Scanned pages/files
| Request | Server response | Status |
http://riffster.net/ | 200 OK Content-Length: 747 Content-Type: text/html | clean |
http://riffster.net/.%23php.ini.1.6 | 200 OK Content-Length: 24066 Content-Type: text/plain | clean |
http://riffster.net/test404page.js | 404 Not Found Content-Length: 91 Content-Type: text/html | clean |
http://riffster.net/400.shtml | 200 OK Content-Length: 130 Content-Type: text/html | clean |
http://riffster.net/401.shtml | 200 OK Content-Length: 162 Content-Type: text/html | clean |
http://riffster.net/403.shtml | 200 OK Content-Length: 180 Content-Type: text/html | clean |
http://riffster.net/404.shtml | 200 OK Content-Length: 91 Content-Type: text/html | clean |
http://riffster.net/500.inc.php-rename | 200 OK Content-Length: 501 Content-Type: text/plain | clean |
http://riffster.net/500.php | 200 OK Content-Length: 304 Content-Type: text/html | clean |
http://riffster.net/500.shtml | 200 OK Content-Length: 94 Content-Type: text/html | clean |
http://riffster.net/cgi-bin/ | 403 Forbidden Content-Length: 179 Content-Type: text/html | clean |
http://riffster.net/favicon.ico | 200 OK Content-Length: 822 Content-Type: image/x-icon | clean |
http://riffster.net/ftp/ | 200 OK Content-Length: 210 Content-Type: text/html | clean |
http://riffster.net/index-1.html | 200 OK Content-Length: 505 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By HolaKo <html>
<head><title>Hacked By HolaKo</title></head> <body style="color:white" bgcolor=black><center> <h1>Hacked By HolaKo</h1> <h2>I'm the best of the rest ;)</h2> <h2><font color="green">FREE</font> <font color="red">PALESTINE</font> !</h2> <h3>@2014 Palestine Attacker.</h3> <object data="http://static.4shared.com/flash/player/5.10/player.swf?file=http://www.youtube.com/v/9v7rrtmByBY&repeat=no&autostart=true" width="0" height="0" type="application/x-shockwave-flash"></object> </body> </html> | ||
http://riffster.net/test/ | 200 OK Content-Length: 212 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: riffster.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 11 Jul 2015 04:15:03 GMT
Server: Apache
Content-Length: 747
Content-Type: text/html;charset=ISO-8859-1
...747 bytes of data.
GET / HTTP/1.1
Host: riffster.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 11 Jul 2015 04:15:03 GMT
Server: Apache
Content-Length: 747
Content-Type: text/html;charset=ISO-8859-1
...747 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: riffster.net
Referer: http://www.google.com/search?q=riffster.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: riffster.net
Referer: http://www.google.com/search?q=riffster.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=riffster.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://riffster.net/
Result: riffster.net is not infected or malware details are not published yet.
Result: riffster.net is not infected or malware details are not published yet.