Scanned pages/files
Request | Server response | Status |
http://travoprost.net/ | 200 OK Content-Length: 91557 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: ! Hacked By aMIr-FucKeR _ Mr_BL4cKH3T ...[13302 bytes skipped]... /style><\/head><body link=\"green\" vlink=\"pink\" alink=\"green\" bgcolor=\"Black\"><br>\r\n<div align=\"center\"><img src=\"http:\/\/8pic.ir\/images\/rp0hy7urogpq5v5lm19k.jpg\" alt=\"\" hspace=\"0\" vspace=\"0\" align=\"bottom\" border=\"0\"> <\/div>\r\n\r\n\r\n\r\n<b<br><br>\r\n<center><b>\r\n<font size=\"50\"><font color=\"red\">! Hacked By aMIr-FucKeR _ Mr_BL4cKH3T <\/font><font color=\"green\"> <\/font><font color=\"red\">!<\/font><font size=\"4\"><br>\r\n\r\n\r\n<br><b>\r\n<h3><font color=\"white\"><\/font><font color=\"white\"> <\/font><font color=\"white\"> Fr : .::|| MR-R9T ||::. .::|| FasT ReaCtoR ||::. .::|| NigHT_WO1F ||::.\r\n <\/font><\/h3><br>\r\n\r\n<font size=\"6\"><font color=\"orang\">< ...[84777 bytes skipped]... | ||
http://up.raft25.ir/up/raft/Js-abzar/Baran.js | 200 OK Content-Length: 3841 Content-Type: application/javascript | clean |
http://travoprost.net/contact-us/ | 200 OK Content-Length: 49576 Content-Type: text/html | clean |
http://travoprost.net/privacy/ | 200 OK Content-Length: 50252 Content-Type: text/html | clean |
http://travoprost.net/is-there-something-better-than-zetaclear/ | 200 OK Content-Length: 55537 Content-Type: text/html | clean |
http://travoprost.net/author/manager4/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 25 Oct 2015 13:04:34 GMT Location: http://travoprost.net Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.4.29 | clean |
http://travoprost.net/test404page.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 25 Oct 2015 13:04:35 GMT Location: http://travoprost.net Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.4.29 | clean |
http://travoprost.net/category/general/ | 200 OK Content-Length: 58832 Content-Type: text/html | clean |
http://travoprost.net/tag/zetaclear/ | 200 OK Content-Length: 54304 Content-Type: text/html | clean |
http://travoprost.net/great-tips-to-look-your-best/ | 200 OK Content-Length: 53131 Content-Type: text/html | clean |
http://travoprost.net/tag/looking-your-best/ | 200 OK Content-Length: 52379 Content-Type: text/html | clean |
http://travoprost.net/more-thoughts-on-trichotillomania/ | 200 OK Content-Length: 57656 Content-Type: text/html | clean |
http://travoprost.net/category/health/ | 200 OK Content-Length: 94617 Content-Type: text/html | clean |
http://travoprost.net/tag/trichotillomania/ | 200 OK Content-Length: 63420 Content-Type: text/html | clean |
http://travoprost.net/trichotillomania-compared/ | 200 OK Content-Length: 55990 Content-Type: text/html | clean |
http://travoprost.net/exploring-mental-health/ | 200 OK Content-Length: 58376 Content-Type: text/html | clean |
http://travoprost.net/tag/mental-health/ | 200 OK Content-Length: 56921 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: travoprost.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 25 Oct 2015 13:04:26 GMT
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/5.4.29
GET / HTTP/1.1
Host: travoprost.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 25 Oct 2015 13:04:26 GMT
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/5.4.29
Second query (visit from search engine):
GET / HTTP/1.1
Host: travoprost.net
Referer: http://www.google.com/search?q=travoprost.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: travoprost.net
Referer: http://www.google.com/search?q=travoprost.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=travoprost.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://travoprost.net/
Result: travoprost.net is not infected or malware details are not published yet.
Result: travoprost.net is not infected or malware details are not published yet.