Scanned pages/files
Request | Server response | Status |
http://wecareimporters.com/ | 200 OK Content-Length: 2539 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By KaSHI HaXor ...[1453 bytes skipped]... ' ondragstart='return false' onselectstart='return false' style='-moz-user-select: none; cursor: default;'><body bgcolor=black><table width=100% height=100%><td align=center><span style='font: 40px tahoma;size:40px;color:red;text-shadow: 0px 0px 50px;'><script type="text/javascript" src="https://dl.dropboxusercontent.com/s/3z5h713ye3sw6gi/KaSHI_HaX0R.js" /></script><strong>Hacked By KaSHI HaXor<br><center><h3><font size=5 color= white>PAKISTANI MUSLIM HACKER PMH</font> </h3></center><center><a target="blank" href="https://www.facebook.com/KaShi.HaXor007"><font color="red" size="5">Contact Me</a></font><footer id="det" style="position:fixed; left:0px; right:0px; bottom:0px; background:rgb(0,0,0); text-align:center; border-top: 1px solid #ff0000; border-bottom: 1px solid #ff0000"><fo ...[447 bytes skipped]... | ||
https://dl.dropboxusercontent.com/s/3z5h713ye3sw6gi/KaSHI_HaX0R.js | 200 OK Content-Length: 15988 Content-Type: application/javascript | clean |
http://wecareimporters.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: wecareimporters.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 15 Jul 2015 05:59:05 GMT
Accept-Ranges: bytes
ETag: "14671073-9eb-51822ca355200"
Server: Apache Phusion_Passenger/4.0.10 mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Length: 2539
Content-Type: text/html
Last-Modified: Wed, 10 Jun 2015 05:03:04 GMT
...2539 bytes of data.
GET / HTTP/1.1
Host: wecareimporters.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 15 Jul 2015 05:59:05 GMT
Accept-Ranges: bytes
ETag: "14671073-9eb-51822ca355200"
Server: Apache Phusion_Passenger/4.0.10 mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Length: 2539
Content-Type: text/html
Last-Modified: Wed, 10 Jun 2015 05:03:04 GMT
...2539 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: wecareimporters.com
Referer: http://www.google.com/search?q=wecareimporters.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: wecareimporters.com
Referer: http://www.google.com/search?q=wecareimporters.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=wecareimporters.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://wecareimporters.com/
Result: wecareimporters.com is not infected or malware details are not published yet.
Result: wecareimporters.com is not infected or malware details are not published yet.