Scanned pages/files
Request | Server response | Status |
http://www.deltahelicopteros.com/ | 200 OK Content-Length: 29785 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: +ADw-/title+AD4-Hacked By MuhmadEmad Hacked By MuhmadEmad Hacked By MuhmadEmad Hacked By MuhmadEmad <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang="es-ES"> <head profile="http://gmpg.org/xfn/11"> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title>+ADw-/title+AD4-Hacked By MuhmadEmad Hacked By MuhmadEmad Hacked By MuhmadEmad Hacked By MuhmadEmad Hacked By MuhmadEmad Hacked By MuhmadEmad Hacked By MuhmadEmad Hacked By MuhmadEmad Hacked By MuhmadEmad Hacked By MuhmadEmad Hacked By MuhmadEmad Hacked By MuhmadEmad Hacked By MuhmadEmad +ADw-DIV style+AD0AIg-DISPLAY: none+ACIAPgA8-xmp+AD4- | </title> <link rel="stylesheet" href="http://www.deltahelicopteros.com/wp-content/themes/Aggregate/style.css" type="text/css" media="sc ...[34079 bytes skipped]... | ||
http://www.deltahelicopteros.com/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 96402 Content-Type: application/javascript | clean |
http://www.deltahelicopteros.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://www.deltahelicopteros.com/wp-content/themes/Aggregate/js/jquery.cycle.all.min.js?ver=1.0 | 200 OK Content-Length: 27880 Content-Type: application/javascript | clean |
http://www.deltahelicopteros.com/wp-content/plugins/photo-gallery/js/bwg_frontend.js?ver=1.1.13 | 200 OK Content-Length: 3195 Content-Type: application/javascript | clean |
http://www.deltahelicopteros.com/wp-content/plugins/photo-gallery/js/jquery.mobile.js?ver=1.1.13 | 200 OK Content-Length: 6419 Content-Type: application/javascript | clean |
http://www.deltahelicopteros.com/wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=1.1.13 | 200 OK Content-Length: 25171 Content-Type: application/javascript | clean |
http://www.deltahelicopteros.com/wp-content/plugins/photo-gallery/js/jquery.fullscreen-0.4.1.js?ver=0.4.1 | 200 OK Content-Length: 7583 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ;(function($) { function defined(a) { return typeof a !== 'undefined'; } function extend(child, parent, prototype) { var F = function() {}; F.prototype = parent.prototype; child.prototype = new F(); child.prototype.constructor = child; parent.prototype.constructor = parent; child._super = parent.prototype; if (prototype) { $.extend(child.prototype, prototype); } } var SUBST = [ ['', ''], element: function() { return this.__isFullScreen ? this._fullScreenElement : null; } });$.fullscreen = IS_NATIVELY_SUPPORTED ? new FullScreenNative() : new FullScreenFallback(); $.fn.fullscreen = function(options) { var elem = this[0]; options = $.extend({ toggleClass: null, }, options); options.styles = { }; if (elem) { $.fullscreen.open(elem, options); } return this; }; })(jQuery); Antivirus reports:
| ||
http://www.deltahelicopteros.com/wp-content/plugins/photo-gallery/js/bwg_gallery_box.js?ver=1.1.13 | 200 OK Content-Length: 5965 Content-Type: application/javascript | clean |
http://www.deltahelicopteros.com/wp-content/themes/Aggregate/js/superfish.js | 200 OK Content-Length: 3714 Content-Type: application/javascript | clean |
http://www.deltahelicopteros.com/wp-content/themes/Aggregate/js/custom.js | 200 OK Content-Length: 5824 Content-Type: application/javascript | clean |
http://www.deltahelicopteros.com/wp-content/themes/Aggregate/js/jquery.easing.1.3.js?ver=1.0 | 200 OK Content-Length: 8097 Content-Type: application/javascript | clean |
http://www.deltahelicopteros.com/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.10.4 | 200 OK Content-Length: 4289 Content-Type: application/javascript | clean |
http://www.deltahelicopteros.com/wp-includes/js/jquery/ui/jquery.ui.widget.min.js?ver=1.10.4 | 200 OK Content-Length: 6521 Content-Type: application/javascript | clean |
http://www.deltahelicopteros.com/wp-includes/js/jquery/ui/jquery.ui.position.min.js?ver=1.10.4 | 200 OK Content-Length: 6360 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: deltahelicopteros.com
Result:
GET / HTTP/1.1
Host: deltahelicopteros.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: deltahelicopteros.com
Referer: http://www.google.com/search?q=deltahelicopteros.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: deltahelicopteros.com
Referer: http://www.google.com/search?q=deltahelicopteros.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=deltahelicopteros.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://deltahelicopteros.com/
Result: deltahelicopteros.com is not infected or malware details are not published yet.
Result: deltahelicopteros.com is not infected or malware details are not published yet.