Scanned pages/files
Request | Server response | Status |
http://drugsearth.com/ | 200 OK Content-Length: 346 Content-Type: text/html | clean |
http://drugsearth.com/cgi-bin/ | 403 Forbidden Content-Length: 393 Content-Type: text/html | clean |
http://drugsearth.com/test404page.js | 404 Not Found Content-Length: 395 Content-Type: text/html | clean |
http://drugsearth.com/favicon.ico | 200 OK Content-Length: 43 Content-Type: image/vnd.microsoft.icon | clean |
http://drugsearth.com/x.htm | 200 OK Content-Length: 928 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: ./Hacked by black_raptor <object data="http://flash-mp3-player.net/medias/player_mp3.swf" height="0" type="application/x-shockwave-flash" width="0"> <param value="http://flash-mp3-player.net/medias/player_mp3.swf" name="movie"><param value="#eceef5" name="bgcolor"><param value="mp3=http://areyouhacker.org/Points.Of.Authority.mp3&loop=1&autoplay=1&volume=105" name="FlashVars"></object>
<center> <title>./Hacked by black_raptor</title> <link rel="SHORTCUT ICON" href="http://swararakyat.files.wordpress.com/2007/06/indonesia_flag.gif"> <body bgcolor="black"><h1> <center><font size="8" color="white"> <div align="center"> <img src=http://www.iqr0.com/up/uploads/13129125203.jpg img><br> <font size="8" color="red" face="calibri">Got... Root....Brada.. :)</font>& ...[205 bytes skipped]... |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: drugsearth.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 09 Oct 2015 09:33:24 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 346
Content-Type: text/html;charset=ISO-8859-1
...346 bytes of data.
GET / HTTP/1.1
Host: drugsearth.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 09 Oct 2015 09:33:24 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 346
Content-Type: text/html;charset=ISO-8859-1
...346 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: drugsearth.com
Referer: http://www.google.com/search?q=drugsearth.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: drugsearth.com
Referer: http://www.google.com/search?q=drugsearth.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=drugsearth.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://drugsearth.com/
Result: drugsearth.com is not infected or malware details are not published yet.
Result: drugsearth.com is not infected or malware details are not published yet.