Scanned pages/files
Request | Server response | Status |
http://elato.nl/ | 200 OK Content-Length: 17996 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by FHmawE aTtAcker <html><head> <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1"> <title>Hacked by FHmawE aTtAcker </title></head> <body bgcolor="white"><link rel="SHORTCUT ICON" href="http://www.etudiant.ma/images/pays/ma.png"></title> <SCRIPT> var width=document.body.clientWidth; var height=document.body.clientHeight; function doClickText(who,type,step,timeOut) { document.getElementById(who).style.display="none"; ...[20716 bytes skipped]... | ||
http://anonxmaster.tk/Defacement/jquery.min.js | 200 OK Content-Length: 57254 Content-Type: application/javascript | clean |
http://anonxmaster.tk/Defacement/jquery.text-effects.js | 200 OK Content-Length: 3108 Content-Type: application/javascript | clean |
http://stats.hosting24.com/count.php | 200 OK Content-Length: 1251 Content-Type: application/javascript | clean |
http://elato.nl/test404page.js | 404 Not Found Content-Length: 954 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: elato.nl
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 14 Mar 2015 00:49:29 GMT
Server: Apache/2.0.54 (Fedora)
Content-Length: 17996
Content-Type: text/html
X-Powered-By: PHP/5.2.17
...17996 bytes of data.
GET / HTTP/1.1
Host: elato.nl
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 14 Mar 2015 00:49:29 GMT
Server: Apache/2.0.54 (Fedora)
Content-Length: 17996
Content-Type: text/html
X-Powered-By: PHP/5.2.17
...17996 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: elato.nl
Referer: http://www.google.com/search?q=elato.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: elato.nl
Referer: http://www.google.com/search?q=elato.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=elato.nl
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://elato.nl/
Result: elato.nl is not infected or malware details are not published yet.
Result: elato.nl is not infected or malware details are not published yet.