Scanned pages/files
Request | Server response | Status |
http://www.spreadmp3.net/ | 200 OK Content-Length: 547 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 src: http://videotoolz20.com/v3/assets/songs/pop/original/skrillex%20%20diplo%20feat.%20g%20dragon%20%20cl-dirty%20vibe%20dirty.mp3?autoplay=1 <iframe width="0" height="0" src="http://videotoolz20.com/v3/assets/songs/pop/original/skrillex%20%20diplo%20feat.%20g%20dragon%20%20cl-dirty%20vibe%20dirty.mp3?autoplay=1" frameborder="0" allowfullscreen> Deface/Content modification. The following signature was found: Hacked By SYNDICATE007 <!DOCTYPE html> <html> <body> <title>Hacked By SYNDICATE007</title> <center><p>Hacked By SYNDICATE007</p></center> <p>Thanks to :</p><marquee style="font-family:Book Antiqua; color: 000000" bgcolor="#FFFFFF" scrollamount="5">Bandung BlackHat - #DepokCyberSecurity - Code Breaking Forces - GadiZ pwNd yo-U</marquee> <iframe width="0" height="0" src="http://videotoolz20.com/v3/assets/songs/Pop/Original/Skrillex%20%20Diplo%20Feat.%20G%20Dragon%20%20CL-Dirty%20Vibe%20Dirty.mp3?autoplay=1" frameborder="0" allowfullscreen></iframe> </body> </html> | ||
http://www.spreadmp3.net/test404page.js | HTTP/1.1 404 Not Found Connection: close Date: Sat, 27 Jun 2015 11:16:18 GMT Server: nginx admin Content-Length: 613 Content-Type: text/html | clean |
http://spreadmp3.info/ | 200 OK Content-Length: 27157 Content-Type: text/html | clean |
http://spreadmp3.info//adserver.adreactor.com/js/libcode1_noajax.js/ | 200 OK Content-Length: 17874 Content-Type: text/html | clean |
http://spreadmp3.info//t.MtagMonetizationA.com/build/ffcf7b/v1/ | 200 OK Content-Length: 17830 Content-Type: text/html | clean |
http://cdn.directrev.com/js/gp.min.js | 200 OK Content-Length: 5240 Content-Type: application/x-javascript | clean |
http://spreadmp3.info//t.MtagMonetizationA.com/build/c6e679/v1/ | 200 OK Content-Length: 17772 Content-Type: text/html | clean |
http://propellerpops.com/apu.php?zoneid=3384 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sat, 27 Jun 2015 11:16:31 GMT Location: http://onclickads.net/apu.php?zoneid=3384 Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://onclickads.net/apu.php?zoneid=3384 | 200 OK Content-Length: 13311 Content-Type: application/x-javascript | clean |
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js | 200 OK Content-Length: 95786 Content-Type: text/javascript | clean |
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/jquery-ui.min.js | 200 OK Content-Length: 239564 Content-Type: text/javascript | clean |
http://spreadmp3.info/oc-content/themes/pencarian/all.js | 200 OK Content-Length: 8266 Content-Type: application/javascript | clean |
http://spreadmp3.info/oc-content/themes/pencarian/main.js | 200 OK Content-Length: 11572 Content-Type: application/javascript | clean |
http://t1.extreme-dm.com/f.js | 200 OK Content-Length: 2618 Content-Type: application/javascript | clean |
http://spreadmp3.info/page/chart-music | 200 OK Content-Length: 39129 Content-Type: text/html | clean |
http://spreadmp3.info/page/top-songs | 200 OK Content-Length: 41563 Content-Type: text/html | clean |
http://spreadmp3.info/page/tvshow | 200 OK Content-Length: 36220 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: spreadmp3.net
Result:
GET / HTTP/1.1
Host: spreadmp3.net
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: spreadmp3.net
Referer: http://www.google.com/search?q=spreadmp3.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: spreadmp3.net
Referer: http://www.google.com/search?q=spreadmp3.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=spreadmp3.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://spreadmp3.net/
Result: spreadmp3.net is not infected or malware details are not published yet.
Result: spreadmp3.net is not infected or malware details are not published yet.