Scanned pages/files
| Request | Server response | Status |
http://web301host.com/ | 200 OK Content-Length: 7202 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED BY SyR!4N M43STR0 <?php
function message(){ if(isset($_GET['msg']) || !isset($_GET['img']) && !isset($_GET['vid']) && !isset($_GET['abt']) ){ echo"<img style='padding :10px;float:right; margin:0px;' src='http://www5.0zz0.com/2014/01/06/01/181247766.jpg' width='180' height='200' ><p><h3>HACKED BY SyR!4N M43STR0</h3></p><p>Message For All :</p> Hello dear users (( when usa attack Syria .. syrian arabic army will destroy Israel and Saudi Arabia and remove them from map do not try us : <a target='_blank' style='text-decoration:none;color:yellow;' href='</a> from Syria , we are not a governmental organization nor follow political institution . we are youth live in Syria , we were forced to break ...[7937 bytes skipped]... | ||
http://jj.revolvermaps.com/2/1.js?i=9zhsj7n7be6&s=220&m=0&v=false&r=false&b=444444&n=false&c=444444 | 200 OK Content-Length: 2146 Content-Type: application/javascript | clean |
http://web301host.com/</a> from Syria , we are not a governmental organization nor follow political institution . we are youth live in Syria , we were forced to break in and hack your site as other many websites to deliver to you a message from the Syrian Arab people : to tell the truth that occur in our country Syria and that your governments hide from you with the help of false hypocrite med <span>...96 symbols skipped</span> | 404 Not Found Content-Length: 12839 Content-Type: text/html | clean |
http://code.jquery.com/jquery-1.9.1.js | 200 OK Content-Length: 268381 Content-Type: application/x-javascript | clean |
http://suspended.hostgator.com/js/simple-expand.min.js | 200 OK Content-Length: 2782 Content-Type: text/javascript | clean |
http://web301host.com/</ | 404 Not Found Content-Length: 12839 Content-Type: text/html | clean |
http://web301host.com/test404page.js | 404 Not Found Content-Length: 12839 Content-Type: text/html | clean |
http://web301host.com/</a> <br><br>
i am <a target= | 404 Not Found Content-Length: 12839 Content-Type: text/html | clean |
http://web301host.com/?msg | 200 OK Content-Length: 7202 Content-Type: text/html | clean |
http://web301host.com/?img | 200 OK Content-Length: 7202 Content-Type: text/html | clean |
http://web301host.com/?vid | 200 OK Content-Length: 7202 Content-Type: text/html | clean |
http://web301host.com/?abt | 200 OK Content-Length: 7202 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: web301host.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 27 Mar 2015 07:03:17 GMT
Accept-Ranges: bytes
Server: nginx/1.6.2
Content-Length: 7202
Content-Type: text/html
Last-Modified: Wed, 21 Jan 2015 23:20:16 GMT
...7202 bytes of data.
GET / HTTP/1.1
Host: web301host.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 27 Mar 2015 07:03:17 GMT
Accept-Ranges: bytes
Server: nginx/1.6.2
Content-Length: 7202
Content-Type: text/html
Last-Modified: Wed, 21 Jan 2015 23:20:16 GMT
...7202 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: web301host.com
Referer: http://www.google.com/search?q=web301host.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: web301host.com
Referer: http://www.google.com/search?q=web301host.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=web301host.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://web301host.com/
Result: web301host.com is not infected or malware details are not published yet.
Result: web301host.com is not infected or malware details are not published yet.