Scanned pages/files
Request | Server response | Status |
http://ramadavikinghotel.com/ | 200 OK Content-Length: 6451 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: hacked by Hmei7 <title>hacked by Hmei7</title>
<style type="text/css"> body {background-color: black;} .matrix { font-size:17pt; text-align:center; width:20px; padding:0px; margin:0px;} a:link, a:visited {font-weight:normal; text-decoration:none; color:#00ff00;} a:hover {text-decoration:none;} </style> <br><br><br><br><br> <script type="text/javascript ...[7116 bytes skipped]... | ||
http://ramadavikinghotel.com/index_.php | HTTP/1.1 200 OK Connection: close Date: Sun, 31 Aug 2014 14:20:23 GMT Server: Apache/1.3.39 (Unix) PHP/5.2.5 mod_throttle/3.1.2 mod_psoft_traffic/0.2 mod_ssl/2.8.29 OpenSSL/0.9.7a Content-Type: text/html X-Powered-By: PHP/5.2.5 | clean |
http://82.195.144.16/welcome.php?domain=ramadavikinghotel.com&idomain=d4634946.e114.conceptireland.com&cpurl=http%3a%2f%2fcp.conceptireland.com%3a80%2fpsoft%2fservlet%2fpsoft.hsphere.cp&ssurl=http%3a%2f%2f82.195.128.67%3a80%2fstudio%2fservlet%2fpsoft.masonry.builder&ssclass=/studio/servlet/psoft.masonry.builder&lid=4634943&login=ramada&dir=ramadavikinghotel.com | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://82.195.144.16/test404page.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://ramadavikinghotel.com/index_.html | 200 OK Content-Length: 4533 Content-Type: text/html | clean |
http://ramadavikinghotel.com/index_.htm | 404 Not Found Content-Length: 1832 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ramadavikinghotel.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 31 Aug 2014 14:20:22 GMT
Accept-Ranges: bytes
ETag: "1382b6-1933-50e25513"
Server: Apache/1.3.39 (Unix) PHP/5.2.5 mod_throttle/3.1.2 mod_psoft_traffic/0.2 mod_ssl/2.8.29 OpenSSL/0.9.7a
Content-Length: 6451
Content-Type: text/html
Last-Modified: Tue, 01 Jan 2013 03:16:35 GMT
...6451 bytes of data.
GET / HTTP/1.1
Host: ramadavikinghotel.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 31 Aug 2014 14:20:22 GMT
Accept-Ranges: bytes
ETag: "1382b6-1933-50e25513"
Server: Apache/1.3.39 (Unix) PHP/5.2.5 mod_throttle/3.1.2 mod_psoft_traffic/0.2 mod_ssl/2.8.29 OpenSSL/0.9.7a
Content-Length: 6451
Content-Type: text/html
Last-Modified: Tue, 01 Jan 2013 03:16:35 GMT
...6451 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ramadavikinghotel.com
Referer: http://www.google.com/search?q=ramadavikinghotel.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ramadavikinghotel.com
Referer: http://www.google.com/search?q=ramadavikinghotel.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ramadavikinghotel.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ramadavikinghotel.com/
Result: ramadavikinghotel.com is not infected or malware details are not published yet.
Result: ramadavikinghotel.com is not infected or malware details are not published yet.