Scanned pages/files
| Request | Server response | Status |
http://shn.jp/ | 200 OK Content-Length: 26606 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by Krad Xin » ãã£ã¼ã <!doctype html>
<html dir="ltr" lang="ja" prefix="og: http://ogp.me/ns#" class="no-js"> <head> <meta charset="UTF-7" /> <meta name="viewport" content="width=device-width" /> <title>SHN Japan</title> <link rel="profile" href="http://gmpg.org/xfn/11" /> <link rel="stylesheet" type="text/css" media="all" href="http://shn.jp/wp-content/the ...[30839 bytes skipped]... | ||
http://shn.jp/wp-includes/js/prototype.js?ver=1.6.1 | 200 OK Content-Length: 139854 Content-Type: application/x-javascript | clean |
http://shn.jp/wp-includes/js/scriptaculous/wp-scriptaculous.js?ver=1.8.3 | 200 OK Content-Length: 2943 Content-Type: application/x-javascript | clean |
http://shn.jp/wp-includes/js/scriptaculous/effects.js?ver=1.8.3 | 200 OK Content-Length: 38471 Content-Type: application/x-javascript | clean |
http://shn.jp/wp-content/plugins/lightbox-2/lightbox.js?ver=1.8 | 200 OK Content-Length: 21338 Content-Type: application/x-javascript | clean |
http://shn.jp/wp-includes/js/jquery/jquery.js?ver=1.7.2 | 200 OK Content-Length: 94861 Content-Type: application/x-javascript | clean |
http://shn.jp/wp-content/themes/frantic/library/js/modernizr-2.6.1.min.js?ver=2.6.1 | 200 OK Content-Length: 14414 Content-Type: application/x-javascript | clean |
http://shn.jp/wp-content/themes/frantic/library/js/scripts.js?ver=1.0.0 | 200 OK Content-Length: 1732 Content-Type: application/x-javascript | clean |
http://shn.jp/wp-content/plugins/google-analyticator/external-tracking.min.js?ver=6.3.3 | 200 OK Content-Length: 931 Content-Type: application/x-javascript | clean |
http://shn.jp/wp-content/plugins/cforms/js/cforms.js | 200 OK Content-Length: 16525 Content-Type: application/x-javascript | clean |
http://shn.jp/wp-content/plugins/tweetmeme/button.js | 200 OK Content-Length: 3779 Content-Type: application/x-javascript | clean |
http://s.gravatar.com/js/gprofiles.js?ver=2014Apraa | 200 OK Content-Length: 21442 Content-Type: application/x-javascript | clean |
http://shn.jp/wp-content/plugins/jetpack/modules/wpgroho.js?ver=3.4.2 | 200 OK Content-Length: 930 Content-Type: application/x-javascript | clean |
http://shn.jp/wp-content/plugins/jetpack/modules/sharedaddy/sharing.js?ver=20120131 | 200 OK Content-Length: 38202 Content-Type: application/x-javascript | clean |
http://apis.google.com/js/plusone.js | 200 OK Content-Length: 11654 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: shn.jp
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 11 Apr 2014 15:00:09 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-7
Link: <http://wp.me/P1JiZL-2>; rel=shortlink
Set-Cookie: PHPSESSID=90055bff356defffe757e2266d89dc1a; path=/
X-Pingback: http://shn.jp/xmlrpc.php
X-Powered-By: PHP/5.3.15
GET / HTTP/1.1
Host: shn.jp
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 11 Apr 2014 15:00:09 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-7
Link: <http://wp.me/P1JiZL-2>; rel=shortlink
Set-Cookie: PHPSESSID=90055bff356defffe757e2266d89dc1a; path=/
X-Pingback: http://shn.jp/xmlrpc.php
X-Powered-By: PHP/5.3.15
Second query (visit from search engine):
GET / HTTP/1.1
Host: shn.jp
Referer: http://www.google.com/search?q=shn.jp
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: shn.jp
Referer: http://www.google.com/search?q=shn.jp
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=shn.jp
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://shn.jp/
Result: shn.jp is not infected or malware details are not published yet.
Result: shn.jp is not infected or malware details are not published yet.