Scanned pages/files
Request | Server response | Status |
http://gambande.com/ | 200 OK Content-Length: 4470 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HaCked by El plan maestro ...[572 bytes skipped]... Timeout("titulo()",200);} titulo(); // --> </script> <br><span class="wglow" style="font-family: Courier;"><b> </b></span><a href=""target="blank"><class="evil" onclick="meow()"><b><span style="color: RED;"></span></b></button></a><center><font size="8" color="RED" face="Schoolbully"> HaCked by El plan maestro </font><br></center> <br> </head> <body text="#FF0000" bgcolor="#000000"> <p align="center"> <center><img border="0" src="http://i59.tinypic.com/migto2.png"></center><br><br><br><center><font size="6" color="WHITE" face="Schoolbully">#Ciberataque, El internet es libre, no hay lÃderes</font><br><fon ...[3821 bytes skipped]... | ||
https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js | 200 OK Content-Length: 91342 Content-Type: text/javascript | clean |
http://gambande.com/test404page.js | 404 Not Found Content-Length: 1149 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: gambande.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 01 May 2014 07:10:03 GMT
Server: LiteSpeed
Content-Length: 4470
Content-Type: text/html
...4470 bytes of data.
GET / HTTP/1.1
Host: gambande.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 01 May 2014 07:10:03 GMT
Server: LiteSpeed
Content-Length: 4470
Content-Type: text/html
...4470 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: gambande.com
Referer: http://www.google.com/search?q=gambande.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: gambande.com
Referer: http://www.google.com/search?q=gambande.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gambande.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://gambande.com/
Result: gambande.com is not infected or malware details are not published yet.
Result: gambande.com is not infected or malware details are not published yet.