Scanned pages/files
Request | Server response | Status |
http://theopening.net/ | 200 OK Content-Length: 8415 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By ...[4338 bytes skipped]... ---> <div style="visibility:hidden;display:none"> </div> <center> <div id="con"> <center><img border="0" src="http://m-h-a-c-k-e-r.persiangig.com/Black.Hack3r/IR.gif"/></center> <font size="3" face="Denk One" color=Black>[ In The Name Of ALLAH ]</font><br></br> <strong> <font size="6" face="Denk One" color=Blue>Hacked By </font><font size="6" face="Denk One" color=Black>D$@d_M@n</font><br> <font size="6" face="Denk One" color=Black>I</font> <font size="6" face="Denk One" color=Red>ranian_</font> <font size="6" face="Denk One" color=Black>D</font> <font size="6" face="Denk One" color=Red>ark_</font> <font size="6" face="Denk One" color=Black>C</font> <font size="6" face="Denk One" color ...[5020 bytes skipped]... | ||
http://m-h-a-c-k-e-r.persiangig.com/Black.Hack3r/ghatarat-shabnam.js | 200 OK Content-Length: 1213 Content-Type: application/x-javascript | clean |
http://theopening.net/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: theopening.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 31 Oct 2014 13:37:30 GMT
Accept-Ranges: bytes
ETag: "66f0001-20df-4e88811487480"
Server: Apache
Content-Length: 8415
Content-Type: text/html
Last-Modified: Sat, 12 Oct 2013 09:43:30 GMT
...8415 bytes of data.
GET / HTTP/1.1
Host: theopening.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 31 Oct 2014 13:37:30 GMT
Accept-Ranges: bytes
ETag: "66f0001-20df-4e88811487480"
Server: Apache
Content-Length: 8415
Content-Type: text/html
Last-Modified: Sat, 12 Oct 2013 09:43:30 GMT
...8415 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: theopening.net
Referer: http://www.google.com/search?q=theopening.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: theopening.net
Referer: http://www.google.com/search?q=theopening.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=theopening.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://theopening.net/
Result: theopening.net is not infected or malware details are not published yet.
Result: theopening.net is not infected or malware details are not published yet.