Scanned pages/files
| Request | Server response | Status |
http://shopthocon.info/ | 200 OK Content-Length: 3720 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Mzabi Ghost & Mr.Black Ghost Dz <html><title>Hacked By Mzabi Ghost & Mr.Black Ghost Dz </title><head><meta name="ROBOTS" content="INDEX, NOFOLLOW"> <meta name="ROBOTS" content="INDEX, NOFOLLOW"> <script src="//i.skimresources.com/api/?callback=skimwordsSettingsCallback&data=%7B%22instant%22%3A%221%22%2C%22page%22%3A%22http%3A%2F%2Fwww.immobiliervalenciennes.fr%2F%22%2C%22pref%22%3A%22%22%2C%22pubcode%22%3A%2262117X ...[4152 bytes skipped]... | ||
http://shopthocon.info//i.skimresources.com/api/?callback=skimwordsSettingsCallback&data=%7B%22instant%22%3A%221%22%2C%22page%22%3A%22http%3A%2F%2Fwww.immobiliervalenciennes.fr%2F%22%2C%22pref%22%3A%22%22%2C%22pubcode%22%3A%2262117X1389296%22%7D&version=10&js=1/ | HTTP/1.1 302 Found Connection: close Date: Sun, 20 Dec 2015 08:44:31 GMT Location: http://error404.000webhost.com/? Server: Apache Content-Length: 216 Content-Type: text/html; charset=iso-8859-1 | clean |
http://error404.000webhost.com/? | 200 OK Content-Length: 17249 Content-Type: text/html | clean |
http://error404.000webhost.com//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/ | 200 OK Content-Length: 17249 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js | 200 OK Content-Length: 95931 Content-Type: text/javascript | clean |
http://error404.000webhost.com//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/js/jquery.main.js/ | 200 OK Content-Length: 17249 Content-Type: text/html | clean |
http://error404.000webhost.com//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/js/jquery.main.js/js/jquery.main.js/ | 200 OK Content-Length: 17249 Content-Type: text/html | clean |
http://error404.000webhost.com//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/ | 200 OK Content-Length: 17249 Content-Type: text/html | clean |
http://error404.000webhost.com//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/ | 200 OK Content-Length: 17249 Content-Type: text/html | clean |
http://error404.000webhost.com//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/ | 200 OK Content-Length: 17249 Content-Type: text/html | clean |
http://error404.000webhost.com//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/ | 200 OK Content-Length: 17249 Content-Type: text/html | clean |
http://error404.000webhost.com//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/ | 200 OK Content-Length: 17249 Content-Type: text/html | clean |
http://error404.000webhost.com//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/ | 200 OK Content-Length: 17249 Content-Type: text/html | clean |
http://error404.000webhost.com//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/ | 200 OK Content-Length: 17249 Content-Type: text/html | clean |
http://error404.000webhost.com//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/ | 200 OK Content-Length: 17249 Content-Type: text/html | clean |
http://error404.000webhost.com//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/js/jquery.main.js/ | 200 OK Content-Length: 17249 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: shopthocon.info
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 20 Dec 2015 08:44:31 GMT
Server: Apache
Content-Length: 3720
Content-Type: text/html
X-Powered-By: PHP/5.2.17
...3720 bytes of data.
GET / HTTP/1.1
Host: shopthocon.info
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 20 Dec 2015 08:44:31 GMT
Server: Apache
Content-Length: 3720
Content-Type: text/html
X-Powered-By: PHP/5.2.17
...3720 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: shopthocon.info
Referer: http://www.google.com/search?q=shopthocon.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: shopthocon.info
Referer: http://www.google.com/search?q=shopthocon.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=shopthocon.info
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://shopthocon.info/
Result: shopthocon.info is not infected or malware details are not published yet.
Result: shopthocon.info is not infected or malware details are not published yet.