Scanned pages/files
Request | Server response | Status |
http://maintainweb.co/ | 200 OK Content-Length: 1179 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://hotelakanksha.com/img/hunter_gujjar-pca.swf <iframe width='2' height='2' scrolling='no' frameborder='no' src='http://hotelakanksha.com/img/hunter_gujjar-pca.swf'> Deface/Content modification. The following signature was found: CONTENT=Hacked By Akram Stelle- Algerien Hacker <HTML><Head>
<link rel="shortcut icon" href="http://im86.gulfup.com/aLjVVo.png" /> <body background="http://8pic.ir/images/jq22n5aw8q0jt99ojpdg.gif"> <META NAME="Keywords" CONTENT=Hacked By Akram Stelle- Algerien Hacker""> <Title>Hacked By Akram Stelle</title> <Style TYPE="text/css"> A { text-decoration: none; } </Style> <br /><br /><br /><br /> <p align="center" dir="ltr"> <img border="0" src="http://www11.0zz0.com/2015/06/23/03/952399460 ...[933 bytes skipped]... | ||
http://yourjavascript.com/2146179535/rebel3..js | 200 OK Content-Length: 0 Content-Type: text/javascript | clean |
http://maintainweb.co/test404page.js | 404 Not Found Content-Length: 5350 Content-Type: text/html | clean |
http://maintainweb.co//ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Sat, 10 Oct 2015 08:26:28 GMT Pragma: no-cache Location: http://maintainweb.co/ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js/ Server: Apache/2.2.22 Vary: User-Agent,Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Pingback: http://maintainweb.co/xmlrpc.php X-Powered-By: PHP/5.5.21 | clean |
http://maintainweb.co/ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js/ | 404 Not Found Content-Length: 5350 Content-Type: text/html | clean |
http://maintainweb.co/wp-content/themes/maintainwebco/assets/js/vendor/modernizr-2.7.0.min.js | 200 OK Content-Length: 15503 Content-Type: application/javascript | clean |
http://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201541 | 200 OK Content-Length: 9885 Content-Type: application/x-javascript | clean |
http://s.gravatar.com/js/gprofiles.js?ver=2015Octaa | 200 OK Content-Length: 20650 Content-Type: application/x-javascript | clean |
http://maintainweb.co/wp-content/plugins/jetpack/modules/wpgroho.js?ver=3.8.11 | 200 OK Content-Length: 930 Content-Type: application/javascript | clean |
http://maintainweb.co/wp-content/themes/maintainwebco/assets/js/scripts.min.js?ver=0fc6af96786d8f267c8686338a34cd38 | 200 OK Content-Length: 29232 Content-Type: application/javascript | clean |
http://stats.wordpress.com/e-201541.js | 200 OK Content-Length: 3334 Content-Type: application/x-javascript | clean |
http://maintainweb.co/blog/ | 200 OK Content-Length: 11227 Content-Type: text/html | clean |
http://maintainweb.co/wp-content/plugins/jetpack/modules/sharedaddy/sharing.js?ver=20121205 | 200 OK Content-Length: 38864 Content-Type: application/javascript | clean |
http://maintainweb.co/3-step-sign/ | 200 OK Content-Length: 11056 Content-Type: text/html | clean |
http://maintainweb.co/3-step-sign/?format=pdf | 200 OK Content-Length: 18947 Content-Type: pdf | clean |
http://maintainweb.co/3-step-sign/?share=facebook | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 10 Oct 2015 08:26:38 GMT Location: http://www.facebook.com/sharer.php?u=http%3A%2F%2Fmaintainweb.co%2F3-step-sign%2F&t=3%20Step%20Sign%20Up Server: Apache/2.2.22 Vary: User-Agent,Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://maintainweb.co/xmlrpc.php X-Powered-By: PHP/5.5.21 | clean |
http://www.facebook.com/sharer.php?u=http%3a%2f%2fmaintainweb.co%2f3-step-sign%2f&t=3%20step%20sign%20up | HTTP/1.1 302 Found Connection: close Date: Sat, 10 Oct 2015 08:26:39 GMT Location: https://www.facebook.com/sharer.php?u=http%3A%2F%2Fmaintainweb.co%2F3-step-sign%2F&t=3+step+sign+up Content-Length: 0 Content-Type: text/html X-FB-Debug: JnOYQjhzSPyvYjuZzsS6I8JZvUB0VtLyu3a1go/yoglzP4FH5UYn9AQYp5VvxhxxVKgMkN5FCpID632giP6QmQ== | clean |
https://www.facebook.com/sharer.php?u=http%3a%2f%2fmaintainweb.co%2f3-step-sign%2f&t=3+step+sign+up | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Sat, 10 Oct 2015 08:26:39 GMT Pragma: no-cache Content-Length: 940 Content-Type: text/html;charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT X-Content-Type-Options: nosniff X-FB-Debug: tcjglJlGQuXAk6MkLzD80pBGABl2ewAPmpckfGBX4zh4lwzY21UW5rPyFIm4mT6AIDD1IULhabYEbeBb5gwQ4g== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 | clean |
