Scanned pages/files
Request | Server response | Status |
http://bestcanadiandrugs.com/ | 200 OK Content-Length: 631 Content-Type: text/html | clean |
http://bestcanadiandrugs.com/500.shtml | 200 OK Content-Length: 94 Content-Type: text/html | clean |
http://bestcanadiandrugs.com/test404page.js | 404 Not Found Content-Length: 402 Content-Type: text/html | clean |
http://bestcanadiandrugs.com/cgi-bin/ | 403 Forbidden Content-Length: 400 Content-Type: text/html | clean |
http://bestcanadiandrugs.com/fantastico_fileslist.txt | 200 OK Content-Length: 346 Content-Type: text/plain | clean |
http://bestcanadiandrugs.com/fantversion.php | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://bestcanadiandrugs.com/favicon.ico | 200 OK Content-Length: 43 Content-Type: image/vnd.microsoft.icon | clean |
http://bestcanadiandrugs.com/wp-pass.php | 500 Internal Server Error Content-Length: 0 Content-Type: text/html | clean |
http://bestcanadiandrugs.com/wp-register.php | 500 Internal Server Error Content-Length: 0 Content-Type: text/html | clean |
http://bestcanadiandrugs.com/x.htm | 200 OK Content-Length: 928 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: ./Hacked by black_raptor <object data="http://flash-mp3-player.net/medias/player_mp3.swf" height="0" type="application/x-shockwave-flash" width="0"> <param value="http://flash-mp3-player.net/medias/player_mp3.swf" name="movie"><param value="#eceef5" name="bgcolor"><param value="mp3=http://areyouhacker.org/Points.Of.Authority.mp3&loop=1&autoplay=1&volume=105" name="FlashVars"></object>
<center> <title>./Hacked by black_raptor</title> <link rel="SHORTCUT ICON" href="http://swararakyat.files.wordpress.com/2007/06/indonesia_flag.gif"> <body bgcolor="black"><h1> <center><font size="8" color="white"> <div align="center"> <img src=http://www.iqr0.com/up/uploads/13129125203.jpg img><br> <font size="8" color="red" face="calibri">Got... Root....Brada.. :)</font>& ...[205 bytes skipped]... |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: bestcanadiandrugs.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 11 Jun 2015 11:21:58 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 631
Content-Type: text/html;charset=ISO-8859-1
...631 bytes of data.
GET / HTTP/1.1
Host: bestcanadiandrugs.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 11 Jun 2015 11:21:58 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 631
Content-Type: text/html;charset=ISO-8859-1
...631 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: bestcanadiandrugs.com
Referer: http://www.google.com/search?q=bestcanadiandrugs.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: bestcanadiandrugs.com
Referer: http://www.google.com/search?q=bestcanadiandrugs.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bestcanadiandrugs.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bestcanadiandrugs.com/
Result: bestcanadiandrugs.com is not infected or malware details are not published yet.
Result: bestcanadiandrugs.com is not infected or malware details are not published yet.