Scanned pages/files
Request | Server response | Status |
http://vanhoccodien.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 27 Jul 2015 23:35:13 GMT Location: http://www.vanhoccodien.com/ Server: nginx/1.8.0 Content-Length: 302 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.vanhoccodien.com/ | 200 OK Content-Length: 7835 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Sorry Admin Hacked By Turkish Hacker (: ...[2752 bytes skipped]... ss="layer" data-depth="0.05"> <!-- CONTENT BLOCK --> <div class="content-block animated"> <div class="container animated"> <center></font color=blue><font face="Thoma" size="8" color="#d30808"> Sorry Admin Hacked By Turkish Hacker (: <br> <div class="slider"> <div class="slide"> <h1>Bismillahirrahmanirrahim <span>! </span></h1> </div> <div class="slide"> <h1><br><span>Hacked By xNo</span></h1></div> <div class="slide"> & ...[5697 bytes skipped]... | ||
http://ayt-wgt.hostingsiteforfree.com/assets/js/jquery-1.11.1.min.js | 200 OK Content-Length: 95788 Content-Type: application/javascript | clean |
http://ayt-wgt.hostingsiteforfree.com/assets/js/bootstrap.min.js | 200 OK Content-Length: 34653 Content-Type: application/javascript | clean |
http://ayt-wgt.hostingsiteforfree.com/assets/js/jquery.cycle.min.js | 200 OK Content-Length: 24150 Content-Type: application/javascript | clean |
http://ayt-wgt.hostingsiteforfree.com/assets/js/jquery.parallax.min.js | 200 OK Content-Length: 9449 Content-Type: application/javascript | clean |
http://ayt-wgt.hostingsiteforfree.com/assets/js/jquery.backstretch.min.js | 200 OK Content-Length: 4238 Content-Type: application/javascript | clean |
http://www.korhandfm.com/resimler/scripts.js | HTTP/1.1 404 Not Found Connection: close Date: Mon, 27 Jul 2015 23:35:16 GMT Accept-Ranges: bytes Server: LiteSpeed Content-Length: 1263 Content-Type: text/html | clean |
http://www.korhandfm.com/ | 200 OK Content-Length: 929 Content-Type: text/html | clean |
http://www.korhandfm.com/test404page.js | HTTP/1.1 404 Not Found Connection: close Date: Mon, 27 Jul 2015 23:35:17 GMT Accept-Ranges: bytes Server: LiteSpeed Content-Length: 1263 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: vanhoccodien.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 27 Jul 2015 23:35:13 GMT
Location: http://www.vanhoccodien.com/
Server: nginx/1.8.0
Content-Length: 302
Content-Type: text/html; charset=iso-8859-1
...302 bytes of data.
GET / HTTP/1.1
Host: vanhoccodien.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 27 Jul 2015 23:35:13 GMT
Location: http://www.vanhoccodien.com/
Server: nginx/1.8.0
Content-Length: 302
Content-Type: text/html; charset=iso-8859-1
...302 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: vanhoccodien.com
Referer: http://www.google.com/search?q=vanhoccodien.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: vanhoccodien.com
Referer: http://www.google.com/search?q=vanhoccodien.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=vanhoccodien.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://vanhoccodien.com/
Result: vanhoccodien.com is not infected or malware details are not published yet.
Result: vanhoccodien.com is not infected or malware details are not published yet.