Scanned pages/files
| Request | Server response | Status |
http://reorockstar.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 05 Apr 2014 08:02:20 GMT Location: http://reorockstar.com/nov Server: Apache/2.2 Content-Length: 303 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: X-Mapping-miokmfji=9E6B696C6C3C8E02A359F9DC27F64077; path=/ | clean |
http://reorockstar.com/nov | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 05 Apr 2014 08:02:20 GMT Location: http://reorockstar.com/nov/ Server: Apache/2.2 Content-Length: 304 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: X-Mapping-miokmfji=ABC574C419F1EF5CC464DBF973415C2A; path=/ | clean |
http://reorockstar.com/nov/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 05 Apr 2014 08:02:21 GMT Location: http://reorockstar.com/nov/sq1.php Server: Apache/2.2 Content-Length: 311 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: X-Mapping-miokmfji=05EA83DAD6829FFAD4BA866BFAF557DA; path=/ | clean |
http://reorockstar.com/nov/sq1.php | HTTP/1.1 302 Found Connection: close Date: Sat, 05 Apr 2014 08:02:21 GMT Location: http://reorockstar.com/nov/sq1.php?tsa=0& Server: Apache/2.2 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Set-Cookie: X-Mapping-miokmfji=9B9A2C17C77F0C53802CCBDA1B7283FB; path=/ | clean |
http://reorockstar.com/nov/sq1.php?tsa=0& | 200 OK Content-Length: 27125 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: realfreedominc.com ...[6630 bytes skipped]... ng)."); } } } ); } else { jQuery(".loading").css("display", "none"); jQuery(".submit-button").css("display", "block"); alert("You have already reached the maximum number of submissions from your IP address. If you believe this is in error, please contact us at support@realfreedominc.com."); } }, "text" ); } else { jQuery(".loading").css("display", "none"); jQuery(".submit-button").css("display", "block"); alert("Please enter a valid email address (check spelling)."); } } </script> <div id="pagewrapper"> <div id="maintopbar"></div> <div id="wrapper"> < ...[24684 bytes skipped]... | ||
https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.js | 200 OK Content-Length: 268381 Content-Type: text/javascript | clean |
http://reorockstar.com/REOrockstarsqueezepage.php_files/ExPop-js.php | 404 Not Found Content-Length: 439 Content-Type: text/html | clean |
http://reorockstar.com/test404page.js | 404 Not Found Content-Length: 408 Content-Type: text/html | clean |
http://reorockstar.com/player/swfobject.js | 200 OK Content-Length: 6880 Content-Type: application/x-javascript | clean |
http://realfreedomincaffiliates.com/scripts/trackjs.js | 200 OK Content-Length: 22508 Content-Type: application/x-javascript | clean |
http://reorockstar.com/exitsplash.js | 404 Not Found Content-Length: 407 Content-Type: text/html | clean |
http://reorockstar.com//static.getclicky.com/js/ | 404 Not Found Content-Length: 418 Content-Type: text/html | clean |
http://www.adreadytractions.com/rt/351881?p=30471 | 200 OK Content-Length: 1456 Content-Type: text/javascript | clean |
http://www.googleadservices.com/pagead/conversion.js | 200 OK Content-Length: 9125 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: reorockstar.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 05 Apr 2014 08:02:20 GMT
Location: http://reorockstar.com/nov
Server: Apache/2.2
Content-Length: 303
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: X-Mapping-miokmfji=9E6B696C6C3C8E02A359F9DC27F64077; path=/
...303 bytes of data.
GET / HTTP/1.1
Host: reorockstar.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 05 Apr 2014 08:02:20 GMT
Location: http://reorockstar.com/nov
Server: Apache/2.2
Content-Length: 303
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: X-Mapping-miokmfji=9E6B696C6C3C8E02A359F9DC27F64077; path=/
...303 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: reorockstar.com
Referer: http://www.google.com/search?q=reorockstar.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: reorockstar.com
Referer: http://www.google.com/search?q=reorockstar.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=reorockstar.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://reorockstar.com/
Result: reorockstar.com is not infected or malware details are not published yet.
Result: reorockstar.com is not infected or malware details are not published yet.