Scanned pages/files
Request | Server response | Status |
http://7actionsexpress.com/ | 200 OK Content-Length: 1103 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By <body oncontextmenu="return false" onselectstart="return false" ondragstart="return false">
<html> <head> <body bgcolor="#000000"> <title>Hacked By 'Black-Wolf</title> <p align="center"> </head> <body style="color: rgb(255, 255, 255); background-color: rgb(0, 0, 0);" alink="#000099" link="#000099" vlink="#990099"> <br><img border="0" src=http://www.turkhackteam.net/images/thtson.jpg width="630" height="174"><br><br> <center><img src="http://i.hizliresim.com/GYMzG7.png" /></center> < ...[700 bytes skipped]... | ||
http://7actionsexpress.com/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 12 Jul 2015 01:46:12 GMT Location: http://7actionsexpress.com/?page_id=8 Server: nginx/1.8.0 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Set-Cookie: pll_language=en; expires=Mon, 11-Jul-2016 01:46:12 GMT; path=/ X-Pingback: http://7actionsexpress.com/xmlrpc.php | clean |
http://7actionsexpress.com/?page_id=8 | 200 OK Content-Length: 1103 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 7actionsexpress.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 12 Jul 2015 01:46:10 GMT
Accept-Ranges: bytes
Server: nginx/1.8.0
Content-Length: 1103
Content-Type: text/html
Last-Modified: Wed, 08 Jul 2015 20:06:56 GMT
...1103 bytes of data.
GET / HTTP/1.1
Host: 7actionsexpress.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 12 Jul 2015 01:46:10 GMT
Accept-Ranges: bytes
Server: nginx/1.8.0
Content-Length: 1103
Content-Type: text/html
Last-Modified: Wed, 08 Jul 2015 20:06:56 GMT
...1103 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: 7actionsexpress.com
Referer: http://www.google.com/search?q=7actionsexpress.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 7actionsexpress.com
Referer: http://www.google.com/search?q=7actionsexpress.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=7actionsexpress.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://7actionsexpress.com/
Result: 7actionsexpress.com is not infected or malware details are not published yet.
Result: 7actionsexpress.com is not infected or malware details are not published yet.