Scanned pages/files
Request | Server response | Status |
http://ntatd.org/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 01 Oct 2014 17:23:36 GMT Location: http://www.ntatd.org/ Server: Apache/2.2.3 (CentOS) Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://keenxpo.com/wp/xmlrpc.php X-Powered-By: PHP/5.2.10 | clean |
http://www.ntatd.org/ | 200 OK Content-Length: 16924 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By YunusIncredibl <!doctype html> <!-- Start of page HTML5 enabled -->
<head> <!-- Start of head --> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"> <title> Hacked By YunusIncredibl</title> <link rel="shortcut icon" href="your upload path" /> <link rel="alternate" type="application/rss+xml" title="RSS 2.0" href="http://www.ntatd.org/?feed=rss2" /><!-- Feed --> <link rel="pingback" href="http://keenxpo.com/wp/xmlrpc.php" /> <link rel='stylesheet' id='body-font-css' href='http://fonts.googleapis.com/css?family=PT+Sans&v2& ...[19063 bytes skipped]... | ||
http://keenxpo.com/wp/wp-content/themes/vithy/sprites/js/jquery.js?ver=3.9.2 | 401 Authorization Required Content-Length: 1213 Content-Type: text/html | clean |
http://keenxpo.com/test404page.js | 404 Not Found Content-Length: 957 Content-Type: text/html | clean |
http://keenxpo.com/wp/wp-content/themes/vithy/sprites/js/jquery.prettyPhoto.js?ver=3.9.2 | 401 Authorization Required Content-Length: 1213 Content-Type: text/html | clean |
http://keenxpo.com/wp/wp-content/themes/vithy/sprites/js/swfobject.js?ver=3.9.2 | 401 Authorization Required Content-Length: 1213 Content-Type: text/html | clean |
http://keenxpo.com/wp/wp-content/themes/vithy/sprites/js/jquery-ui.custom.min.js?ver=3.9.2 | 401 Authorization Required Content-Length: 1213 Content-Type: text/html | clean |
http://keenxpo.com/wp/wp-content/themes/vithy/sprites/js/jquery.quartz.js?ver=3.9.2 | 401 Authorization Required Content-Length: 1213 Content-Type: text/html | clean |
http://keenxpo.com/wp/wp-content/themes/vithy/sprites/js/custom.js?ver=3.9.2 | 401 Authorization Required Content-Length: 1213 Content-Type: text/html | clean |
http://keenxpo.com/wp/wp-admin/js/accordion.min.js?ver=3.9.2 | 401 Authorization Required Content-Length: 1213 Content-Type: text/html | clean |
http://keenxpo.com/wp/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20 | 401 Authorization Required Content-Length: 1213 Content-Type: text/html | clean |
http://keenxpo.com/wp/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.9.1 | 401 Authorization Required Content-Length: 1213 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ntatd.org
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 01 Oct 2014 17:23:36 GMT
Location: http://www.ntatd.org/
Server: Apache/2.2.3 (CentOS)
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://keenxpo.com/wp/xmlrpc.php
X-Powered-By: PHP/5.2.10
...0 bytes of data.
GET / HTTP/1.1
Host: ntatd.org
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 01 Oct 2014 17:23:36 GMT
Location: http://www.ntatd.org/
Server: Apache/2.2.3 (CentOS)
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://keenxpo.com/wp/xmlrpc.php
X-Powered-By: PHP/5.2.10
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ntatd.org
Referer: http://www.google.com/search?q=ntatd.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ntatd.org
Referer: http://www.google.com/search?q=ntatd.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ntatd.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ntatd.org/
Result: ntatd.org is not infected or malware details are not published yet.
Result: ntatd.org is not infected or malware details are not published yet.