Scanned pages/files
Request | Server response | Status |
http://wearebrothers.org/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 07 May 2014 22:43:07 GMT Location: http://www.wearebrothers.org/ Server: nginx/1.5.12 Content-Type: text/html; charset=UTF-8 X-Pingback: http://www.wearebrothers.org/xmlrpc.php X-Powered-By: PHP/5.4.27-1+deb.sury.org~precise+1 | clean |
http://www.wearebrothers.org/ | 200 OK Content-Length: 1906 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HaCked By SpAcE FiGhTeR <!DOCTYPE HTML PUBLIC><Html><head> <title>HaCked By SpAcE FiGhTeR</title><link rel=
<embed src=""application/x-shockwave-flash" wmode="transparent" width="1" height="1"></embed> <embed flashvars="song_id=240407&autoplay=1" height="0" src="" width="0"></embed> <html><head> <link REL="SHORTCUT ICON" HREF=> </head><body bgcolor="#000000" text="green"> <center><font color="cyan" size="6"> ...[1941 bytes skipped]... | ||
http://www.wearebrothers.org/test404page.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: wearebrothers.org
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 07 May 2014 22:43:07 GMT
Location: http://www.wearebrothers.org/
Server: nginx/1.5.12
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.wearebrothers.org/xmlrpc.php
X-Powered-By: PHP/5.4.27-1+deb.sury.org~precise+1
GET / HTTP/1.1
Host: wearebrothers.org
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 07 May 2014 22:43:07 GMT
Location: http://www.wearebrothers.org/
Server: nginx/1.5.12
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.wearebrothers.org/xmlrpc.php
X-Powered-By: PHP/5.4.27-1+deb.sury.org~precise+1
Second query (visit from search engine):
GET / HTTP/1.1
Host: wearebrothers.org
Referer: http://www.google.com/search?q=wearebrothers.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: wearebrothers.org
Referer: http://www.google.com/search?q=wearebrothers.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=wearebrothers.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://wearebrothers.org/
Result: wearebrothers.org is not infected or malware details are not published yet.
Result: wearebrothers.org is not infected or malware details are not published yet.