: 56323 Content-Type: text/javascript | clean |
http://varahichemicals.com/components/com_virtuemart/fetchscript.php?gzip=0&subdir[0]=/js&file[0]=wz_tooltip.js | 200 OK Content-Length: 38065 Content-Type: text/javascript | clean |
http://varahichemicals.com/index.php?option=com_content&view=article&id=3&Itemid=3 | 200 OK Content-Length: 8772 Content-Type: text/html | clean |
http://varahichemicals.com/index.php?option=com_content&view=article&id=5&Itemid=5 | 200 OK Content-Length: 11698 Content-Type: text/html | clean |
http://varahichemicals.com/index.php?option=com_content&view=article&id=4&Itemid=4 | 200 OK Content-Length: 8855 Content-Type: text/html | clean |
http://varahichemicals.com/index.php?option=com_contact&view=contact&id=1&Itemid=7 | 200 OK Content-Length: 13327 Content-Type: text/html | clean |
http://varahichemicals.com/media/system/js/validate.js | 200 OK Content-Length: 4246 Content-Type: application/javascript | clean |
http://varahichemicals.com/index.php?page=shop.browse&category_id=1&option=com_virtuemart&Itemid=6 | HTTP/1.1 303 See other Connection: close Date: Sat, 07 Jun 2014 06:16:28 GMT Location: http://varahichemicals.com/index.php?page=shop.browse&category_id=1&option=com_virtuemart&Itemid=6&vmcchk=1&Itemid=6 Server: nginx/1.6.0 Content-Length: 0 Content-Type: text/html P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Set-Cookie: 05611e0d915cfb90a538cd841f97f0d7=a1f25efdb1d863900d93182bb5285acd; path=/ Set-Cookie: virtuemart=a1f25efdb1d863900d93182bb5285acd | clean |
http://varahichemicals.com/index.php?page=shop.browse&category_id=1&option=com_virtuemart&itemid=6&vmcchk=1&itemid=6 | 200 OK Content-Length: 51735 Content-Type: text/html | clean |
http://varahichemicals.com/index.php?page=shop.product_details&flypage=flypage.tpl&product_id=3&category_id=1&option=com_virtuemart&Itemid=6 | HTTP/1.1 303 See other Connection: close Date: Sat, 07 Jun 2014 06:16:31 GMT Location: http://varahichemicals.com/index.php?page=shop.product_details&flypage=flypage.tpl&product_id=3&category_id=1&option=com_virtuemart&Itemid=6&vmcchk=1&Itemid=6 Server: nginx/1.6.0 Content-Length: 0 Content-Type: text/html P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Set-Cookie: 05611e0d915cfb90a538cd841f97f0d7=85c83aee26b3adf4d6c17668b908c8c1; path=/ Set-Cookie: virtuemart=85c83aee26b3adf4d6c17668b908c8c1 | clean |
http://varahichemicals.com/index.php?page=shop.product_details&flypage=flypage.tpl&product_id=3&category_id=1&option=com_virtuemart&itemid=6&vmcchk=1&itemid=6 | 200 OK Content-Length: 12816 Content-Type: text/html | clean |
http://varahichemicals.com/components/com_virtuemart/fetchscript.php?gzip=0&subdir[0]=/themes/ja_larix&file[0]=theme.js&subdir[1]=/js&file[1]=sleight.js&subdir[2]=/js/mootools&file[2]=mootools-release-1.11.js&subdir[3]=/js/mootools&file[3]=mooPrompt.js&subdir[4]=/js/slimbox/js&file[4]=slimbox.js | 200 OK Content-Length: 60993 Content-Type: text/javascript | clean |
http://varahichemicals.com/index.php?page=shop.product_details&product_id=9&flypage=flypage.tpl&pop=0&option=com_virtuemart&Itemid=6 | HTTP/1.1 303 See other Connection: close Date: Sat, 07 Jun 2014 06:16:34 GMT Location: http://varahichemicals.com/index.php?page=shop.product_details&product_id=9&flypage=flypage.tpl&pop=0&option=com_virtuemart&Itemid=6&vmcchk=1&Itemid=6 Server: nginx/1.6.0 Content-Length: 0 Content-Type: text/html P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Set-Cookie: 05611e0d915cfb90a538cd841f97f0d7=f76eb8b0f9f3ce50e49896d7df4e5531; path=/ Set-Cookie: virtuemart=f76eb8b0f9f3ce50e49896d7df4e5531 | clean |
http://varahichemicals.com/index.php?page=shop.product_details&product_id=9&flypage=flypage.tpl&pop=0&option=com_virtuemart&itemid=6&vmcchk=1&itemid=6 | 200 OK Content-Length: 12973 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: varahichemicals.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 07 Jun 2014 06:16:17 GMT
Pragma: no-cache
Server: nginx/1.6.0
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sat, 07 Jun 2014 06:16:17 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 05611e0d915cfb90a538cd841f97f0d7=e688d838a88370ff8ac0efb03ddcde6c; path=/
Set-Cookie: virtuemart=e688d838a88370ff8ac0efb03ddcde6c
GET / HTTP/1.1
Host: varahichemicals.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 07 Jun 2014 06:16:17 GMT
Pragma: no-cache
Server: nginx/1.6.0
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sat, 07 Jun 2014 06:16:17 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 05611e0d915cfb90a538cd841f97f0d7=e688d838a88370ff8ac0efb03ddcde6c; path=/
Set-Cookie: virtuemart=e688d838a88370ff8ac0efb03ddcde6c
Second query (visit from search engine):
GET / HTTP/1.1
Host: varahichemicals.com
Referer: http://www.google.com/search?q=varahichemicals.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: varahichemicals.com
Referer: http://www.google.com/search?q=varahichemicals.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=varahichemicals.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://varahichemicals.com/
Result: varahichemicals.com is not infected or malware details are not published yet.
Result: varahichemicals.com is not infected or malware details are not published yet.