Scanned pages/files
| Request | Server response | Status |
http://vops.sk/ | 200 OK Content-Length: 29710 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: !--Hacked by -- <!--Hacked by -->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <base href="http://vops.sk/" /> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <meta name="robots" content="index, follow" /> <meta name="verif ...[35066 bytes skipped]... | ||
http://vops.sk/plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php | 403 Forbidden Content-Length: 268 Content-Type: text/html | clean |
http://vops.sk/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://vops.sk/plugins/system/cdscriptegrator/libraries/jquery/js/jsloader.php | 403 Forbidden Content-Length: 265 Content-Type: text/html | clean |
http://vops.sk/plugins/system/cdscriptegrator/libraries/jquery/js/ui/jsloader.php?file=ui.core | 403 Forbidden Content-Length: 268 Content-Type: text/html | clean |
http://vops.sk/media/system/js/caption.js | 200 OK Content-Length: 1963 Content-Type: text/javascript | clean |
http://vops.sk/modules/mod_gk_news_highlighter/scripts/engine_compress.js | 403 Forbidden Content-Length: 260 Content-Type: text/html | clean |
http://vops.sk/modules/mod_gk_news_highlighter/scripts/importer.php?module_id=news-highlight-1&animation_type=2&animation_speed=1000&animation_interval=7000&animation_fun=Fx.Transitions.linear&mouseover=1 | 403 Forbidden Content-Length: 254 Content-Type: text/html | clean |
http://vops.sk/templates/ja_nerine/scripts/ja.script.js | 200 OK Content-Length: 8934 Content-Type: text/javascript | clean |
http://vops.sk/templates/ja_nerine/scripts/opacity.js | 200 OK Content-Length: 9287 Content-Type: text/javascript | clean |
http://vops.sk/modules/mod_hot_image_slider/js/jquery-1.3.2.min.js | 403 Forbidden Content-Length: 253 Content-Type: text/html | clean |
http://vops.sk/modules/mod_hot_image_slider/js/scripts.js | 403 Forbidden Content-Length: 244 Content-Type: text/html | clean |
http://www.google.com/jsapi | 200 OK Content-Length: 24552 Content-Type: text/javascript | clean |
http://vops.sk/modules/mod_gtranslate/jquery-translate.js | 403 Forbidden Content-Length: 244 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: vops.sk
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 29 Sep 2014 21:27:29 GMT
Pragma: no-cache
Server: Apache
Vary: User-Agent
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 29 Sep 2014 21:27:29 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 06f84101cf637002ba628b9ecc3dab71=ar86dt05tm94m0ofr0tq7gh3f5; path=/
Set-Cookie: ja_nerine_tpl=ja_nerine; expires=Sat, 19-Sep-2015 21:27:29 GMT; path=/
Set-Cookie: virtuemart=ar86dt05tm94m0ofr0tq7gh3f5
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: vops.sk
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 29 Sep 2014 21:27:29 GMT
Pragma: no-cache
Server: Apache
Vary: User-Agent
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Mon, 29 Sep 2014 21:27:29 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 06f84101cf637002ba628b9ecc3dab71=ar86dt05tm94m0ofr0tq7gh3f5; path=/
Set-Cookie: ja_nerine_tpl=ja_nerine; expires=Sat, 19-Sep-2015 21:27:29 GMT; path=/
Set-Cookie: virtuemart=ar86dt05tm94m0ofr0tq7gh3f5
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: vops.sk
Referer: http://www.google.com/search?q=vops.sk
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: vops.sk
Referer: http://www.google.com/search?q=vops.sk
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=vops.sk
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://vops.sk/
Result: vops.sk is not infected or malware details are not published yet.
Result: vops.sk is not infected or malware details are not published yet.