Scanned pages/files
| Request | Server response | Status |
http://ch4tl4k.wordpress.com/ | 200 OK Content-Length: 44093 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By ChatLak ...[15099 bytes skipped]... rized</a></p> </div> <div class="bot"> </div> </div><!-- .meta --> <p class="tags">Etiketler: <a href="http://ch4tl4k.wordpress.com/tag/chatlak/" rel="tag">ChatLak</a>, <a href="http://ch4tl4k.wordpress.com/tag/fiat/" rel="tag">Fiat</a>, <a href="http://ch4tl4k.wordpress.com/tag/hacked-by-chatlak/" rel="tag">Hacked By ChatLak</a>, <a href="http://ch4tl4k.wordpress.com/tag/hyundai/" rel="tag">Hyundai:</a>, <a href="http://ch4tl4k.wordpress.com/tag/x-04-crew/" rel="tag">x-04 crew</a></p> </div> <div class="post-30 post type-post status-publish format-standard hentry category-uncategorized tag-chatlak tag-hack tag-imhatimi"> <h2 class="post-title"> <a href="http://ch4tl4k.wordpress.com/2013/05/21/imhatimi-hackin ...[35593 bytes skipped]... | ||
http://s0.wp.com/_static/??-eJyFkNsOwiAMQH9IxrZo4ovxW3bpSBEoUhjRrxeTGTXO7KlNe9LTVmYvBnIRXJSapaUeDYjEEDpVagLdRJXmnSwcusGkEfgJ6muCcFvCJiAsqtBFqCy6F/xh9cTRAnNRrnS/VehmhLyJaYi+Gy4iAOP9Z2pvSAlvkkLHsuQKRkpRTGQMZZlxVBDXjmL/3v//NxbqbE/Nvq4Px6atW/0AiPqGzQ== | 200 OK Content-Length: 169863 Content-Type: application/x-javascript | clean |
http://ch4tl4k.wordpress.com//0.gravatar.com/js/gprofiles.js?ver=201444x/ | 404 Not Found Content-Length: 564 Content-Type: text/html | clean |
http://ch4tl4k.wordpress.com/test404page.js | 404 Not Found Content-Length: 564 Content-Type: text/html | clean |
http://s2.wp.com/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1380573781g | 200 OK Content-Length: 582 Content-Type: application/x-javascript | clean |
http://s0.wp.com/_static/??/wp-content/js/jquery/jquery.autoresize.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1414003384j | 200 OK Content-Length: 41541 Content-Type: application/x-javascript | clean |
http://s2.wp.com/_static/??-eJyNjtEOgjAMRX/IOYmE6IPxW7AU6RzrXDeQvxdJRowPxLfb9p6T6tErYBfRRW1ENzgQoH/tjez016lPytt0JyeaXEuO4rSGja50HCJwg/KRm2fCMO1hAot/Q2JpTh2Pat1nlhzYlGtjyzeDEH/F2TrMGta1CMYFWGYfUGTjFagDJ0GrDUZfw0Plxcxc+0tRFsfyVFWHs3kDS9R7YQ== | 200 OK Content-Length: 184182 Content-Type: application/x-javascript | clean |
http://platform.twitter.com/widgets.js?ver=20111117 | 200 OK Content-Length: 108407 Content-Type: application/javascript | clean |
http://s0.wp.com/_static/??-eJyVy7EOQEAMANAfUnViYBDfgmsupepyivh7VpMY3/DwjDCuaqSGyw5R9sC6oZ1sRgkG6cd54OQhMqHSQYnUs4Z82jL8c+P3YyEPoRehdL31rG5pXVXUTVO70k03DU5D1g== | 200 OK Content-Length: 6951 Content-Type: application/x-javascript | clean |
http://s.skimresources.com/js/725X1342.skimlinks.js | 200 OK Content-Length: 66762 Content-Type: application/javascript | clean |
http://ch4tl4k.wordpress.com//stats.wp.com/w.js?23/ | 404 Not Found Content-Length: 564 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ch4tl4k.wordpress.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=300, must-revalidate
Connection: close
Date: Sat, 01 Nov 2014 10:11:36 GMT
Server: nginx
Vary: Accept-Encoding
Vary: Cookie
Content-Type: text/html; charset=UTF-8
Last-Modified: Sat, 01 Nov 2014 10:11:36 GMT
Link: <http://wp.me/3ju1w>; rel=shortlink
X-Ac: 1.lon _sat
X-Hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
X-Nananana: Batcache
X-Pingback: http://ch4tl4k.wordpress.com/xmlrpc.php
GET / HTTP/1.1
Host: ch4tl4k.wordpress.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=300, must-revalidate
Connection: close
Date: Sat, 01 Nov 2014 10:11:36 GMT
Server: nginx
Vary: Accept-Encoding
Vary: Cookie
Content-Type: text/html; charset=UTF-8
Last-Modified: Sat, 01 Nov 2014 10:11:36 GMT
Link: <http://wp.me/3ju1w>; rel=shortlink
X-Ac: 1.lon _sat
X-Hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
X-Nananana: Batcache
X-Pingback: http://ch4tl4k.wordpress.com/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: ch4tl4k.wordpress.com
Referer: http://www.google.com/search?q=ch4tl4k.wordpress.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ch4tl4k.wordpress.com
Referer: http://www.google.com/search?q=ch4tl4k.wordpress.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ch4tl4k.wordpress.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ch4tl4k.wordpress.com/
Result: ch4tl4k.wordpress.com is not infected or malware details are not published yet.
Result: ch4tl4k.wordpress.com is not infected or malware details are not published yet.