Scanned pages/files
Request | Server response | Status |
http://atmajayatrans.com/ | 200 OK Content-Length: 8752 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By ph@ntom~l@dy7 <html>
<head> <title>./Mr.ApaPedulimu</title> <link rel="SHORTCUT ICON" href="https://scontent-b-sin.xx.fbcdn.net/hphotos-xpa1/v/t1.0-9/10603277_598107666966394_8859334398298980968_n.jpg?oh=c3e4add94b922afb202877a74a7e7644&oe=549342F0"> <meta content='Hacked By ph@ntom~l@dy7' name='description'/> <meta content='Hacked By ph@ntom~l@dy7' name='keywords'/> <meta content='Hacked By ph@ntom~l@dy7' name='Abstract'/> </head> <script language="JavaScript1.2"> //change 1 to another integer to alter the scroll speed. Greater is faster var speed=2 var currentpos=0,alt=1,curpos1=0,curpos2=-1 function ...[9301 bytes skipped]... | ||
http://www.clocklink.com/embed.js | 200 OK Content-Length: 2949 Content-Type: text/javascript | clean |
http://atmajayatrans.com/test404page.js | 200 OK Content-Length: 8752 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: atmajayatrans.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 10 Oct 2014 19:24:52 GMT
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/10.10
Content-Type: text/html
X-Powered-By: PHP/5.3.27
GET / HTTP/1.1
Host: atmajayatrans.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 10 Oct 2014 19:24:52 GMT
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_qos/10.10
Content-Type: text/html
X-Powered-By: PHP/5.3.27
Second query (visit from search engine):
GET / HTTP/1.1
Host: atmajayatrans.com
Referer: http://www.google.com/search?q=atmajayatrans.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: atmajayatrans.com
Referer: http://www.google.com/search?q=atmajayatrans.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=atmajayatrans.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://atmajayatrans.com/
Result: atmajayatrans.com is not infected or malware details are not published yet.
Result: atmajayatrans.com is not infected or malware details are not published yet.