Scanned pages/files
Request | Server response | Status |
http://itcnasia.com/ | 200 OK Content-Length: 150550 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 292x62 style: hidden src: http://www.facebook.com/plugins/likebox.php?href=http%3a%2f%2fwww.facebook.com%2itcnasia&width=292&colorscheme=light&show_faces=false&border_color&stream=false&header=false&height=62 <iframe style="border: none; overflow: hidden; width: 292px; height: 62px; display: none;" src="http://www.facebook.com/plugins/likebox.php?href=http%3a%2f%2fwww.facebook.com%2itcnasia&width=292&colorscheme=light&show_faces=false&border_color&stream=false&header=false&height=62" width="300" height="150" frameborder="0" scrolling="no"> | ||
http://itcnasia.com/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 96930 Content-Type: application/javascript | clean |
http://itcnasia.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7727 Content-Type: application/javascript | clean |
http://itcnasia.com/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.plugins.min.js?rev=4.2.4&ver=3.9.2 | 200 OK Content-Length: 85799 Content-Type: application/javascript | clean |
http://itcnasia.com/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?rev=4.2.4&ver=3.9.2 | 200 OK Content-Length: 91497 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function revslider_showDoubleJqueryError(e){var t="Revolution Slider Error: You have some jquery.js library include that comes after the revolution files js include.";t+="<br> This includes make eliminates the revolution slider libraries, and make it not work.";t+="<br><br> To fix it you can:<br> 1. In the Slider Settings -> Troubleshooting set option: <strong><b>Put JS Includes To Body</b></st Antivirus reports:
| ||
http://itcnasia.com/wp-content/themes/itcn/framework/plugins/LayerSlider//static/js/layerslider.kreaturamedia.jquery.js?ver=5.1.1 | 200 OK Content-Length: 57000 Content-Type: application/javascript | clean |
http://itcnasia.com/wp-content/themes/itcn/framework/plugins/LayerSlider//static/js/greensock.js?ver=1.11.2 | 200 OK Content-Length: 52834 Content-Type: application/javascript | clean |
http://itcnasia.com/wp-content/themes/itcn/framework/plugins/LayerSlider//static/js/layerslider.transitions.js?ver=5.1.1 | 200 OK Content-Length: 21095 Content-Type: application/javascript | clean |
http://itcnasia.com/wp-content/themes/itcn/assets/js/test.js | 200 OK Content-Length: 201 Content-Type: application/javascript | clean |
http://itcnasia.com/wp-content/themes/itcn/assets/shadowbox/shadowbox.js | 200 OK Content-Length: 38792 Content-Type: application/javascript | clean |
http://itcnasia.com/wp-content/themes/itcn/assets/shadowbox/doit.js | 200 OK Content-Length: 2219 Content-Type: application/javascript | clean |
http://itcnasia.com/wp-content/themes/itcn/assets/responsive_map/jquery.rwdImageMaps.js | 200 OK Content-Length: 1860 Content-Type: application/javascript | clean |
http://maps.googleapis.com/maps/api/js?v=3.exp&sensor=false&language=en | 200 OK Content-Length: 4891 Content-Type: text/javascript | clean |
http://itcnasia.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.50.0-2014.02.05 | 200 OK Content-Length: 16305 Content-Type: application/javascript | clean |
http://itcnasia.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.8.1 | 200 OK Content-Length: 9630 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: itcnasia.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 09 Oct 2014 11:28:03 GMT
Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Type: text/html; charset=UTF-8
Link: <http://itcnasia.com/>; rel=shortlink
Set-Cookie: USERID=twotime; path=/
X-Pingback: http://itcnasia.com/xmlrpc.php
X-Powered-By: PHP/5.4.23
GET / HTTP/1.1
Host: itcnasia.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 09 Oct 2014 11:28:03 GMT
Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Type: text/html; charset=UTF-8
Link: <http://itcnasia.com/>; rel=shortlink
Set-Cookie: USERID=twotime; path=/
X-Pingback: http://itcnasia.com/xmlrpc.php
X-Powered-By: PHP/5.4.23
Second query (visit from search engine):
GET / HTTP/1.1
Host: itcnasia.com
Referer: http://www.google.com/search?q=itcnasia.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: itcnasia.com
Referer: http://www.google.com/search?q=itcnasia.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=itcnasia.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://itcnasia.com/
Result: itcnasia.com is not infected or malware details are not published yet.
Result: itcnasia.com is not infected or malware details are not published yet.