Scanned pages/files
Request | Server response | Status |
http://interm.ge/ | 200 OK Content-Length: 46382 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by Alosh ...[137 bytes skipped]... IE 7]> <html class="no-js lt-ie9 lt-ie8"> <![endif]--> <!--[if IE 8]> <html class="no-js lt-ie9"> <![endif]--> <!--[if gt IE 8]><!--> <html class="no-js"> <!--<![endif]--> <head> <meta charset="UTF-7"> <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"> <title>Hacked by Alosh</title> <meta name="description" content=""> <meta name="viewport" content="width=1100"> <link rel="shortcut icon" href="<title>Hacked By Alosh</title><html><head>/title><a href="https://www.facebook.com/alaw33333112ee1" target="_blank"> <img src=" http://www.wata.cc/up/2015/04/images/w-4b09ddaa79.png" alt="" style="position:fixed;top:200px;right:10px; border: #000" height=" ...[57474 bytes skipped]... | ||
http://www.google.com/recaptcha/api/challenge?k=6LfFNvcSAAAAAF0TQ_dzvy3EYwPsT8kphyoZfX1B&hl=en | 200 OK Content-Length: 9147 Content-Type: text/javascript | clean |
http://interm.ge/tel:(+995) 790 790 007 | 404 Not Found Content-Length: 56 Content-Type: text/html | clean |
http://interm.ge/test404page.js | 404 Not Found Content-Length: 56 Content-Type: text/html | clean |
http://interm.ge/ge/ | HTTP/1.1 302 Moved Temporarily Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 12 Oct 2015 10:17:27 GMT Pragma: no-cache Location: http://interm.ge/ Server: Apache/2.4.12 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=1c8a3574242d4329458fb78c43c37abb; path=/ Set-Cookie: qtrans_front_language=ge; expires=Tue, 11-Oct-2016 10:17:27 GMT; path=/ X-Powered-By: PHP/5.4.42 | clean |
http://interm.ge/en/ | 200 OK Content-Length: 44778 Content-Type: text/html | clean |
http://interm.ge/en | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 12 Oct 2015 10:17:29 GMT Pragma: no-cache Location: http://interm.ge/en/ Server: Apache/2.4.12 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Content-Length: 0 Content-Type: text/html; charset=UTF-7 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=4edf2eb51be63552ab960e8a6bd25d05; path=/ Set-Cookie: qtrans_front_language=en; expires=Tue, 11-Oct-2016 10:17:29 GMT; path=/ X-Powered-By: PHP/5.4.42 | clean |
http://interm.ge/en/tel:(+995) 790 790 007 | 404 Not Found Content-Length: 56 Content-Type: text/html | clean |
http://interm.ge/en/about-us/ | 200 OK Content-Length: 35434 Content-Type: text/html | clean |
http://interm.ge/en/about-us/tel:(+995) 790 790 007 | 404 Not Found Content-Length: 56 Content-Type: text/html | clean |
http://interm.ge/ge/about-us/ | HTTP/1.1 302 Moved Temporarily Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 12 Oct 2015 10:17:31 GMT Pragma: no-cache Location: http://interm.ge/about-us/ Server: Apache/2.4.12 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=5f8e28f1a926ef98c9ff23269daee64c; path=/ Set-Cookie: qtrans_front_language=ge; expires=Tue, 11-Oct-2016 10:17:31 GMT; path=/ X-Powered-By: PHP/5.4.42 | clean |
http://interm.ge/about-us/ | 200 OK Content-Length: 37538 Content-Type: text/html | clean |
http://interm.ge/about-us/tel:(+995) 790 790 007 | 404 Not Found Content-Length: 56 Content-Type: text/html | clean |
http://interm.ge/print-services/ | 200 OK Content-Length: 37880 Content-Type: text/html | clean |
http://interm.ge/print-services/tel:(+995) 790 790 007 | 404 Not Found Content-Length: 56 Content-Type: text/html | clean |
http://interm.ge/ge/print-services/ | HTTP/1.1 302 Moved Temporarily Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 12 Oct 2015 10:17:33 GMT Pragma: no-cache Location: http://interm.ge/print-services/ Server: Apache/2.4.12 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Content-Length: 0 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=ecb84d3d444e807cd2b417cf73636d72; path=/ Set-Cookie: qtrans_front_language=ge; expires=Tue, 11-Oct-2016 10:17:33 GMT; path=/ X-Powered-By: PHP/5.4.42 | clean |
http://interm.ge/en/print-services/ | 200 OK Content-Length: 35792 Content-Type: text/html | clean |
http://interm.ge/en/print-services/tel:(+995) 790 790 007 | 404 Not Found Content-Length: 56 Content-Type: text/html | clean |
http://interm.ge/en/print-services/indoor-outdoor-printers/ | 200 OK Content-Length: 36574 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: interm.ge
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 12 Oct 2015 10:17:25 GMT
Pragma: no-cache
Server: Apache/2.4.12 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html; charset=UTF-7
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=17f4dcd514787327d20b237832b13e33; path=/
Set-Cookie: qtrans_front_language=ge; expires=Tue, 11-Oct-2016 10:17:25 GMT; path=/
X-Powered-By: PHP/5.4.42
GET / HTTP/1.1
Host: interm.ge
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 12 Oct 2015 10:17:25 GMT
Pragma: no-cache
Server: Apache/2.4.12 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html; charset=UTF-7
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=17f4dcd514787327d20b237832b13e33; path=/
Set-Cookie: qtrans_front_language=ge; expires=Tue, 11-Oct-2016 10:17:25 GMT; path=/
X-Powered-By: PHP/5.4.42
Second query (visit from search engine):
GET / HTTP/1.1
Host: interm.ge
Referer: http://www.google.com/search?q=interm.ge
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: interm.ge
Referer: http://www.google.com/search?q=interm.ge
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=interm.ge
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://interm.ge/
Result: interm.ge is not infected or malware details are not published yet.
Result: interm.ge is not infected or malware details are not published yet.