Scanned pages/files
| Request | Server response | Status |
http://ecocloudstudio.com/ | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://ecocloudstudio.com/test404page.js | 404 Not Found Content-Length: 85894 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By sheytan azzam ...[552 bytes skipped]... TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="Content-Language" content="fa"> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <link rel="shortcut icon" type="image/gif" href="http://trcs.comxa.com/up/59a464736661.png"> <title>Hacked By sheytan azzam</title> <meta http-equiv="content-type" content="text/html; charset=windows-1252"></head><body onload="type_text()" onclick='alert("Hacked by sheytan azzam \m/'> <style type="text/css" media="all"> html, body {margin: 0;padding: 0; } #text-shadow-box { position: fixed; left: 0; right: 0; ...[146425 bytes skipped]... | ||
https://ecocloudstudio.com/ | 200 OK Content-Length: 220441 Content-Type: text/html | clean |
https://ecocloudstudio.com/sample-page/ | 200 OK Content-Length: 125212 Content-Type: text/html | clean |
https://ecocloudstudio.com/wp-admin/ | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Fri, 26 Dec 2014 11:54:42 GMT Pragma: no-cache Location: !DOCTYPE_html_PUBLIC_-//W3C//DTD_XHTML_1_0_Transitional//EN_http://www_w3_org/TR/xhtml1/DTD/xhtml1-transitional_dtdhtml_xmlns=%22http%3A%2F%2Fwww.w3.org%2F1999%2Fxhtml%22+xml%3Alang%3D%22en%22+lang%3D%22en%22%3E%3Chead%3E%3Cmeta+http-equiv%3D%22Content-Language%22+content%3D%22fa%22%3E%3Cmeta+http-equiv%3D%22Content-Type%22+content%3D%22text%2Fhtml%3B+charset%3DUTF-8%22%3E%3Clink+rel%3D%22shortcut+icon%22+type%3D%22image%2Fgif%22+href%3D%22http%3A%2F%2Ftrcs.comxa.com%2Fup%2F59a464736661.png%22%3E%3Ctitle%3EHacked+By+sheytan+azzam%3C%2Ftitle%3E%09%3Cmeta+http-equiv%3D%22content-type%22+content%3D%22text%2Fhtml%3B+charset%3Dwindows-1252%22%3E%3C%2Fhead%3E%3Cbody+onload%3D%22type_text%28%29%22+onclick%3D%27alert%28%22Hacked+by+sheytan+azzam++%5Cm%2F%27%3E%3Cstyle+type%3D%22text%2Fcss%22+media%3D%22all%22%3Ehtml%2Cbody+%7Bmargin%3A+0%3Bpadding%3A+0%3B%7D&redirect_to=https%3A%2F%2Fecocloudstudio.com%2Fwp-admin%2F&reauth=1#text-shadow-boxposition:fixed;left:0;right:0;top:0;bottom:0;width:100%;height:100%;overflow:hidden;font-family:Rockwell,candara;-webkit-tap-highlight-color:rgba0,0,0,0;-webkit-user-select:none;#text-shadow-box#tsb-text,#text-shadow-box#tsb-linkposition:absolute;top:40%;left:0;width:100%;height:1em;margin:-0.77em000;font-size:70px;line-height:1em;font-weight:bold;text-align:center;color:lime;#text-shadow-box#tsb-textfont-size:100px;color:transparent;text-shadow:black0px-45.2px19px;#text-shadow-box#tsb-linkacolor:#FFFFFF;text-decoration:none;#text-shadow-box#tsb-box,#text-shadow-box#tsb-wallposition:absolute;top:41%;left:0;width:100%;height:60%;#text-shadow-box#tsb-box-webkit-box-shadow:black0px-45.2px39px;-moz-box-shadow:black0px-45.2px39px;#text-shadow-box#tsb-wallbackground:#000;#text-shadow-box#tsb-wallpposition:relative;font-size:15px;line-height:1.5em;text-align:justify;color:#222;width:550px;margin:1.5emauto;cursor:default;#text-shadow-box#tsb-wallpacolor:#fff;#text-shadow-box#tsb-wallpa:hovertext-decoration:none;color:#000;background-color:black;#tsb-spotposition:absolute;top:-50%;left:-50%;width:200%;height:200%;pointer-events:none;background:-webkit-gradientradial,centercenter,0,centercenter,450,fromrgba0,0,0,0,torgba0,0,0,1;background:-moz-radial-gradientcenter45deg,circleclosest-side,transparent0,black450px;/style!