Scanned pages/files
Request | Server response | Status |
http://www.sladur.bg/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 30 May 2015 02:42:56 GMT Location: http://www.sladur.com/ Server: Apache/2.2.22 (Debian) Content-Length: 309 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.sladur.com/ | 200 OK Content-Length: 108218 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by HellStorm ...[89151 bytes skipped]... s="pr_fr_table_info" border="0" cellspacing="0" cellpadding="5" width="180"> <tr> <td width="30%"><a href="profile.php?id=153139"><img src="new_img/1/5/3/1/3/9/153139.jpg" border="0"></a> </td> <td valign="top"><span><a href="profile.php?id=153139"><strong>Hacked by HellStorm</strong></a>, offline, Ðловдив, 36</span></td> </tr> </table> </div> </div> <div style="position:relative;text-align:center;float:left;"> <div class="user_pic_fr" style="float:left;text-align:center;padding-left:0px;padding-right:5px;width:64px;margin:0px;"> ...[37775 bytes skipped]... | ||
http://www.sladur.com/common/funcs.js?3 | 200 OK Content-Length: 14076 Content-Type: application/javascript | clean |
http://www.sladur.bg/common/majax.js?2 | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 30 May 2015 02:42:59 GMT Location: http://www.sladur.com/common/majax.js?2 Server: Apache/2.2.22 (Debian) Content-Length: 326 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.sladur.com/common/majax.js?2 | 200 OK Content-Length: 7168 Content-Type: application/javascript | clean |
http://www.sladur.bg/common/motranslator/motranslatorUTF8.js?2 | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 30 May 2015 02:42:59 GMT Location: http://www.sladur.com/common/motranslator/motranslatorUTF8.js?2 Server: Apache/2.2.22 (Debian) Content-Length: 350 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.sladur.com/common/motranslator/motranslatorutf8.js?2 | HTTP/1.1 302 Found Connection: close Date: Sat, 30 May 2015 02:42:59 GMT Location: http://www.sladur.com/ Server: Apache/2.2.22 (Debian) Content-Length: 206 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.sladur.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Sat, 30 May 2015 02:43:00 GMT Location: http://www.sladur.com/ Server: Apache/2.2.22 (Debian) Content-Length: 206 Content-Type: text/html; charset=iso-8859-1 | clean |
http://ads.sladur.com/tools/ads/openx/www/delivery/spcjs.php?id=1&target=_blank | 200 OK Content-Length: 2434 Content-Type: application/x-javascript | clean |
http://connect.facebook.net/en_US/all.js | 200 OK Content-Length: 169853 Content-Type: application/x-javascript | clean |
http://www.160.bg/templates/last_topic3.js | 200 OK Content-Length: 659 Content-Type: application/javascript | clean |
http://www.daimam.com/productsget.php | 200 OK Content-Length: 266 Content-Type: text/html | clean |
http://www.daimam.com/product.php?ProductID=969 | 200 OK Content-Length: 40760 Content-Type: text/html | clean |
http://www.daimam.com/skins/skeleton/customer/js/thirdparty/jquery-1.4.2.min.js | 200 OK Content-Length: 72174 Content-Type: application/javascript | clean |
http://www.daimam.com/skins/skeleton/customer/js/thirdparty/jquery.colorbox.js | 200 OK Content-Length: 23877 Content-Type: application/javascript | clean |
http://www.daimam.com/skins/skeleton/customer/js/main.js | 200 OK Content-Length: 15659 Content-Type: application/javascript | clean |
http://www.daimam.com/skins/skeleton/modules/product_comparison/product_comparison.js | 200 OK Content-Length: 5013 Content-Type: application/javascript | clean |
http://www.daimam.com/skins/skeleton/customer/js/thirdparty/jquery.jqzoom-core-pack.js | 200 OK Content-Length: 12965 Content-Type: application/javascript | clean |
http://www.daimam.com/skins/skeleton/customer/js/jquery.jcarousel.min.js | 200 OK Content-Length: 16587 Content-Type: application/javascript | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 22091 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: sladur.bg
Result:
GET / HTTP/1.1
Host: sladur.bg
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: sladur.bg
Referer: http://www.google.com/search?q=sladur.bg
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: sladur.bg
Referer: http://www.google.com/search?q=sladur.bg
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=sladur.bg
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://sladur.bg/
Result: sladur.bg is not infected or malware details are not published yet.
Result: sladur.bg is not infected or malware details are not published yet.