Scanned pages/files
Request | Server response | Status |
http://atl-1.com/ | 200 OK Content-Length: 17238 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: center+ADsAPQAiACIAPgA8-font size+AD0AIg-5+ACIAPg-Hacked By Akram Stelle+ADw-/font+AD4APA-/h1+AD4 ...[2204 bytes skipped]... Fuck Israel +ACY FreeDom For palestine+ADw-/h1+AD4 +ADw-div id+AD0AIg-tool+ACIAPgA8-p align+AD0AIg-center+ACIAPgA8-img height+AD0AIg-400+ACI width+AD0AIg-422+ACI border+AD0AIg-0+ACI src+AD0AIg-http://im43.gulfup.com/vUvokq.jpg+ACIAPgA8-/p+AD4APA-p+AD4APA-/p+AD4 +ADw-h1 style+AD0AIg-color: +ACM-444444+ADs text-shadow: 0px 0px 1px +ACM-000000+ACI +ADs-text-align:+AD0AIgAi center+ADsAPQAiACIAPgA8-font size+AD0AIg-5+ACIAPg-Hacked By Akram Stelle+ADw-/font+AD4APA-/h1+AD4 +ADw-h1 style+AD0AIg-color: +ACM-12544+ADs text-shadow: 0px 0px 1px +ACM-000000+ACI +ADs-text-align:+AD0AIgAi center+ADsAPQAiACIAPgA8-font size+AD0AIg-5+ACIAPg-I Know You Have Security Here+ADw-/font+AD4APA-/h1+AD4 +ADw-h1 style+AD0AIg-color: +ACM-444444+ADs text-shadow: 0px 0px 1px +ACM-000000+ACI +ADs-text-align:+AD0AIgAi center+ADsAPQAiACIAPgA8-font size+AD0AIg-5+ACIAPg-But it’s fucked By Me +ACEAIQ haha+ADw-/f ...[16442 bytes skipped]... | ||
http://atl-1.com/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 93085 Content-Type: application/javascript | clean |
http://atl-1.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
https://ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js | 200 OK Content-Length: 85260 Content-Type: text/javascript | clean |
http://atl-1.com/wp-content/themes/atl/js/fancybox/jquery.fancybox-1.3.4.pack.js | 200 OK Content-Length: 15624 Content-Type: application/javascript | clean |
http://atl-1.com/wp-content/themes/atl/js/common.js | 200 OK Content-Length: 294 Content-Type: application/javascript | clean |
http://atl-1.com/kontakty/ | 200 OK Content-Length: 13393 Content-Type: text/html | clean |
http://atl-1.com/karta-sajta/ | 200 OK Content-Length: 14728 Content-Type: text/html | clean |
http://atl-1.com/o-kompanii/ | 200 OK Content-Length: 17098 Content-Type: text/html | clean |
http://atl-1.com/o-kompanii/obzor-kompanii/ | 200 OK Content-Length: 17315 Content-Type: text/html | clean |
http://atl-1.com/o-kompanii/vakansii/ | 200 OK Content-Length: 12230 Content-Type: text/html | clean |
http://atl-1.com/uslugi/ | 200 OK Content-Length: 13721 Content-Type: text/html | clean |
http://atl-1.com/uslugi/morskie-perevozki/ | 200 OK Content-Length: 15245 Content-Type: text/html | clean |
http://atl-1.com/uslugi/zheleznodorozhnye-perevozki/ | 200 OK Content-Length: 15521 Content-Type: text/html | clean |
http://atl-1.com/uslugi/avtomobilnye-gruzoperevozki/ | 200 OK Content-Length: 15123 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: atl-1.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 29 Aug 2014 16:06:21 GMT
Server: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 mod_fcgid/2.3.6
Content-Type: text/html; charset=UTF-7
Link: <http://atl-1.com/?p=7>; rel=shortlink
X-Powered-By: PHP/5.3.13
GET / HTTP/1.1
Host: atl-1.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 29 Aug 2014 16:06:21 GMT
Server: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 mod_fcgid/2.3.6
Content-Type: text/html; charset=UTF-7
Link: <http://atl-1.com/?p=7>; rel=shortlink
X-Powered-By: PHP/5.3.13
Second query (visit from search engine):
GET / HTTP/1.1
Host: atl-1.com
Referer: http://www.google.com/search?q=atl-1.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: atl-1.com
Referer: http://www.google.com/search?q=atl-1.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=atl-1.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://atl-1.com/
Result: atl-1.com is not infected or malware details are not published yet.
Result: atl-1.com is not infected or malware details are not published yet.