Scanned pages/files
Request | Server response | Status |
http://saadullahaleem.com/ | 200 OK Content-Length: 10024 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://www.youtube.com/embed/pftkk22cbag?rel=0&autoplay=1&loop=1&playlist=eikpmibddpw <iframe width="1" height="1" src="http://www.youtube.com/embed/pftkk22cbag?rel=0&autoplay=1&loop=1&playlist=eikpmibddpw" frameborder="0" allowfullscreen> Deface/Content modification. The following signature was found: Hacked By MhTsHack <!DOCTYPE html> <html lang="tr"> <head> <meta name="apple-mobile-web-app-capable" content="yes"> <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no"> <meta charset="utf-8"> <!-- PAGE TITLE --> <title>Hacked By MhTsHack</title> <!-- GOOGLE FONTS --> <link href='http://fonts.googleapis.com/css?family=Lato:300,400,700|Raleway:300,400,500|Open+Sans:300,400,600,700,800' rel='stylesheet' type='text/css'> <!-- STYLESHEETS --> <link href="http://ayt-wgt.hostingsiteforfree.com/assets/css/bootstrap.min.css" rel="stylesheet" type="text/cs ...[11496 bytes skipped]... | ||
http://ayt-wgt.hostingsiteforfree.com/assets/js/jquery-1.11.1.min.js | 200 OK Content-Length: 95788 Content-Type: application/javascript | clean |
http://ayt-wgt.hostingsiteforfree.com/assets/js/bootstrap.min.js | 200 OK Content-Length: 34653 Content-Type: application/javascript | clean |
http://ayt-wgt.hostingsiteforfree.com/assets/js/jquery.cycle.min.js | 200 OK Content-Length: 24150 Content-Type: application/javascript | clean |
http://ayt-wgt.hostingsiteforfree.com/assets/js/jquery.parallax.min.js | 200 OK Content-Length: 9449 Content-Type: application/javascript | clean |
http://ayt-wgt.hostingsiteforfree.com/assets/js/jquery.backstretch.min.js | 200 OK Content-Length: 4238 Content-Type: application/javascript | clean |
http://argonet.org/wp-content/uploads/2015/05/turk4.js | 200 OK Content-Length: 36552 Content-Type: application/javascript | clean |
http://saadullahaleem.com/test404page.js | 200 OK Content-Length: 10024 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://www.youtube.com/embed/pftkk22cbag?rel=0&autoplay=1&loop=1&playlist=eikpmibddpw <iframe width="1" height="1" src="http://www.youtube.com/embed/pftkk22cbag?rel=0&autoplay=1&loop=1&playlist=eikpmibddpw" frameborder="0" allowfullscreen> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: saadullahaleem.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 29 May 2015 21:20:02 GMT
Server: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4
Content-Type: text/html
X-Powered-By: PHP/5.4.21
GET / HTTP/1.1
Host: saadullahaleem.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 29 May 2015 21:20:02 GMT
Server: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4
Content-Type: text/html
X-Powered-By: PHP/5.4.21
Second query (visit from search engine):
GET / HTTP/1.1
Host: saadullahaleem.com
Referer: http://www.google.com/search?q=saadullahaleem.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: saadullahaleem.com
Referer: http://www.google.com/search?q=saadullahaleem.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=saadullahaleem.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://saadullahaleem.com/
Result: saadullahaleem.com is not infected or malware details are not published yet.
Result: saadullahaleem.com is not infected or malware details are not published yet.