Scanned pages/files
Request | Server response | Status |
http://redrebana.com/ | 200 OK Content-Length: 3178 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By : Version 2 ...[227 bytes skipped]... ="0" type="application/x-shockwave-flash"><param value="#ffffff" name="bgcolor" /><param value="mp3=http://api.ning.com/files/c9o2k-qynZrIL1ejfFhvRZympB2CifaTjQRl*U-1gB0EDInvZugxLqvUMTVk065XdT7bBDTyPnnCXYZJmBNojWX57d4xHrZb/04AwakeAndAlive.mp3?tsid=20120612-141516-4f878dd3&loop=1&autoplay=1&volume=125" name="FlashVars"/></object> <meta name="keywords" content="Hacked By : Version 2" /> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> <script language="JavaScript"> <!-- function openW (URL,TARGET,OPT) { window.onerror=null; window.open(URL,TARGET,OPT); } //--> </script></head><body leftmargin="0" topmargin="40" alink="#ffffff" bgcolor="#000000" link="#ffffff" text="#ffffff" vlink="#ffffff"> ...[2894 bytes skipped]... | ||
http://redrebana.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: redrebana.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 10 Aug 2014 01:08:23 GMT
Server: Apache
Content-Type: text/html
GET / HTTP/1.1
Host: redrebana.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 10 Aug 2014 01:08:23 GMT
Server: Apache
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: redrebana.com
Referer: http://www.google.com/search?q=redrebana.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: redrebana.com
Referer: http://www.google.com/search?q=redrebana.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=redrebana.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://redrebana.com/
Result: redrebana.com is not infected or malware details are not published yet.
Result: redrebana.com is not infected or malware details are not published yet.