Scanned pages/files
Request | Server response | Status |
http://2als-sa.com/ | 200 OK Content-Length: 12906 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Matrix Dz ...[7261 bytes skipped]... ></div></td> <td width="6"><img src="Images/sep_droite.png" width="6" height="39" /></td> <td width="100" background="Images/sep_vide.png"><div align="center" class="Menu"><a href="spip.php?article0" class="GMenu_Lien"></div> <div id="conteneur-right"> <div id="conteneur"> <p><title> Hacked By Matrix Dz </title> <iframe src="http://djifa.com/images/awt.html" style="border: 0; position: fixed; top:0; left:0; right:0; bottom:0; width:100%; height:100%"></p> </div></a></div></td> <td width="6"><img src="Images/sep_gauche.png" width="6" height="39" /></td> <td width="10"> </td> <td width="6"><img src="Images/sep_droite.png" width="6" height="39" /></td& ...[9365 bytes skipped]... | ||
http://2als-sa.com/spip.php?page=english | 404 Not Found"); ?>Content-Length: 5253 Content-Type: text/html | clean |
http://2als-sa.com/prive/javascript/jquery.js | 200 OK Content-Length: 183184 Content-Type: text/javascript | clean |
http://2als-sa.com/prive/javascript/jquery.form.js | 200 OK Content-Length: 21060 Content-Type: text/javascript | clean |
http://2als-sa.com/prive/javascript/ajaxCallback.js | 200 OK Content-Length: 10815 Content-Type: text/javascript | clean |
http://2als-sa.com/prive/javascript/jquery.cookie.js | 200 OK Content-Length: 4246 Content-Type: text/javascript | clean |
http://2als-sa.com/extensions/porte_plume/javascript/xregexp-min.js | 200 OK Content-Length: 7085 Content-Type: text/javascript | clean |
http://2als-sa.com/extensions/porte_plume/javascript/jquery.markitup_pour_spip.js | 200 OK Content-Length: 22302 Content-Type: text/javascript | clean |
http://2als-sa.com/extensions/porte_plume/javascript/jquery.previsu_spip.js | 200 OK Content-Length: 2598 Content-Type: text/javascript | clean |
http://2als-sa.com/spip.php?page=porte_plume_start.js&lang=fr | 200 OK Content-Length: 12256 Content-Type: text/javascript | clean |
http://2als-sa.com/spip.php?rubrique2 | 200 OK Content-Length: 5965 Content-Type: text/html | clean |
http://2als-sa.com/spip.php?page=porte_plume_start.js&lang=en | 200 OK Content-Length: 11944 Content-Type: text/javascript | clean |
http://2als-sa.com/spip.php?rubrique7 | 200 OK Content-Length: 7443 Content-Type: text/html | clean |
http://2als-sa.com/spip.php?article10 | 200 OK Content-Length: 8483 Content-Type: text/html | clean |
http://2als-sa.com/spip.php?article6 | 200 OK Content-Length: 8710 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 2als-sa.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: max-age=2592000
Connection: close
Date: Thu, 30 Jul 2015 09:48:08 GMT
Pragma: no-cache
Server: Apache
Vary: Cookie,Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Sat, 29 Aug 2015 09:48:08 GMT
Last-Modified: Thu, 30 Jul 2015 09:48:08 GMT
Composed-By: SPIP 2.1.12 @ www.spip.net + images(1.0.1), msie_compat(1.0.0), porte_plume(1.7.8), safehtml(1.3.7), vertebres(1.0.0), compresseur(1.0.1)
Set-Cookie: SERVERID=s05; path=/
X-Backend-Server: clusterweb05.hosteur.com D=780257 t=1438249688658257
X-Powered-By: PHP/5.4.43
X-Spip-Cache: 0
GET / HTTP/1.1
Host: 2als-sa.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: max-age=2592000
Connection: close
Date: Thu, 30 Jul 2015 09:48:08 GMT
Pragma: no-cache
Server: Apache
Vary: Cookie,Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Sat, 29 Aug 2015 09:48:08 GMT
Last-Modified: Thu, 30 Jul 2015 09:48:08 GMT
Composed-By: SPIP 2.1.12 @ www.spip.net + images(1.0.1), msie_compat(1.0.0), porte_plume(1.7.8), safehtml(1.3.7), vertebres(1.0.0), compresseur(1.0.1)
Set-Cookie: SERVERID=s05; path=/
X-Backend-Server: clusterweb05.hosteur.com D=780257 t=1438249688658257
X-Powered-By: PHP/5.4.43
X-Spip-Cache: 0
Second query (visit from search engine):
GET / HTTP/1.1
Host: 2als-sa.com
Referer: http://www.google.com/search?q=2als-sa.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 2als-sa.com
Referer: http://www.google.com/search?q=2als-sa.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=2als-sa.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://2als-sa.com/
Result: 2als-sa.com is not infected or malware details are not published yet.
Result: 2als-sa.com is not infected or malware details are not published yet.