Scanned pages/files
Request | Server response | Status |
http://cheaptickettokorea.com/ | 200 OK Content-Length: 60411 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: +ADw-/title+AD4-Hacked by White-Shadow / B3YAZ.ORG+ADw-DIV style+AD0AIg-DISPLAY: none+ACIAPgA8-xmp+A ...[68500 bytes skipped]... 7.addthis.com/js/250/addthis_widget.js#pubid=ra-4dfc41630893f031"></script> <!-- AddThis Button END --> </div> </div><!--footer --> </div><!--wrap-inside --> </div><!--wrap --> <div id="wp-admin-bar"><div class="padder"><a href="http://travellow.com" id="admin-bar-logo">+ADw-/title+AD4-Hacked by White-Shadow / B3YAZ.ORG+ADw-DIV style+AD0AIg-DISPLAY: none+ACIAPgA8-xmp+AD4-</a><ul class="main-nav"><li class="bp-login no-arrow"><a href="http://travellow.com/wp-login.php?redirect_to=http%3A%2F%2Ftravellow.com">Log In</a></li><li class="bp-signup no-arrow"><a href="http://travellow.com/wp-signup.php">Sign Up</a></li><li id="bp-adminbar-authors-menu"><a href="/">Blog Authors</a><ul class="author-list"><li><a href ...[1309 bytes skipped]... | ||
http://cheaptickettokorea.com/wp-content/themes/faretiger/js/clear_textbox.js | 200 OK Content-Length: 197 Content-Type: application/javascript | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js | 200 OK Content-Length: 85260 Content-Type: text/javascript | clean |
http://cheaptickettokorea.com//ajax.googleapis.com/ajax/libs/prototype/1.7.1.0/prototype.js?ver=1.7.1/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Cache-Control: max-age=1, private, must-revalidate Connection: close Date: Thu, 15 Jan 2015 10:59:49 GMT Pragma: no-cache Location: http://cheaptickettokorea.com/ajax.googleapis.com/ajax/libs/prototype/1.7.1.0/prototype.js?ver=1.7.1/ Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Vary: Cookie Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: PHPSESSID=35900c7a67083200e6c55324174944c8; path=/ Set-Cookie: bp-message=deleted; expires=Wed, 15-Jan-2014 10:59:49 GMT; path=/ Set-Cookie: bp-message-type=deleted; expires=Wed, 15-Jan-2014 10:59:49 GMT; path=/ X-Pingback: http://cheaptickettokorea.com/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://cheaptickettokorea.com/ajax.googleapis.com/ajax/libs/prototype/1.7.1.0/prototype.js?ver=1.7.1/ | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://cheaptickettokorea.com/test404page.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://cheaptickettokorea.com//ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/scriptaculous.js?ver=1.9.0/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Cache-Control: max-age=1, private, must-revalidate Connection: close Date: Thu, 15 Jan 2015 11:00:00 GMT Pragma: no-cache Location: http://cheaptickettokorea.com/ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/scriptaculous.js?ver=1.9.0/ Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Vary: Cookie Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: PHPSESSID=6ca67a892480921d54a1b4b7506f1b74; path=/ Set-Cookie: bp-message=deleted; expires=Wed, 15-Jan-2014 11:00:00 GMT; path=/ Set-Cookie: bp-message-type=deleted; expires=Wed, 15-Jan-2014 11:00:00 GMT; path=/ X-Pingback: http://cheaptickettokorea.com/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://cheaptickettokorea.com/ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/scriptaculous.js?ver=1.9.0/ | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://cheaptickettokorea.com//ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/builder.js?ver=1.9.0/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Cache-Control: max-age=1, private, must-revalidate Connection: close Date: Thu, 15 Jan 2015 11:00:06 GMT Pragma: no-cache Location: http://cheaptickettokorea.com/ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/builder.js?ver=1.9.0/ Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Vary: Cookie Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: PHPSESSID=bdbcf01744b79650d8a263f99a97091a; path=/ Set-Cookie: bp-message=deleted; expires=Wed, 15-Jan-2014 11:00:05 GMT; path=/ Set-Cookie: bp-message-type=deleted; expires=Wed, 15-Jan-2014 11:00:05 GMT; path=/ X-Pingback: http://cheaptickettokorea.com/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://cheaptickettokorea.com/ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/builder.js?ver=1.9.0/ | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://cheaptickettokorea.com//ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/effects.js?ver=1.9.0/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Cache-Control: max-age=1, private, must-revalidate Connection: close Date: Thu, 15 Jan 2015 11:00:12 GMT Pragma: no-cache Location: http://cheaptickettokorea.com/ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/effects.js?ver=1.9.0/ Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Vary: Cookie Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: PHPSESSID=5283ab2b4cfd49bafdadc1c8a1c9fab2; path=/ Set-Cookie: bp-message=deleted; expires=Wed, 15-Jan-2014 11:00:11 GMT; path=/ Set-Cookie: