Scanned pages/files
Request | Server response | Status |
http://aegipt.pl/ | 200 OK Content-Length: 16885 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: +ADw-title+AD4-Hacked By Must+AEA-f+AEAAPA-/title+AD4 ...[136 bytes skipped]... w3.org/1999/xhtml" dir="ltr" lang="pl-PL"> <head profile="http://gmpg.org/xfn/11"><script src="http://www.traveligo.pl/scripts/belka.js?id=410" charset="ISO-8859-2" language="javascript"></script> <meta http-equiv="Content-Type" content="text/html; charset=UTF-7" /> <title>+ADw-/title+AD4APA-html+AD4 +ADw-meta charset+AD0AIg-UTF-8+ACIAPg +ADw-title+AD4-Hacked By Must+AEA-f+AEAAPA-/title+AD4 +ADw-body bgcolor+AD0AIg-black+ACI oncontextmenu+AD0AIg-return false+ACI onselectstart+AD0AIg-return false+ACI ondragstart+AD0AIg-return false+ACIAPg +ADw-link href+AD0AIg-http://fonts.googleapis.com/css?family+AD0-Share+ACs-Tech+ACs-Mono+ACI rel+AD0AIg-stylesheet+ACI type+AD0AIg-text/css+ACIAPg +ADw-center+AD4 +ADw-br+AD4APA-br+AD4 +ADw-img src+AD0AIg-http://i.hizliresim.com/7mQ7gv.jpg+ACI style+AD0AIg-opacity:0.4+ADs-filter:alp ...[17800 bytes skipped]... | ||
http://www.traveligo.pl/scripts/belka.js?id=410 | 200 OK Content-Length: 12503 Content-Type: text/javascript | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.2.6/jquery.min.js | 200 OK Content-Length: 55740 Content-Type: text/javascript | clean |
http://aegipt.pl/wp-content/themes/ocean-mist-2_0/scripts/oceanmist.js | 200 OK Content-Length: 3250 Content-Type: application/javascript | clean |
http://aegipt.pl/kontakt/ | 200 OK Content-Length: 12137 Content-Type: text/html | clean |
http://aegipt.pl/test404page.js | 404 Not Found Content-Length: 11211 Content-Type: text/html | clean |
http://aegipt.pl/page/2/ | 200 OK Content-Length: 16632 Content-Type: text/html | clean |
http://aegipt.pl/page/3/ | 200 OK Content-Length: 16671 Content-Type: text/html | clean |
http://aegipt.pl/page/4/ | 200 OK Content-Length: 16688 Content-Type: text/html | clean |
http://aegipt.pl/page/5/ | 200 OK Content-Length: 16566 Content-Type: text/html | clean |
http://aegipt.pl/feed/ | 200 OK Content-Length: 23261 Content-Type: text/xml | clean |
http://aegipt.pl/wp-content/uploads/2011/03/365296_berber_old_woman.jpg | 200 OK Content-Length: 15252 Content-Type: image/jpeg | clean |
http://aegipt.pl/wakacje-w-egipcie/ | 200 OK Content-Length: 12245 Content-Type: text/html | clean |
http://aegipt.pl/polozenie-egiptu/ | 200 OK Content-Length: 12285 Content-Type: text/html | clean |
http://aegipt.pl/panstwa-afryki/ | 200 OK Content-Length: 12306 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: aegipt.pl
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 21 Feb 2015 09:33:43 GMT
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-7
X-Pingback: http://aegipt.pl/xmlrpc.php
X-Powered-By: PHP/5.3.28
GET / HTTP/1.1
Host: aegipt.pl
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 21 Feb 2015 09:33:43 GMT
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-7
X-Pingback: http://aegipt.pl/xmlrpc.php
X-Powered-By: PHP/5.3.28
Second query (visit from search engine):
GET / HTTP/1.1
Host: aegipt.pl
Referer: http://www.google.com/search?q=aegipt.pl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: aegipt.pl
Referer: http://www.google.com/search?q=aegipt.pl
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=aegipt.pl
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://aegipt.pl/
Result: aegipt.pl is not infected or malware details are not published yet.
Result: aegipt.pl is not infected or malware details are not published yet.