Website with outdated software defaced...

Viruses and worms
1

See: http://killmalware.com/gallery.co.il/#
Missed as VT won’t detect most non-malign defacements: https://www.virustotal.com/en/url/3ae130a41788a2c953ad736a724bb691c068f93cbe9b507f2b0e6058d1f15b49/analysis/1426887871/
Web application details:
Running cPanel 11.42.1.31: gallery dot co dot il:2082
Outdated Web Server Apache Found: Apache/2.2.25
Excessive Server Header Info Proliferation: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Security header situation with 4 correct implications is not bad.
Stealth name servers: http://www.dnsinspect.com/gallery.co.il/1426888186
RBL check: We found blacklisted mail servers:
209.51.157.242
zen.spamhaus.org. → http://www.spamhaus.org/query/bl?ip=209.51.157.242
Here Quttera missed detection: http://quttera.com/detailed_report/gallery.co.il
bad webhost and dictionnairy attacker: http://www.projecthoneypot.org/ip_209.51.157.242
Sucuri is the one to detect: Web site defaced. Details: http://sucuri.net/malware/entry/MW:DEFACED:01
Hacked By Solt6n

polonus
2

Suspicion of defacement:

r>hacked by solt6n

<ul id=“g-credits” class="g-inlin…

Included script check: Suspect - please check list for unknown includes

-/index.php/combined/javascript/e3383c57aa85a502e82a9bce1a4bad88

External links check: htxp://www.addthis.com/bookmark.php?v=250 → ‘’
htxp://gallery.menalto.com → ‘gallery 3.0 (santa fe)’

Tracker tracker report attached - do not open links in a browser - for research purposes only.
One privacy endangering tracker → https://www.mywot.com/en/scorecard/site.adform.com?utm_source=addon&utm_content=popup Adform/Adchoices - privacy risks.

polonus