Scanned pages/files
| Request | Server response | Status |
http://ideltaclub.com/ | 200 OK Content-Length: 31468 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HaCked by Anonyme xtn ...[4901 bytes skipped]... t;body id="bd" class="bd fs3 com_content"> <a name="Top" id="Top"></a> <div id="ja-wrapper"> <div id="ja-header" class="wrap "> <div class="main"> <div class="main-inner1 clearfix"> <h1 class="logo"> <a href="/index.php" title="HaCked by Anonyme xtn"><span>HaCked by Anonyme xtn</span></a> </h1> </div> </div> </div> <div id="ja-mainnav" class="wrap "> <div class="main"> <div class="main-inner1 clearfix"> <div id="jasdl-mainnav"><ul><l ...[31493 bytes skipped]... | ||
http://ideltaclub.com/index.php?jat3action=gzip&jat3type=js&jat3file=t3-assets%2Fjs_9c4c9.js?v=2 | 200 OK Content-Length: 300231 Content-Type: text/javascript | clean |
https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js | 200 OK Content-Length: 93637 Content-Type: text/javascript | clean |
http://api.html5media.info/1.1.5/html5media.min.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 15 Jul 2015 00:37:11 GMT Location: https://api.html5media.info/1.1.5/html5media.min.js Server: cloudflare-nginx CF-RAY: 206165b8270305d5-WAW Set-Cookie: __cfduid=de333eb1d1c46984f91bd8984861ff9d71436920631; expires=Thu, 14-Jul-16 00:37:11 GMT; path=/; domain=.html5media.info; HttpOnly | clean |
https://api.html5media.info/1.1.5/html5media.min.js | 200 OK Content-Length: 21199 Content-Type: application/x-javascript | clean |
http://ideltaclub.com//plugins/system/videobox/videobox.js/ | 404 Not Found Content-Length: 353 Content-Type: text/html | clean |
http://ideltaclub.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://ideltaclub.com/templates/ja_purity_ii/js/ja.rightcol.js | 200 OK Content-Length: 2729 Content-Type: application/javascript | clean |
http://platform.linkedin.com/in.js | 200 OK Content-Length: 3768 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ideltaclub.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Wed, 15 Jul 2015 00:37:09 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
Expires:
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 3259f736820f13ea8dcb2f9858e02e39=dr5738muhboo9jnrguq2988lu4; path=/
Set-Cookie: ja_purity_ii_tpl=ja_purity_ii; expires=Mon, 04-Jul-2016 00:37:09 GMT; path=/
X-Powered-By: PHP/5.3.29
GET / HTTP/1.1
Host: ideltaclub.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Wed, 15 Jul 2015 00:37:09 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
Expires:
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 3259f736820f13ea8dcb2f9858e02e39=dr5738muhboo9jnrguq2988lu4; path=/
Set-Cookie: ja_purity_ii_tpl=ja_purity_ii; expires=Mon, 04-Jul-2016 00:37:09 GMT; path=/
X-Powered-By: PHP/5.3.29
Second query (visit from search engine):
GET / HTTP/1.1
Host: ideltaclub.com
Referer: http://www.google.com/search?q=ideltaclub.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ideltaclub.com
Referer: http://www.google.com/search?q=ideltaclub.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ideltaclub.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ideltaclub.com/
Result: ideltaclub.com is not infected or malware details are not published yet.
Result: ideltaclub.com is not infected or malware details are not published yet.