Scanned pages/files
Request | Server response | Status |
http://vribl.com/ | 200 OK Content-Length: 3709 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by Dr.Pc 
<!-- saved from url=(0026)http://opalo.tv/index2.php --> <html lang='en'><head> <style> body {cursor:cross; background: #000000 url(https://lh6.googleusercontent.com/-uRLX3SeDrdI/TjBpUFR5oeI/AAAAAAAAAIo/GYSnWQxGWMc/cok.gif) scroll repeat center center; </style> <meta http-equiv='Content-Type' content='text/html; charset=UTF-8'> <meta charset='utf-8'> <title>Hacked by Dr.Pc</title> <div class='style10'> <font face='Orbitron' size='7' color='white' class='auto-style2'><strong> Hacked by </strong> <span class='style7'><strong>D</strong></span><span class='style9'><strong>r</strong></span>.<span class='style8'><strong>P</strong></span><span class='style9'& ...[3856 bytes skipped]... | ||
http://vribl.com/test404page.js | 404 Not Found Content-Length: 12839 Content-Type: text/html | clean |
http://code.jquery.com/jquery-1.9.1.js | 200 OK Content-Length: 268381 Content-Type: application/x-javascript | clean |
http://suspended.hostgator.com/js/simple-expand.min.js | 200 OK Content-Length: 2782 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: vribl.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 24 Sep 2014 01:41:30 GMT
Server: nginx/1.6.2
Content-Type: text/html
GET / HTTP/1.1
Host: vribl.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 24 Sep 2014 01:41:30 GMT
Server: nginx/1.6.2
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: vribl.com
Referer: http://www.google.com/search?q=vribl.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: vribl.com
Referer: http://www.google.com/search?q=vribl.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=vribl.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://vribl.com/
Result: vribl.com is not infected or malware details are not published yet.
Result: vribl.com is not infected or malware details are not published yet.