Scanned pages/files
| Request | Server response | Status |
http://regiga.com/ | 200 OK Content-Length: 59357 Content-Type: text/html | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 21412 Content-Type: text/javascript | clean |
http://regiga.com/index.php | 200 OK Content-Length: 59357 Content-Type: text/html | clean |
http://regiga.com/login.php | 200 OK Content-Length: 45687 Content-Type: text/html | clean |
http://regiga.com/index.php?go=register | 200 OK Content-Length: 46574 Content-Type: text/html | clean |
http://regiga.com/howItWorks.php | 200 OK Content-Length: 44998 Content-Type: text/html | clean |
http://regiga.com/About-FreeListing.php | 200 OK Content-Length: 43639 Content-Type: text/html | clean |
http://regiga.com/Buy-Real-Estate.php | 200 OK Content-Length: 60560 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: hacked by htlr al-jnoop hackers ...[50487 bytes skipped]... <tr> <td align="right" class="colText"><div align="left">Property Style: </div></td> <td class="rowText"><select name="style" id="style"> <option value="" selected>- All Styles - </option> <option value="39">ÇáæÇÍÏ íÏæÑ æíÈÍÈÔ æãÇíáÞì Ôí</option><option value="38">hacked by htlr al-jnoop hackers</option> </select> </td> </tr> <tr> <td align="right" class="colText"><div align="left">Minimum Price: </div></td> <td class="rowText"><select name="pfrom" id="pfrom"> <option value="-1">$ 0.00</option> <option value="25000">$ 25,000.00</o ...[25102 bytes skipped]... | ||
http://regiga.com/Real-Estate-Listings.php | 200 OK Content-Length: 43215 Content-Type: text/html | clean |
http://regiga.com/freelisting-real-estate-Links.php | 200 OK Content-Length: 120923 Content-Type: text/html | clean |
http://regiga.com/buy-real-estate-advanced.php | 200 OK Content-Length: 60528 Content-Type: text/html | clean |
http://regiga.com/properties.php?state=AB | 200 OK Content-Length: 41010 Content-Type: text/html | clean |
http://regiga.com/properties_feed.php?&state=AB | 200 OK Content-Length: 376 Content-Type: text/xml | clean |
http://regiga.com/test404page.js | 404 Not Found Content-Length: 652 Content-Type: text/html | clean |
http://cdn.dsultra.com/js/registrar.js | 200 OK Content-Length: 1652 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: regiga.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 25 Sep 2014 01:08:18 GMT
Pragma: no-cache
Server: Microsoft-IIS/6.0
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=47b2c84c24923ebd4fc62897563a96a2; path=/; domain=.freelisting.biz
X-Powered-By: PHP/4.4.9
X-Powered-By: ASP.NET
GET / HTTP/1.1
Host: regiga.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 25 Sep 2014 01:08:18 GMT
Pragma: no-cache
Server: Microsoft-IIS/6.0
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=47b2c84c24923ebd4fc62897563a96a2; path=/; domain=.freelisting.biz
X-Powered-By: PHP/4.4.9
X-Powered-By: ASP.NET
Second query (visit from search engine):
GET / HTTP/1.1
Host: regiga.com
Referer: http://www.google.com/search?q=regiga.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: regiga.com
Referer: http://www.google.com/search?q=regiga.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=regiga.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://regiga.com/
Result: regiga.com is not infected or malware details are not published yet.
Result: regiga.com is not infected or malware details are not published yet.