--ifIEstyletype=text/css/SadlynoIE9supportforpointer-events:none;norCSS2text-shadow/#tsb-spotdisplay:none;#tsb-ieposition:absolute;top:-90%;left:-50%;width:200%;height:334%;background-color:black;/style!endif--/headbodybackground=http://srza.webatu.com/up/6786bbe51b83.jpgdivid=text-shadow-boxdivstyle=box-shadow:0px-31.2px36pxblack;id=tsb-box/divpstyle=text-shadow:7.6px-31.2px16pxblack;id=tsb-textHackedBysheytanazzam/ppid=tsb-linkHackedBysheytanazzam/pdivid=tsb-wallbrp/pcenterfontcolor=limecenterh1blinkIranianHackerAreTheBests/blink/h1brh1blinkTnxToo:sinalizard/blink/h1brh1blinkmyI!D:greenfield14btinternet.com/blink/h1brfontcolor=limebr/centerp/pcenterfontcolor=securityislow/font/marqueeb/b/font/center/divfontcolor=#ff0000face=Tahomasize=4bdivstyle=background-position:-19px-27px;id=tsb-spot/div/b/font/divfontcolor=#ff0000face=Tahomasize=4bscripttype=text/javascriptlanguage=javascriptcharset=utf-8/-Well-justhappy_IWillReturn...IWillFindU.../vartext=null;varspot=null;varbox=null;varboxProperty=;init;functioninittext=document.getElementByIdtsb-text;spot=document.getElementByIdtsb-spot;box=document.getElementByIdtsb-box;iftypeofbox.style.webkitBoxShadow==stringboxProperty=webkitBoxShadow;elseiftypeofbox.style.MozBoxShadow==stringboxProperty=MozBoxShadow;elseiftypeofbox.style.boxShadow==stringboxProperty=boxShadow;iftext&&spot&&boxdocument.getElementByIdtext-shadow-box.onmousemove=onMouseMove;document.getElementByIdtext-shadow-box.ontouchmove=functionee.preventDefault;e.stopPropagation;onMouseMoveclientX:e.touches0.clientX,clientY:e.touches0.clientY;;functiononMouseMoveeiftypeofe===undefinedtypeofe.clientX===undefinedreturn;varxm=e.clientX-Math.floorwindow.innerWidth/20.4;varym=e.clientY-Math.floorwindow.innerHeight/30.4;vard=Math.roundMath.sqrtxmxm+ymym/5;text.style.textShadow=-xm+px+-ym+px+d+10+pxblack;ifboxPropertybox.styleboxProperty=0+-ym+px+d+30+pxblack;xm=e.clientX-Math.floorwindow.innerWidth/2;ym=e.clientY-Math.floorwindow.innerHeight/2;spot.style.backgroundPosition=xm+px+ym+px;/scriptbrOBJECTtype=application/x-shockwave-flashdata=http://rozup.ir/up/nootepad/d94784892f3cbdc91.swfwidth=6height=1PARAMname=movievalue=http://rozup.ir/up/nootepad/d94784892f3cbdc91.swfhttp://uploadazad.com/uploads/i8mq_slider1.jsPARAMname=bgcolorvalue=#000000/OBJECT/body/wp-login.php Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips DAV/2 mod_jk/1.2.37 mod_bwlimited/1.4 mod_qos/11.5 Content-Length: 0 Content-Type: text/html Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Powered-By: PHP/5.3.29 | clean |
https://ecocloudstudio.com/wp-admin/!doctype_html_public_-//w3c//dtd_xhtml_1_0_transitional//en_http://www_w3_org/tr/xhtml1/dtd/xhtml1-transitional_dtdhtml_xmlns=%22http%3a%2f%2fwww.w3.org%2f1999%2fxhtml%22+xml%3alang%3d%22en%22+lang%3d%22en%22%3e%3chead%3e%3cmeta+http-equiv%3d%22content-language%22+content%3d%22fa%22%3e%3cmeta+http-equiv%3d%22content-type%22+content%3d%22text%2fhtml%3b+charset%3d <span>...566 symbols skipped</span> | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Fri, 26 Dec 2014 11:54:47 GMT Pragma: no-cache Location: