Scanned pages/files
Request | Server response | Status |
http://be-tlv.co.il/ | 200 OK Content-Length: 2171 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: [ Hacked By X-BLack ] ...[374 bytes skipped]... <center><center><center><center><center><center><center><center><center><center><center><center><center><center><center><center><center><center><center><center><center><center><center><center><center><center><center><center><center> <title>[ Hacked By X-BLack ]</title> <p><img src="https://scontent-a-cdg.xx.fbcdn.net/hphotos-xaf1/t1.0-9/10365860_1425641307701100_4040182359419331338_n.jpg"></p><p></p> <p align="center"> <b><font size="7" face="Courier New">Ŧυ¢kë๔ ßŶ א-Bℓα¢k</font></b> </p><p align="center"></p><h1 class="Blue"> ...[1886 bytes skipped]... | ||
http://be-tlv.co.il//www.blogger.com/static/v1/common/js/3472483503-csitail.js/ | 404 Not Found Content-Length: 256 Content-Type: text/html | clean |
http://be-tlv.co.il/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: be-tlv.co.il
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 20 Oct 2014 19:27:28 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Set-Cookie: 720planBAK=R3744886473; path=/; expires=Mon, 20-Oct-2014 20:25:31 GMT
Set-Cookie: 720planD=R2965169601; path=/; Max-Age=900
X-Powered-By: PHP/5.6.0
GET / HTTP/1.1
Host: be-tlv.co.il
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 20 Oct 2014 19:27:28 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Set-Cookie: 720planBAK=R3744886473; path=/; expires=Mon, 20-Oct-2014 20:25:31 GMT
Set-Cookie: 720planD=R2965169601; path=/; Max-Age=900
X-Powered-By: PHP/5.6.0
Second query (visit from search engine):
GET / HTTP/1.1
Host: be-tlv.co.il
Referer: http://www.google.com/search?q=be-tlv.co.il
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: be-tlv.co.il
Referer: http://www.google.com/search?q=be-tlv.co.il
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=be-tlv.co.il
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://be-tlv.co.il/
Result: be-tlv.co.il is not infected or malware details are not published yet.
Result: be-tlv.co.il is not infected or malware details are not published yet.