Scanned pages/files
Request | Server response | Status |
http://kaolagou.com/ | 200 OK Content-Length: 14463 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED BY 1923TURK GRUP ByCaN ...[13851 bytes skipped]... <tr> <td width="130" align="center"><img src="images/sy_22.jpg" width="104" height="81" alt=""></td> <td><table width="98%" border="0" cellspacing="0" cellpadding="0"> <tr> <td height="25" align="left" valign="middle" > <a href="newsshow.php?id=583" target="_blank"> ·<h1>HACKED BY 1923TURK GRUP ByCaN</h1></a></td> <td align="right" valign="middle" > 01-25 </td> </tr> <tr> <td height="25" align="left" valign="middle" > <a href="newsshow.php?id=424" target="_blank"> ·伦æ¦å¥¥è¿ä¼å¼å¹å¼ç"æ°å"ä¸"äºå®":ä»1å°40亿</a></td> <td align="right" valign="middle" > ...[3524 bytes skipped]... | ||
http://kaolagou.com/js/swfobject.js | 200 OK Content-Length: 6679 Content-Type: application/x-javascript | clean |
http://kaolagou.com/hdm.js | 200 OK Content-Length: 1015 Content-Type: application/x-javascript | clean |
http://kaolagou.com/index.php | 200 OK Content-Length: 14463 Content-Type: text/html | clean |
http://kaolagou.com/ghht.php | 200 OK Content-Length: 2371 Content-Type: text/html | clean |
http://kaolagou.com/wladmin/ | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sun, 01 Jun 2014 11:46:17 GMT Pragma: no-cache Location: web_manage.php Server: Apache/2.0.47 (Win32) PHP/5.2.5 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=04c5ae87a1fb623f7a03c1de6a004670; path=/ X-Powered-By: PHP/5.2.5 | clean |
http://kaolagou.com/wladmin/web_manage.php | 200 OK Content-Length: 5243 Content-Type: text/html | clean |
http://kaolagou.com/wladmin/../index.php | 200 OK Content-Length: 14463 Content-Type: text/html | clean |
http://kaolagou.com/wladmin/../js/swfobject.js | 200 OK Content-Length: 6679 Content-Type: application/x-javascript | clean |
http://kaolagou.com/wladmin/../hdm.js | 200 OK Content-Length: 1015 Content-Type: application/x-javascript | clean |
http://kaolagou.com/wladmin/../ghht.php | 200 OK Content-Length: 2371 Content-Type: text/html | clean |
http://kaolagou.com/wladmin/../wladmin/ | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sun, 01 Jun 2014 11:46:23 GMT Pragma: no-cache Location: web_manage.php Server: Apache/2.0.47 (Win32) PHP/5.2.5 Content-Length: 0 Content-Type: text/html; charset=utf-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=62c91837dc7c2cb43dad2a495c118775; path=/ X-Powered-By: PHP/5.2.5 | clean |
http://kaolagou.com/wladmin/../wladmin/web_manage.php | 200 OK Content-Length: 5243 Content-Type: text/html | clean |
http://kaolagou.com/wladmin/../wladmin/../index.php | 200 OK Content-Length: 14463 Content-Type: text/html | clean |
http://kaolagou.com/wladmin/../wladmin/../js/swfobject.js | 200 OK Content-Length: 6679 Content-Type: application/x-javascript | clean |
http://kaolagou.com/wladmin/../wladmin/../hdm.js | 200 OK Content-Length: 1015 Content-Type: application/x-javascript | clean |
http://kaolagou.com/wladmin/../wladmin/../ghht.php | 200 OK Content-Length: 2371 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: kaolagou.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 01 Jun 2014 11:46:12 GMT
Server: Apache/2.0.47 (Win32) PHP/5.2.5
Content-Type: text/html; charset=utf-8
X-Powered-By: PHP/5.2.5
GET / HTTP/1.1
Host: kaolagou.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 01 Jun 2014 11:46:12 GMT
Server: Apache/2.0.47 (Win32) PHP/5.2.5
Content-Type: text/html; charset=utf-8
X-Powered-By: PHP/5.2.5
Second query (visit from search engine):
GET / HTTP/1.1
Host: kaolagou.com
Referer: http://www.google.com/search?q=kaolagou.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: kaolagou.com
Referer: http://www.google.com/search?q=kaolagou.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=kaolagou.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://kaolagou.com/
Result: kaolagou.com is not infected or malware details are not published yet.
Result: kaolagou.com is not infected or malware details are not published yet.