https://www.facebook.com/sharer/sharer.php?u=http%3a%2f%2fmaintainweb.co%2f3-step-sign%2f&t=3+step+sign+up | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Sat, 10 Oct 2015 08:26:40 GMT Pragma: no-cache Vary: Accept-Encoding Content-Type: text/html;charset=utf-8 Expires: Sat, 01 Jan 2000 00:00:00 GMT Public-Key-Pins-Report-Only: max-age=500; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="q4PO2G2cbkZhZ82+JgmRUyGMoAeozA+BSXVXQWB8XWQ="; report-uri="http://reports.fb.com/hpkp/" Strict-Transport-Security: max-age=15552000; preload X-Content-Type-Options: nosniff X-FB-Debug: UyRLoewgmrOs7qn4DER2CK7m0XTAaCx02yTr9/vOtP5TijLG3cZsChzt768G90xuFqcV4KfWrno5X6fN12kMAQ== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 X-XSS-Protection: 0 | clean |
https://www.facebook.com/login.php?next=https%3a%2f%2fwww.facebook.com%2fsharer%2fsharer.php%3fu%3dhttp%253a%252f%252fmaintainweb.co%252f3-step-sign%252f%26amp%253bt%3d3%2bstep%2bsign%2bup%26ret%3dlogin&display=popup | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Sat, 10 Oct 2015 08:26:40 GMT Pragma: no-cache Vary: Accept-Encoding Content-Type: text/html Expires: Sat, 01 Jan 2000 00:00:00 GMT Public-Key-Pins-Report-Only: max-age=500; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="q4PO2G2cbkZhZ82+JgmRUyGMoAeozA+BSXVXQWB8XWQ="; report-uri="http://reports.fb.com/hpkp/" Strict-Transport-Security: max-age=15552000; preload X-Content-Type-Options: nosniff X-FB-Debug: BCUrAvnsC/ga2qjiSFN4LX5v8Pt2XKc2QzZ3Z2XLZPGtW3zoAtsOM3yy+aBJi0Woh7vZkmLfUTH6fZKO1k9lmA== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 X-XSS-Protection: 0 | clean |
https://www.facebook.com/login.php?next=https%3a%2f%2fwww.facebook.com%2fsharer%2fsharer.php%3fu%3dhttp%253a%252f%252fmaintainweb.co%252f3-step-sign%252f%26amp%253bt%3d3%2bstep%2bsign%2bup%26ret%3dlogin&%3bdisplay=popup&_fb_noscript=1 | HTTP/1.1 200 OK Cache-Control: private, no-cache, no-store, must-revalidate Connection: close Date: Sat, 10 Oct 2015 08:26:40 GMT Pragma: no-cache Vary: Accept-Encoding Content-Type: text/html Expires: Sat, 01 Jan 2000 00:00:00 GMT Public-Key-Pins-Report-Only: max-age=500; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="q4PO2G2cbkZhZ82+JgmRUyGMoAeozA+BSXVXQWB8XWQ="; report-uri="http://reports.fb.com/hpkp/" Strict-Transport-Security: max-age=15552000; preload X-Content-Type-Options: nosniff X-FB-Debug: Z6vuR+JN24zDuD3hmUR7QrzdB9KhzmjJcSoUVlIrFEY84HAi36oNTYFH8Iz6iWOIND881Gv3c+RHadfadvnxqQ== X-Frame-Options: DENY X-UA-Compatible: IE=edge,chrome=1 X-XSS-Protection: 0 | clean |
http://maintainweb.co/3-step-sign/?share=twitter | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 10 Oct 2015 08:26:41 GMT Location: http://twitter.com/intent/tweet?text=3+Step+Sign+Up&url=http%3A%2F%2Fmaintainweb.co%2F3-step-sign%2F Server: Apache/2.2.22 Vary: User-Agent,Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://maintainweb.co/xmlrpc.php X-Powered-By: PHP/5.5.21 | clean |
http://twitter.com/intent/tweet?text=3+step+sign+up&url=http%3a%2f%2fmaintainweb.co%2f3-step-sign%2f | HTTP/1.1 301 Moved Permanently Date: Sat, 10 Oct 2015 08:26:42 GMT Location: https://twitter.com/intent/tweet?text=3+step+sign+up&url=http%3a%2f%2fmaintainweb.co%2f3-step-sign%2f Server: tsa_b Content-Length: 0 Set-Cookie: ua=m2; Expires=Wed, 14 Oct 2015 12:26:42 UTC; Path=/; Domain=.twitter.com; Secure; HTTPOnly Set-Cookie: guest_id=v1%3A144446560220237459; Domain=.twitter.com; Path=/; Expires=Mon, 09-Oct-2017 08:26:42 UTC X-Connection-Hash: 5bbff15d1a4e3969ddba842b32c4b0b0 X-Response-Time: 3 | clean |
https://twitter.com/intent/tweet?text=3+step+sign+up&url=http%3a%2f%2fmaintainweb.co%2f3-step-sign%2f | 200 OK Content-Length: 5443 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: maintainweb.co
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 10 Oct 2015 08:26:24 GMT
Accept-Ranges: bytes
ETag: "f1a4335-49b-5207b7ca5b9d2"
Server: Apache/2.2.22
Vary: Accept-Encoding,User-Agent
Content-Length: 1179
Content-Type: text/html; charset=utf-8
Last-Modified: Thu, 24 Sep 2015 10:13:47 GMT
X-UA-Compatible: IE=edge,chrome=1
...1179 bytes of data.
GET / HTTP/1.1
Host: maintainweb.co
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 10 Oct 2015 08:26:24 GMT
Accept-Ranges: bytes
ETag: "f1a4335-49b-5207b7ca5b9d2"
Server: Apache/2.2.22
Vary: Accept-Encoding,User-Agent
Content-Length: 1179
Content-Type: text/html; charset=utf-8
Last-Modified: Thu, 24 Sep 2015 10:13:47 GMT
X-UA-Compatible: IE=edge,chrome=1
...1179 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: maintainweb.co
Referer: http://www.google.com/search?q=maintainweb.co
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: maintainweb.co
Referer: http://www.google.com/search?q=maintainweb.co
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=maintainweb.co
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://maintainweb.co/
Result: maintainweb.co is not infected or malware details are not published yet.
Result: maintainweb.co is not infected or malware details are not published yet.