Scanned pages/files
Request | Server response | Status |
http://phutthugian.info/ | 200 OK Content-Length: 160383 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: poruka+AFs-0+AF0 +AD0 +ACIAfgB+-Hacked By+AF8-yskr+AH4AfgAi ...[247 bytes skipped]... g-icon+ACI href+AD0AIg-http://antisecurityteam.com/favicon.ico+ACI type+AD0AIg-image/x-icon+ACIAPg +ADw-HEAD+AD4 +ADw-script language+AD0AIg-JavaScript+ACIAPg var brzinakucanja +AD0 400+ADs var pauzapor +AD0 4000+ADs var vremeid +AD0 null+ADs var kretanje +AD0 false+ADs var poruka +AD0 new Array()+ADs var slporuka +AD0 0+ADs var bezporuke +AD0 0+ADs poruka+AFs-0+AF0 +AD0 +ACIAfgB+-Hacked By+AF8-yskr+AH4AfgAi function prikaz() +AHs var text +AD0 poruka+AFs-slporuka+AF0AOw if (bezporuke +ADw text.length) +AHs if (text.charAt(bezporuke) +AD0APQ +ACI +ACI) bezporuke+ACsAKw var ttporuka +AD0 text.substring(0, bezporuke +ACs 1)+ADs document.title +AD0 ttporuka+ADs bezporuke+ACsAKw vremeid +AD0 setTimeout(+ACI-prikaz()+ACI, brzinakucanja)+ADs kretanje +AD0 true+ADs +AH0 else +AHs bezporuke + ...[179102 bytes skipped]... | ||
http://phutthugian.info/wp-includes/js/jquery/jquery.js?ver=1.8.3 | 200 OK Content-Length: 93658 Content-Type: application/x-javascript | clean |
http://phutthugian.info/wp-content/themes/sahifa/js/tie-scripts.js?ver=3.5.2 | 200 OK Content-Length: 63411 Content-Type: application/x-javascript | clean |
http://phutthugian.info/wp-content/themes/sahifa/js/jquery.cycle.all.js?ver=3.5.2 | 200 OK Content-Length: 27367 Content-Type: application/x-javascript | clean |
http://phutthugian.info/category/hinh-anh | 200 OK Content-Length: 127195 Content-Type: text/html | clean |
http://assets.pinterest.com/js/pinit.js | 200 OK Content-Length: 313 Content-Type: application/javascript | clean |
http://phutthugian.info/category/hinh-anh/the-thao | 200 OK Content-Length: 121151 Content-Type: text/html | clean |
http://phutthugian.info/category/hinh-anh/vui-nhon | 200 OK Content-Length: 124600 Content-Type: text/html | clean |
http://phutthugian.info/category/ngoi-sao | 200 OK Content-Length: 145499 Content-Type: text/html | clean |
http://phutthugian.info/category/ngoi-sao/trong-nuoc | 200 OK Content-Length: 132151 Content-Type: text/html | clean |
http://phutthugian.info/category/ngoi-sao/quoc-te | 200 OK Content-Length: 131922 Content-Type: text/html | clean |
http://phutthugian.info/category/sach | 200 OK Content-Length: 121143 Content-Type: text/html | clean |
http://phutthugian.info/category/sach/giao-duc | 200 OK Content-Length: 118718 Content-Type: text/html | clean |
http://phutthugian.info/category/sach/doc-truyen | 200 OK Content-Length: 121504 Content-Type: text/html | clean |
http://phutthugian.info/category/truyen-hinh | 200 OK Content-Length: 131697 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: phutthugian.info
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 02 Sep 2014 23:53:23 GMT
Server: Apache/2.2.27 (CentOS)
Content-Type: text/html; charset=UTF-7
X-Pingback: http://phutthugian.info/xmlrpc.php
X-Powered-By: PHP/5.3.27
GET / HTTP/1.1
Host: phutthugian.info
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 02 Sep 2014 23:53:23 GMT
Server: Apache/2.2.27 (CentOS)
Content-Type: text/html; charset=UTF-7
X-Pingback: http://phutthugian.info/xmlrpc.php
X-Powered-By: PHP/5.3.27
Second query (visit from search engine):
GET / HTTP/1.1
Host: phutthugian.info
Referer: http://www.google.com/search?q=phutthugian.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: phutthugian.info
Referer: http://www.google.com/search?q=phutthugian.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=phutthugian.info
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://phutthugian.info/
Result: phutthugian.info is not infected or malware details are not published yet.
Result: phutthugian.info is not infected or malware details are not published yet.