Scanned pages/files
Request | Server response | Status |
http://vdwpf.org/ | 200 OK Content-Length: 910 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED by TheZero <html> <head> <title>HACKED by TheZero</title> </head> <style type="text/css"> <!-- body,td,th {color: #FFFFFF;} body {background-color: #000000;} a {font-family: Courier New, Courier, monospace;font-size: 12px;color: #CCCCCC;}a:visited {color: #333333;} a:hover {color: #FFFFFF;}a:active {color: #FFFFFF;} --> </style> <body> <center> <h1>HACKED by TheZero</h1> < ...[733 bytes skipped]... | ||
http://www.usuarios-online.com/usuarios.php?v=TheZero | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 12 Jul 2015 09:07:10 GMT Location: http://static.usuarios-online.com/uoo.js?&v=TheZero Server: nginx/1.2.6 Content-Length: 184 Content-Type: text/html | clean |
http://static.usuarios-online.com/uoo.js?&v=thezero | 200 OK Content-Length: 1840 Content-Type: application/x-javascript | clean |
http://vdwpf.org/exact/index.html | 200 OK Content-Length: 47152 Content-Type: text/html | clean |
http://path.woaipapa.com/0526/20150526se6xf.js | 200 OK Content-Length: 256 Content-Type: application/javascript | clean |
http://vdwpf.org/exact/ | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://vdwpf.org/test404page.js | 404 Not Found Content-Length: 564 Content-Type: text/html | clean |
http://vdwpf.org/spot/ | 200 OK Content-Length: 47577 Content-Type: text/html | clean |
http://vdwpf.org/stood/ | 200 OK Content-Length: 46880 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: 94xo.com <!DOCTYPE html PUBLIC "-//W3C//liD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/liD/xhtml1-transitional.lid">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>5æä¸é¦ç½å¿«æ,æ3级ççµå½±ç±æ¬²çæ½®ã</title> <meta http-equiv="Content-Type" content="text/html; charset=gb2312" /> <meta name="keywords" content="å¤å¤æ¸ 欧ç¾æ§ç±,å¿«æ伦ççµå½ ...[4621 bytes skipped]... | ||
http://vdwpf.org/often/ | 200 OK Content-Length: 45896 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: kx59.com <!DOCTYPE html PUBLIC "-//W3C//liD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/liD/xhtml1-transitional.lid">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>æ人è²ç«è²å¾,ç¾å¥³è§é¢singapore sex video</title> <meta http-equiv="Content-Type" content="text/html; charset=gb2312" /> <meta name="keywords" content="å³°å³°ç¿åºçæ¥ æ»ç §é¨,www.zuoai.com ...[4654 bytes skipped]... | ||
http://vdwpf.org/looked/ | 200 OK Content-Length: 46841 Content-Type: text/html | clean |
http://vdwpf.org/windows/ | 200 OK Content-Length: 46077 Content-Type: text/html | clean |
http://vdwpf.org/windows/485.html | 200 OK Content-Length: 29641 Content-Type: text/html | clean |
http://vdwpf.org/windows/54.html | 200 OK Content-Length: 29349 Content-Type: text/html | clean |
http://vdwpf.org/windows/29.html | 200 OK Content-Length: 29720 Content-Type: text/html | clean |
http://vdwpf.org/windows/20.html | 200 OK Content-Length: 28973 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: vdwpf.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 12 Jul 2015 09:15:30 GMT
Accept-Ranges: bytes
ETag: "556668a5-38e"
Server: nginx
Content-Length: 910
Content-Type: text/html
Last-Modified: Thu, 28 May 2015 01:00:21 GMT
...910 bytes of data.
GET / HTTP/1.1
Host: vdwpf.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 12 Jul 2015 09:15:30 GMT
Accept-Ranges: bytes
ETag: "556668a5-38e"
Server: nginx
Content-Length: 910
Content-Type: text/html
Last-Modified: Thu, 28 May 2015 01:00:21 GMT
...910 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: vdwpf.org
Referer: http://www.google.com/search?q=vdwpf.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: vdwpf.org
Referer: http://www.google.com/search?q=vdwpf.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=vdwpf.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://vdwpf.org/
Result: vdwpf.org is not infected or malware details are not published yet.
Result: vdwpf.org is not infected or malware details are not published yet.