Scanned pages/files
Request | Server response | Status |
http://knddb.com/ | HTTP/1.1 200 OK Date: Sun, 07 Sep 2014 18:44:12 GMT Accept-Ranges: bytes ETag: "6a4b3434cef8cd1:169f" Server: Microsoft-IIS/6.0 Content-Length: 14260 Content-Location: http://knddb.com/Default.htm Content-Type: text/html Last-Modified: Tue, 22 Jan 2013 18:27:58 GMT X-Powered-By: ASP.NET | clean |
http://knddb.com/default.htm | 200 OK Content-Length: 14260 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By RedSpy - Yildiray ...[584 bytes skipped]... <!-- Begin function disableselect(e){ return false } function reEnable(){ return true } document.onselectstart=new Function ("return false") if (window.sidebar){ document.onmousedown=disableselect document.onclick=reEnable } // End --> </script> <!-- no txt fin --> <!-- codigo inicio --> <title>Hacked By RedSpy - Yildiray </title> <link href="Myanmar%20Hackers%20Unite4m_dosyalar/css.css" rel="stylesheet" type="text/css"> <style> IMG.HoverBorder {border:5px solid #eee;} body { background-color: rgb(153, 153, 153); background-image: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAGQAAABkCAIAAAD/gAIDAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAHK5JREFUeNrsnelaHDfThulhGTAYfP6nlfXK4iQ+AoPBMCye75Hu7puih9iO19fJNz+4enq6pVKpVMtTJTG8ePFia ...[13843 bytes skipped]... | ||
http://knddb.com/Myanmar%20Hackers%20Unite4m_dosyalar/ga.js | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
http://knddb.com/test404page.js | 404 Not Found Content-Length: 1308 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: knddb.com
Result:
HTTP/1.1 200 OK
Date: Sun, 07 Sep 2014 18:44:12 GMT
Accept-Ranges: bytes
ETag: "6a4b3434cef8cd1:169f"
Server: Microsoft-IIS/6.0
Content-Length: 14260
Content-Location: http://knddb.com/Default.htm
Content-Type: text/html
Last-Modified: Tue, 22 Jan 2013 18:27:58 GMT
X-Powered-By: ASP.NET
...14260 bytes of data.
GET / HTTP/1.1
Host: knddb.com
Result:
HTTP/1.1 200 OK
Date: Sun, 07 Sep 2014 18:44:12 GMT
Accept-Ranges: bytes
ETag: "6a4b3434cef8cd1:169f"
Server: Microsoft-IIS/6.0
Content-Length: 14260
Content-Location: http://knddb.com/Default.htm
Content-Type: text/html
Last-Modified: Tue, 22 Jan 2013 18:27:58 GMT
X-Powered-By: ASP.NET
...14260 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: knddb.com
Referer: http://www.google.com/search?q=knddb.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: knddb.com
Referer: http://www.google.com/search?q=knddb.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=knddb.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://knddb.com/
Result: knddb.com is not infected or malware details are not published yet.
Result: knddb.com is not infected or malware details are not published yet.