Scanned pages/files
Request | Server response | Status |
http://www.egipt-egipt.pl/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 17 Feb 2015 07:45:46 GMT Location: http://egipt-egipt.pl/ Server: Apache/2 Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-7 X-Pingback: http://egipt-egipt.pl/xmlrpc.php X-Powered-By: PHP/5.3.28 | clean |
http://egipt-egipt.pl/ | 200 OK Content-Length: 14283 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: +ADw-title+AD4-Hacked By Must+AEA-f+AEAAPA-/title+AD4 ...[176 bytes skipped]... en" lang="en"> <head><script src="http://www.traveligo.pl/scripts/belka.js?id=410" charset="ISO-8859-2" language="javascript"></script> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <meta name="distribution" content="global" /> <title> +ADw-/title+AD4APA-html+AD4 +ADw-meta charset+AD0AIg-UTF-8+ACIAPg +ADw-title+AD4-Hacked By Must+AEA-f+AEAAPA-/title+AD4 +ADw-body bgcolor+AD0AIg-black+ACI oncontextmenu+AD0AIg-return false+ACI onselectstart+AD0AIg-return false+ACI ondragstart+AD0AIg-return false+ACIAPg +ADw-link href+AD0AIg-http://fonts.googleapis.com/css?family+AD0-Share+ACs-Tech+ACs-Mono+ACI rel+AD0AIg-stylesheet+ACI type+AD0AIg-text/css+ACIAPg +ADw-center+AD4 +ADw-br+AD4APA-br+AD4 +ADw-img src+AD0AIg-http://i.hizliresim.com/7mQ7gv.jpg+ACI style+AD0AIg-opacity:0.4+ADs-filter:alp ...[14508 bytes skipped]... | ||
http://www.traveligo.pl/scripts/belka.js?id=410 | 200 OK Content-Length: 12577 Content-Type: text/javascript | clean |
http://egipt-egipt.pl/wp-includes/js/l10n.js?ver=20101110 | 200 OK Content-Length: 308 Content-Type: application/javascript | clean |
http://egipt-egipt.pl/wp-includes/js/jquery/jquery.js?ver=1.4.4 | 200 OK Content-Length: 78620 Content-Type: application/javascript | clean |
http://latolastminute.pl/wp-content/plugins/contact-form-7/jquery.form.js?ver=2.47 | 500 Can't connect to latolastminute.pl:80 Content-Length: 192 Content-Type: text/plain | clean |
http://latolastminute.pl/test404page.js | 500 Can't connect to latolastminute.pl:80 Content-Length: 192 Content-Type: text/plain | clean |
http://latolastminute.pl/wp-content/plugins/contact-form-7/scripts.js?ver=2.4.1 | 500 Can't connect to latolastminute.pl:80 Content-Length: 192 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: egipt-egipt.pl
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 Feb 2015 07:45:47 GMT
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-7
X-Pingback: http://egipt-egipt.pl/xmlrpc.php
X-Powered-By: PHP/5.3.28
GET / HTTP/1.1
Host: egipt-egipt.pl
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 Feb 2015 07:45:47 GMT
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-7
X-Pingback: http://egipt-egipt.pl/xmlrpc.php
X-Powered-By: PHP/5.3.28
Second query (visit from search engine):
GET / HTTP/1.1
Host: egipt-egipt.pl
Referer: http://www.google.com/search?q=egipt-egipt.pl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: egipt-egipt.pl
Referer: http://www.google.com/search?q=egipt-egipt.pl
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=egipt-egipt.pl
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://egipt-egipt.pl/
Result: egipt-egipt.pl is not infected or malware details are not published yet.
Result: egipt-egipt.pl is not infected or malware details are not published yet.