Scanned pages/files
Request | Server response | Status |
http://reddartmarketing.com/ | 200 OK Content-Length: 11126 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: [-] Hacked by KkK1337 [-] ...[5604 bytes skipped]... 20%34%35%29%3B%0A%7D%0A%3C%2F%73%63%72%69%70%74%3E')); </script> <center> <script language=JavaScript>m='%3Cimg%20src%3D%22https%3A//lh3.ggpht.com/flJWbyIQBEenM4VomYx6bGOjHscFod1I7-wUuGoBzkfKG6ol2CDYYZ-t1IEyb_nY1U8%3Dw300%22%3E%3Cbr%3E';d=unescape(m);document.write(d);</script> <img src="http://i.imgur.com/bWmkrLg.png"><br><br><h1>[-] Hacked by KkK1337 [-]<h1/><br> <script Language='Javascript'> document.write(unescape('%3C%62%6F%64%79%20%62%61%63%6B%67%72%6F%75%6E%64%3D%22%68%74%74%70%3A%2F%2F%69%2E%69%6D%67%75%72%2E%63%6F%6D%2F%66%4E%70%78%53%35%33%2E%70%6E%67%22%3E')); </script> <script language=JavaScript>m='%3Cembed%20src%3D%22http%3A//www.youtube.com/v/tVXpIoDInhQ%26autoplay%3D1%22%20type%3D%22application/x-shockwave-flash%22%20wmode%3D%22transparent%22%20width%3D ...[5084 bytes skipped]... | ||
http://hck.ru.cx/snow.js | 500 Can't connect to hck.ru.cx:80 Content-Length: 184 Content-Type: text/plain | clean |
http://hck.ru.cx/test404page.js | 500 Can't connect to hck.ru.cx:80 Content-Length: 184 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: reddartmarketing.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 05 Dec 2015 09:57:32 GMT
Accept-Ranges: bytes
Server: nginx/1.8.0
Content-Length: 11126
Content-Type: text/html
Last-Modified: Mon, 08 Sep 2014 11:31:02 GMT
...11126 bytes of data.
GET / HTTP/1.1
Host: reddartmarketing.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 05 Dec 2015 09:57:32 GMT
Accept-Ranges: bytes
Server: nginx/1.8.0
Content-Length: 11126
Content-Type: text/html
Last-Modified: Mon, 08 Sep 2014 11:31:02 GMT
...11126 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: reddartmarketing.com
Referer: http://www.google.com/search?q=reddartmarketing.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: reddartmarketing.com
Referer: http://www.google.com/search?q=reddartmarketing.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=reddartmarketing.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://reddartmarketing.com/
Result: reddartmarketing.com is not infected or malware details are not published yet.
Result: reddartmarketing.com is not infected or malware details are not published yet.