Scanned pages/files
Request | Server response | Status |
http://www.xenopharmacist.com/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 03 Sep 2014 20:06:18 GMT Location: http://www.xenopharmacist.com.np Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/0.9.8e-fips-rhel5 Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.25 | clean |
http://www.xenopharmacist.com.np/ | 200 OK Content-Length: 19086 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by Hyp3r-D4rk , Hacked by Hyp3r-D4rk , ...[6922 bytes skipped]... iv> </div> </td> <td valign="top" width="*%"> <div id="content"> <div class="comments"> <div class="heading"><h2>Home</h2></div> <div class="odd" style="padding:5px;"> <html><head> <title>Stamped By Hyp3r-D4rk | Nigerian Cyber Hunters </title> <meta name="keywords" content="Hacked by Hyp3r-D4rk , Hacked by Hyp3r-D4rk , Nigerian Cyber Hunters , Hyp3r-D4rk"> </head><body bgcolor="black"><center> <font color="#FF3300" face="Tahoma" size="7">[!] Struck by Hyp3r-D4rk | Nigerian Cyber Hunters<br>Â </ font><p> <font color="#FF3300"><font size="6">Your </font></font><font size="6"><font color="#FFFFFF">bOx</ font> <font color="#FF3300"> STAMPED</ font>< ...[16125 bytes skipped]... | ||
http://www.xenopharmacist.com.np/themes/rounded/niftycube.js | 200 OK Content-Length: 8909 Content-Type: application/javascript | clean |
http://www.xenopharmacist.com/themes/rounded/layout.js | 404 Not Found Content-Length: 222 Content-Type: text/html | clean |
http://www.xenopharmacist.com/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: xenopharmacist.com
Result:
GET / HTTP/1.1
Host: xenopharmacist.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: xenopharmacist.com
Referer: http://www.google.com/search?q=xenopharmacist.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: xenopharmacist.com
Referer: http://www.google.com/search?q=xenopharmacist.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=xenopharmacist.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://xenopharmacist.com/
Result: xenopharmacist.com is not infected or malware details are not published yet.
Result: xenopharmacist.com is not infected or malware details are not published yet.