Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://relaxan.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: relaxan.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 06 Sep 2014 15:35:01 GMT Location: http://thesitewizards.tk/bord/ Server: Apache Vary: Accept-Encoding Content-Length: 238 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://relaxan.com/ | 200 OK Content-Length: 6565 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HacKeD By Farouk Zoubir_DZ And Fikou Codex <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html><head> <!-- saved from url=(0104)http://sechome.dayfor.net/redpoint/Public/Js/kindeditor/attached/file/20130318/20130318030444_21656.html --> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> <script type="text/javascript"> var data="abcdefghijklmnopqrstuvwxyz0123456789"; var text="HacKeD By Farouk Zoubir_DZ And Fikou Codex";//Your Text Here var done=1; statusIn(text); function statusIn(text){ var max=4; var delay=100; if (done){ done = 0; decrypt_helper(text, max, delay, 0, max); } } function decrypt_helper(text, runs_left, delay, charvar, max){ if (!done){ runs_left = runs_left - 1; //alert( runs_left); var status = text.substring(0,charvar); for(var curre ...[7318 bytes skipped]... | ||
http://relaxan.com/test404page.js | 404 Not Found Content-Length: 325 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=relaxan.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://relaxan.com/
Result: relaxan.com is not infected or malware details are not published yet.
Result: relaxan.com is not infected or malware details are not published yet.