Scanned pages/files
Request | Server response | Status |
http://thefaanshop.be/ | 200 OK Content-Length: 896 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED BY S3N4T0R <!DOCTYPE HTML> <html lang="en-US"> <head> <p align=center> <meta charset="UTF-8"> <title> HACKED BY S3N4T0R</title> <style type="text/css"> .yami{font-family:impact;font-size:75px;font-weight:500;} </style> </head> <body> <center><img src="http://img.freeflagicons.com/thumb/fluttering_flag/azerbaijan/azerbaijan_640.png" /><br> <span class="yami">Hacked By S3N4T0R | Hacked By GL0B4L </b></sp ...[589 bytes skipped]... | ||
http://thefaanshop.be/test404page.js | 404 Not Found Content-Length: 462 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: thefaanshop.be
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Sat, 28 Feb 2015 16:20:07 GMT
Pragma: no-cache
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 7113f5db68ffde6439e37b6234e2753a=1731a12481bedf6b4d467e25e6630445; path=/
X-Powered-By: PHP/5.4.34
GET / HTTP/1.1
Host: thefaanshop.be
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Sat, 28 Feb 2015 16:20:07 GMT
Pragma: no-cache
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 7113f5db68ffde6439e37b6234e2753a=1731a12481bedf6b4d467e25e6630445; path=/
X-Powered-By: PHP/5.4.34
Second query (visit from search engine):
GET / HTTP/1.1
Host: thefaanshop.be
Referer: http://www.google.com/search?q=thefaanshop.be
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: thefaanshop.be
Referer: http://www.google.com/search?q=thefaanshop.be
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=thefaanshop.be
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://thefaanshop.be/
Result: thefaanshop.be is not infected or malware details are not published yet.
Result: thefaanshop.be is not infected or malware details are not published yet.