Scanned pages/files
Request | Server response | Status |
http://keepthebeat.net/ | 200 OK Content-Length: 5401 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED BY X-WARRIOR ...[71 bytes skipped]... > <html><head> <meta http-equiv='Content-Type' content='text/html; charset=UTF-8'> <script language='JavaScript'><!-- Beginvar scrl = ' Free Palestine ';function scrlsts() { scrl = scrl.substring(1, scrl.length) + scrl.substring(0, 1); document.title = scrl; setTimeout('scrlsts()', 300); }// End --></script><title>HACKED BY X-WARRIOR</title> <style type='text/css'> body{background:url(http://www.madtomatoe.com/wp-content/uploads/2010/11/matrix-animated-image.gif)}#tw{width:600px;height:265px;border:1px solid #007f00;background:url(http://fonts.googleapis.com/css?family=Iceland Condensed;font-size:18px;color:#0c0;margin:0 auto}</style> <link href='http://fonts.googleapis.com/css?family=Iceland' rel='stylesheet' type='text/c ...[5418 bytes skipped]... | ||
http://keepthebeat.net/test404page.js | 404 Not Found Content-Length: 1635 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: keepthebeat.net
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Tue, 09 Dec 2014 13:04:06 GMT
Server: Microsoft-IIS/6.0
Content-Length: 5401
Content-Type: text/html; charset=utf-8
PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "tmcnabb@houma.com" on "2010.12.16T09:33-0600" exp "2011.12.16T12:00-0600" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))
PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "tmcnabb@houma.com" on "2010.12.16T09:33-0600" exp "2011.12.16T12:00-0600" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "tmcnabb@houma.com" on "2010.12.16T09:33-0600" exp "2011.12.16T12:00-0600" r (v 0 s 0 n 0 l 0))
PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "tmcnabb@houma.com" on "2010.12.16T09:33-0600" exp "2011.12.16T12:00-0600" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "tmcnabb@houma.com" on "2010.12.16T09:33-0600" exp "2011.12.16T12:00-0600" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "tmcnabb@houma.com" on "2010.12.16T09:33-0600" exp "2011.12.16T12:00-0600" r (l 0 s 0 v 0 o 0))
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
...5401 bytes of data.
GET / HTTP/1.1
Host: keepthebeat.net
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Tue, 09 Dec 2014 13:04:06 GMT
Server: Microsoft-IIS/6.0
Content-Length: 5401
Content-Type: text/html; charset=utf-8
PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "tmcnabb@houma.com" on "2010.12.16T09:33-0600" exp "2011.12.16T12:00-0600" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))
PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "tmcnabb@houma.com" on "2010.12.16T09:33-0600" exp "2011.12.16T12:00-0600" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "tmcnabb@houma.com" on "2010.12.16T09:33-0600" exp "2011.12.16T12:00-0600" r (v 0 s 0 n 0 l 0))
PICS-Label: (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "tmcnabb@houma.com" on "2010.12.16T09:33-0600" exp "2011.12.16T12:00-0600" r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0))(PICS-1.0 "http://www.rsac.org/ratingsv01.html" l by "tmcnabb@houma.com" on "2010.12.16T09:33-0600" exp "2011.12.16T12:00-0600" r (v 0 s 0 n 0 l 0))(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l by "tmcnabb@houma.com" on "2010.12.16T09:33-0600" exp "2011.12.16T12:00-0600" r (l 0 s 0 v 0 o 0))
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
...5401 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: keepthebeat.net
Referer: http://www.google.com/search?q=keepthebeat.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: keepthebeat.net
Referer: http://www.google.com/search?q=keepthebeat.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=keepthebeat.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://keepthebeat.net/
Result: keepthebeat.net is not infected or malware details are not published yet.
Result: keepthebeat.net is not infected or malware details are not published yet.