bp-message-type=deleted; expires=Wed, 15-Jan-2014 11:00:11 GMT; path=/ X-Pingback: http://cheaptickettokorea.com/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://cheaptickettokorea.com/ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/effects.js?ver=1.9.0/ | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://cheaptickettokorea.com//ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/dragdrop.js?ver=1.9.0/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Cache-Control: max-age=1, private, must-revalidate Connection: close Date: Thu, 15 Jan 2015 11:00:17 GMT Pragma: no-cache Location: http://cheaptickettokorea.com/ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/dragdrop.js?ver=1.9.0/ Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Vary: Cookie Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: PHPSESSID=1302956784d8aab956b04088dce93885; path=/ Set-Cookie: bp-message=deleted; expires=Wed, 15-Jan-2014 11:00:17 GMT; path=/ Set-Cookie: bp-message-type=deleted; expires=Wed, 15-Jan-2014 11:00:17 GMT; path=/ X-Pingback: http://cheaptickettokorea.com/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://cheaptickettokorea.com/ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/dragdrop.js?ver=1.9.0/ | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://cheaptickettokorea.com//ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/slider.js?ver=1.9.0/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Cache-Control: max-age=1, private, must-revalidate Connection: close Date: Thu, 15 Jan 2015 11:00:23 GMT Pragma: no-cache Location: http://cheaptickettokorea.com/ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/slider.js?ver=1.9.0/ Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Vary: Cookie Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: PHPSESSID=c995853dcbb490f360c8bbd7f5b8b3ae; path=/ Set-Cookie: bp-message=deleted; expires=Wed, 15-Jan-2014 11:00:23 GMT; path=/ Set-Cookie: bp-message-type=deleted; expires=Wed, 15-Jan-2014 11:00:23 GMT; path=/ X-Pingback: http://cheaptickettokorea.com/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://cheaptickettokorea.com/ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/slider.js?ver=1.9.0/ | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://cheaptickettokorea.com//ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/controls.js?ver=1.9.0/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Cache-Control: max-age=1, private, must-revalidate Connection: close Date: Thu, 15 Jan 2015 11:00:29 GMT Pragma: no-cache Location: http://cheaptickettokorea.com/ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/controls.js?ver=1.9.0/ Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Vary: Cookie Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: PHPSESSID=9729e8a50de87a039f9b1922f5344d5a; path=/ Set-Cookie: bp-message=deleted; expires=Wed, 15-Jan-2014 11:00:28 GMT; path=/ Set-Cookie: bp-message-type=deleted; expires=Wed, 15-Jan-2014 11:00:28 GMT; path=/ X-Pingback: http://cheaptickettokorea.com/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://cheaptickettokorea.com/ajax.googleapis.com/ajax/libs/scriptaculous/1.9.0/controls.js?ver=1.9.0/ | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://assiia.com/api/getip/wp/flight/widget/js/jquery.autocomplete.js | 404 Not Found Content-Length: 759 Content-Type: text/html | clean |
http://assiia.com/api/getip/wp/flight/widget/js/jquery-ui-1.8.12.custom.min.js | 404 Not Found Content-Length: 767 Content-Type: text/html | clean |
http://s7.addthis.com/js/250/addthis_widget.js | 200 OK Content-Length: 10652 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: cheaptickettokorea.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=1, private, must-revalidate
Connection: close
Date: Thu, 15 Jan 2015 10:59:46 GMT
Accept-Ranges: bytes
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Vary: Accept-Encoding,Cookie
Content-Length: 60411
Content-Type: text/html; charset=UTF-8
Expires: Thu, 15 Jan 2015 11:04:46 GMT
...60411 bytes of data.
GET / HTTP/1.1
Host: cheaptickettokorea.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=1, private, must-revalidate
Connection: close
Date: Thu, 15 Jan 2015 10:59:46 GMT
Accept-Ranges: bytes
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Vary: Accept-Encoding,Cookie
Content-Length: 60411
Content-Type: text/html; charset=UTF-8
Expires: Thu, 15 Jan 2015 11:04:46 GMT
...60411 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: cheaptickettokorea.com
Referer: http://www.google.com/search?q=cheaptickettokorea.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: cheaptickettokorea.com
Referer: http://www.google.com/search?q=cheaptickettokorea.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=cheaptickettokorea.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://cheaptickettokorea.com/
Result: cheaptickettokorea.com is not infected or malware details are not published yet.
Result: cheaptickettokorea.com is not infected or malware details are not published yet.