Scanned pages/files
| Request | Server response | Status |
http://sodsri.info/ | 200 OK Content-Length: 70736 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: hacked by saeed afee ...[52234 bytes skipped]... ;td bgcolor="#E5E5E5" width="25%"><CENTER><B>Çѹ·Õè</B></CENTER></td> </tr> <tr><td colspan="3" height=1 class="dotline"></td></tr> <tr height="20"><td bgcolor="#F0F0F0"><IMG SRC="images/icon/dok.gif" BORDER="0" ALIGN="absmiddle"> <B>00007 : </B> <A HREF="?name=webboard&file=read&id=7" target="_blank">hacked by saeed afee</A><FONT FACE="tahoma" COLOR="#808080">(583/1)</FONT></td> <td bgcolor="#F0F0F0" width="120"><CENTER><B><FONT COLOR="#6600FF"><IMG SRC="images/human.gif" BORDER="0" ALIGN="absmiddle"> <B><FONT COLOR="#FF0066">vjvjjhjjjjjhjhfghfds</FONT></B></CENTER></td> <td bgcolor="#F0F0F0" width="120"><CENTER><FONT COLOR="#339900">19 Ê.¤. 2557 : 18:45</FONT></CENT ...[34362 bytes skipped]... | ||
http://sodsri.info/highslide/highslide.js | 200 OK Content-Length: 45234 Content-Type: application/javascript | clean |
http://sodsri.info/highslide/highslide-html.js | 200 OK Content-Length: 13700 Content-Type: application/javascript | clean |
http://sodsri.info/java.js | 200 OK Content-Length: 656 Content-Type: application/javascript | clean |
http://guru.sanook.com/gadget/gadget_tis620.js | 200 OK Content-Length: 227 Content-Type: text/javascript | clean |
http://sodsri.info/modules/randomimg/contentslider.js | 200 OK Content-Length: 10732 Content-Type: application/javascript | clean |
http://sodsri.info/modules/smiletag/smiletag-script.js | 200 OK Content-Length: 3301 Content-Type: application/javascript | clean |
http://sodsri.info/index.php | 200 OK Content-Length: 70736 Content-Type: text/html | clean |
http://sodsri.info/?name=news | 200 OK Content-Length: 53541 Content-Type: text/html | clean |
http://sodsri.info/?name=download | HTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Tue, 09 Sep 2014 10:11:48 GMT Pragma: no-cache Server: Apache/2 Vary: Accept-Encoding,User-Agent Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=9d6v6d308ui36761ckbfh5v8o0; path=/ X-Powered-By: PHP/5.3.25 | clean |
http://sodsri.info/index.php?name=member | 200 OK Content-Length: 60004 Content-Type: text/html | clean |
http://sodsri.info/?name=admin | 200 OK Content-Length: 11413 Content-Type: text/html | clean |
http://sodsri.info/test404page.js | 404 Not Found Content-Length: 481 Content-Type: text/html | clean |
http://sodsri.info/?name=page&file=page&op=new10 | 200 OK Content-Length: 101804 Content-Type: text/html | clean |
http://sodsri.info/?name=page&file=page&op=goodproject | 200 OK Content-Length: 52616 Content-Type: text/html | clean |
http://sodsri.info/?name=page&file=page&op=nited | 200 OK Content-Length: 34164 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: sodsri.info
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 09 Sep 2014 10:11:32 GMT
Pragma: no-cache
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: CP="NOI NID"
Set-Cookie: PHPSESSID=078iqd6s91gd1pbivbrkc0opv5; path=/
Set-Cookie: gcount_unique=index; expires=Wed, 10-Sep-2014 10:11:32 GMT
X-Powered-By: PHP/5.3.25
GET / HTTP/1.1
Host: sodsri.info
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 09 Sep 2014 10:11:32 GMT
Pragma: no-cache
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: CP="NOI NID"
Set-Cookie: PHPSESSID=078iqd6s91gd1pbivbrkc0opv5; path=/
Set-Cookie: gcount_unique=index; expires=Wed, 10-Sep-2014 10:11:32 GMT
X-Powered-By: PHP/5.3.25
Second query (visit from search engine):
GET / HTTP/1.1
Host: sodsri.info
Referer: http://www.google.com/search?q=sodsri.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: sodsri.info
Referer: http://www.google.com/search?q=sodsri.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=sodsri.info
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://sodsri.info/
Result: sodsri.info is not infected or malware details are not published yet.
Result: sodsri.info is not infected or malware details are not published yet.