Scanned pages/files
Request | Server response | Status |
http://www.delfin.org.ua/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 21 Dec 2015 02:37:42 GMT Location: http://delfin.org.ua/ Server: nginx Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-7 X-Content-Type-Options: nosniff X-Pingback: http://delfin.org.ua/xmlrpc.php X-XSS-Protection: 1; mode=block | clean |
http://delfin.org.ua/ | 200 OK Content-Length: 54309 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: +ADw-font face+AD0AIg-trebuchet ms+ACIAPg Hacked By+ADw-font color+AD0AIg-red+ACIAPg Ayar +ADw-/font ...[4037 bytes skipped]... ://byayarhacked.files.wordpress.com/2015/08/18-mart-canakkale-zaferi-siirleri-ve-tum-ayrintilari-tikla-ogren-640x360.jpg+ACI border+AD0-0+AD4APA-/p+AD4 +ADw-p align+AD0-center style+AD0'text-align:center'+AD4APA-b+AD4APA-span style+AD0'color:red'+AD4APA-/span+AD4APA-/b+AD4APA-span +ADw-br+AD4 +ADw-font face+AD0AIg-trebuchet ms+ACIAPg Hacked By+ADw-font color+AD0AIg-red+ACIAPg Ayar +ADw-/font+AD4APA-/font+AD4 +ADw-br+AD4 +ADw-font face+AD0AIg-trebuchet ms+ACIAPg +ADw-font color+AD0AIg-red+ACIAPg-Ne Mutlu Turkum DiyeNe.+ACEAPA-/font+AD4APA-/font+AD4 +ADw-br+AD4APA-br+AD4APA-font face+AD0AIg-trebuchet ms+ACIAPgA8-font color+AD0AIg-red+ACIAPg-Tim +ADs +ADw-/font+AD4-H4CK4L +AH4 Ayar +AH4 H4SEC +AH4 Mr.F92 +AH4 KingSkrupellos +AH4 Archavin +AH4 D3NG3 +AH4 1ht1y+AEA-r + ...[57633 bytes skipped]... | ||
http://delfin.org.ua/wp-includes/js/comment-reply.min.js?ver=3.6.1 | 200 OK Content-Length: 786 Content-Type: application/x-javascript | clean |
http://delfin.org.ua/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 93085 Content-Type: application/x-javascript | clean |
http://delfin.org.ua/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/x-javascript | clean |
http://delfin.org.ua/wp-content/plugins/flash-album-gallery/admin/js/swfobject.js?ver=2.2 | 200 OK Content-Length: 11754 Content-Type: application/x-javascript | clean |
http://delfin.org.ua/wp-content/plugins/flash-album-gallery/admin/js/swfaddress.js?ver=2.4 | 200 OK Content-Length: 15916 Content-Type: application/x-javascript | clean |
http://delfin.org.ua/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.40.0-2013.08.13 | 200 OK Content-Length: 14625 Content-Type: application/x-javascript | clean |
http://delfin.org.ua/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.5.2 | 200 OK Content-Length: 8326 Content-Type: application/x-javascript | clean |
http://www.delfin.org.ua/articles/64/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 21 Dec 2015 02:37:44 GMT Location: http://delfin.org.ua/articles/64/ Server: nginx Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-7 X-Content-Type-Options: nosniff X-Pingback: http://delfin.org.ua/xmlrpc.php X-XSS-Protection: 1; mode=block | clean |
http://delfin.org.ua/articles/64/ | 200 OK Content-Length: 43033 Content-Type: text/html | clean |
http://delfin.org.ua/dolphinariums/ | 200 OK Content-Length: 43656 Content-Type: text/html | clean |
http://delfin.org.ua/dolphinariums/kiev/ | 200 OK Content-Length: 42707 Content-Type: text/html | clean |
http://delfin.org.ua/dolphinariums/kiev_nemo/ | 200 OK Content-Length: 42603 Content-Type: text/html | clean |
http://delfin.org.ua/dolphinariums/odessa/ | 200 OK Content-Length: 42799 Content-Type: text/html | clean |
http://delfin.org.ua/dolphinariums/crimea_alushta/ | 200 OK Content-Length: 42743 Content-Type: text/html | clean |
http://delfin.org.ua/dolphinariums/sevastopol_oceonarium/ | 200 OK Content-Length: 42930 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: delfin.org.ua
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 21 Dec 2015 02:37:43 GMT
Server: nginx
Vary: Accept-Encoding
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-7
X-Content-Type-Options: nosniff
X-Pingback: http://delfin.org.ua/xmlrpc.php
X-XSS-Protection: 1; mode=block
GET / HTTP/1.1
Host: delfin.org.ua
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 21 Dec 2015 02:37:43 GMT
Server: nginx
Vary: Accept-Encoding
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-7
X-Content-Type-Options: nosniff
X-Pingback: http://delfin.org.ua/xmlrpc.php
X-XSS-Protection: 1; mode=block
Second query (visit from search engine):
GET / HTTP/1.1
Host: delfin.org.ua
Referer: http://www.google.com/search?q=delfin.org.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: delfin.org.ua
Referer: http://www.google.com/search?q=delfin.org.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=delfin.org.ua
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://delfin.org.ua/
Result: delfin.org.ua is not infected or malware details are not published yet.
Result: delfin.org.ua is not infected or malware details are not published yet.