Scanned pages/files
| Request | Server response | Status |
http://tuyenlaixetaxi.com/ | 200 OK Content-Length: 2088 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Forbidden Rasd <html dir="rtl"><head><meta http-equiv="Content-Type" content="text/html; charset=windows-1252"> <link rel="SHORTCUT ICON" href="http://upload.wikimedia.org/wikipedia/commons/thumb/4/40/Coat_of_arms_of_the_Sahrawi_Arab_Democratic_Republic.svg/608px-Coat_of_arms_of_the_Sahrawi_Arab_Democratic_Republic.svg.png"> <title>Hacked By Forbidden Rasd</title> </head> <body bgcolor="#000000"> <p align="center"><b><font color="#ff0000" face="Comic Sans MS" size="6">Hacked By<span lang="ar-sa"> </span>Forbidden Rasd</font></b></p> <p align="center"><span lang="ar-jo"><b> <img border="0" src="http://www.ambaci-cam.org/IMG/arton2.jpg" width="700" height="450 ...[1780 bytes skipped]... | ||
http://tuyenlaixetaxi.com/file://www.blogger.com/static/v1/common/js/3472483503-csitail.js | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Wed, 18 Mar 2015 12:13:19 GMT Pragma: no-cache Location: http://tuyenlaixetaxi.com/file:/www.blogger.com/static/v1/common/js/3472483503-csitail.js Server: nginx/1.6.2 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Pingback: http://taxigroup.net.vn/xmlrpc.php | clean |
http://tuyenlaixetaxi.com/file:/www.blogger.com/static/v1/common/js/3472483503-csitail.js | 404 Not Found Content-Length: 15154 Content-Type: text/html | clean |
http://taxigroup.net.vn/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 95807 Content-Type: application/javascript | clean |
http://taxigroup.net.vn/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://taxigroup.net.vn/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.plugins.min.js?rev=4.1.2&ver=3.8.2 | 404 Not Found Content-Length: 0 Content-Type: text/html | clean |
http://taxigroup.net.vn/test404page.js | 404 Not Found Content-Length: 0 Content-Type: text/html | clean |
http://taxigroup.net.vn/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?rev=4.1.2&ver=3.8.2 | 404 Not Found Content-Length: 0 Content-Type: text/html | clean |
http://taxigroup.net.vn/wp-content/themes/er-leaf/js/modernizr.custom.js?ver=3.8.2 | 404 Not Found Content-Length: 0 Content-Type: text/html | clean |
http://maps.google.com/maps/api/js?sensor=false | 200 OK Content-Length: 4404 Content-Type: text/javascript | clean |
http://taxigroup.net.vn/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.50.0-2014.02.05 | 404 Not Found Content-Length: 0 Content-Type: text/html | clean |
http://taxigroup.net.vn/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.7.2 | 404 Not Found Content-Length: 0 Content-Type: text/html | clean |
http://taxigroup.net.vn/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=2.13.0 | 200 OK Content-Length: 77432 Content-Type: application/javascript | clean |
http://taxigroup.net.vn/wp-includes/js/mediaelement/wp-mediaelement.js?ver=3.8.2 | 200 OK Content-Length: 926 Content-Type: application/javascript | clean |
http://taxigroup.net.vn/wp-content/themes/er-leaf/js/jquery.easing.1.3.js?ver=3.8.2 | 404 Not Found Content-Length: 0 Content-Type: text/html | clean |
http://taxigroup.net.vn/wp-content/themes/er-leaf/js/hoverIntent.js?ver=3.8.2 | 404 Not Found Content-Length: 0 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tuyenlaixetaxi.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 18 Mar 2015 12:13:16 GMT
Accept-Ranges: bytes
Server: nginx/1.6.2
Content-Length: 2088
Content-Type: text/html
Last-Modified: Sat, 28 Feb 2015 22:56:01 GMT
...2088 bytes of data.
GET / HTTP/1.1
Host: tuyenlaixetaxi.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 18 Mar 2015 12:13:16 GMT
Accept-Ranges: bytes
Server: nginx/1.6.2
Content-Length: 2088
Content-Type: text/html
Last-Modified: Sat, 28 Feb 2015 22:56:01 GMT
...2088 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: tuyenlaixetaxi.com
Referer: http://www.google.com/search?q=tuyenlaixetaxi.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tuyenlaixetaxi.com
Referer: http://www.google.com/search?q=tuyenlaixetaxi.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tuyenlaixetaxi.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tuyenlaixetaxi.com/
Result: tuyenlaixetaxi.com is not infected or malware details are not published yet.
Result: tuyenlaixetaxi.com is not infected or malware details are not published yet.