https://ecocloudstudio.com/wp-admin/!doctype_html_public_-/w3c/dtd_xhtml_1_0_transitional/en_http:/www_w3_org/tr/xhtml1/dtd/xhtml1-transitional_dtdhtml_xmlns=%22http%3a%2f%2fwww.w3.org%2f1999%2fxhtml%22+xml%3alang%3d%22en%22+lang%3d%22en%22%3e%3chead%3e%3cmeta+http-equiv%3d%22content-language%22+content%3d%22fa%22%3e%3cmeta+http-equiv%3d%22content-type%22+content%3d%22text%2fhtml%3b+charset%3dutf-8%22%3e%3clink+rel%3d%22shortcut+icon%22+type%3d%22image%2fgif%22+href%3d%22http%3a%2f%2ftrcs.comxa.com%2fup%2f59a464736661.png%22%3e%3ctitle%3ehacked+by+sheytan+azzam%3c%2ftitle%3e%09%3cmeta+http-equiv%3d%22content-type%22+content%3d%22text%2fhtml%3b+charset%3dwindows-1252%22%3e%3c%2fhead%3e%3cbody+onload%3d%22type_text%28%29%22+onclick%3d%27alert%28%22hacked+by+sheytan+azzam++%5cm%2f%27%3e%3cstyle+type%3d%22text%2fcss%22+media%3d%22all%22%3ehtml%2cbody+%7bmargin%3a+0%3bpadding%3a+0%3b%7d&redirect_to=https%3a%2f%2fecocloudstudio.com%2fwp-admin%2f&reauth=1 Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips DAV/2 mod_jk/1.2.37 mod_bwlimited/1.4 mod_qos/11.5 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Powered-By: PHP/5.3.29 | clean |
https://ecocloudstudio.com/wp-admin/!doctype_html_public_-/w3c/dtd_xhtml_1_0_transitional/en_http:/www_w3_org/tr/xhtml1/dtd/xhtml1-transitional_dtdhtml_xmlns=%22http%3a%2f%2fwww.w3.org%2f1999%2fxhtml%22+xml%3alang%3d%22en%22+lang%3d%22en%22%3e%3chead%3e%3cmeta+http-equiv%3d%22content-language%22+content%3d%22fa%22%3e%3cmeta+http-equiv%3d%22content-type%22+content%3d%22text%2fhtml%3b+charset%3dutf- <span>...562 symbols skipped</span> | 404 Not Found Content-Length: 85894 Content-Type: text/html | clean |
https://ecocloudstudio.com/wp-admin/!doctype_html_public_-/w3c/dtd_xhtml_1_0_transitional/en_http:/www_w3_org/tr/xhtml1/dtd/ | 500 Internal Server Error Content-Length: 679 Content-Type: text/html | clean |
https://ecocloudstudio.com/blog/2014/04/28/a-simple-post/ | 200 OK Content-Length: 125148 Content-Type: text/html | clean |
https://ecocloudstudio.com/blog/author/sysadmin/ | 200 OK Content-Length: 184756 Content-Type: text/html | clean |
https://ecocloudstudio.com/blog/2014/03/27/another-fancy-wp-to-fb-post/ | 200 OK Content-Length: 118850 Content-Type: text/html | clean |
https://ecocloudstudio.com/wp-content/uploads/2014/03/Looking_down_on_NYC3_Wallpaper_by_lowjacker.jpg | 200 OK Content-Length: 303104 Content-Type: image/jpeg | clean |
https://ecocloudstudio.com/blog/2014/03/27/wordpress-to-facebook-integration-test/ | 200 OK Content-Length: 120895 Content-Type: text/html | clean |
https://ecocloudstudio.com/wp-content/uploads/2014/03/169_digitalbrain.jpg | 200 OK Content-Length: 303104 Content-Type: image/jpeg | clean |
https://ecocloudstudio.com/blog/2014/03/21/hello-world/ | 200 OK Content-Length: 209767 Content-Type: text/html | clean |
https://ecocloudstudio.com/blog/2014/03/21/hello-world/?replytocom=1 | 200 OK Content-Length: 209834 Content-Type: text/html | clean |
https://ecocloudstudio.com/blog/2014/04/ | 200 OK Content-Length: 87105 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ecocloudstudio.com
Result:
HTTP/1.1 500 timeout
Content-Type: text/plain
GET / HTTP/1.1
Host: ecocloudstudio.com
Result:
HTTP/1.1 500 timeout
Content-Type: text/plain
Second query (visit from search engine):
GET / HTTP/1.1
Host: ecocloudstudio.com
Referer: http://www.google.com/search?q=ecocloudstudio.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ecocloudstudio.com
Referer: http://www.google.com/search?q=ecocloudstudio.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ecocloudstudio.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ecocloudstudio.com/
Result: ecocloudstudio.com is not infected or malware details are not published yet.
Result: ecocloudstudio.com is not infected or malware details are not published yet.