Scanned pages/files
| Request | Server response | Status |
http://www.yahova.ir/ | 200 OK Content-Length: 1540 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By 70P-H4ck3R ..:: Libyana ::.. ...[618 bytes skipped]... ;link href="http://fonts.googleapis.com/css?family=Iceland%3A700" rel="stylesheet" type="text/css"> <script src="/google_analytics_auto.js"></script></head> <body> <center><img src="http://www.i-inresort.com/ly.jpg" width="390" height="250" ><a/><br/><br/><p></p><font face="Iceland" size="6" color="white" class="a">Hacked By 70P-H4ck3R ..:: Libyana ::.. </font><br> <hr/> <br> <br/><br/><p></p><font face="Iceland" size="5" color="Red" class="a">Group ToP-TeaM = 70P-H4CK3R + NooRy-AlGarboli + AwHeD4 AlGazalY + Hamza Alwerfly </font><br> <br/><p></p><font face="Iceland" size="3" color="red" class="a"> Bany-Walid FreeDom </font><br> </p><font face="Iceland" size="3" color="red" cla ...[477 bytes skipped]... | ||
http://www.yahova.ir/google_analytics_auto.js | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Fri, 26 Dec 2014 00:40:34 GMT Pragma: no-cache Location: http://yahova.ir/google_analytics_auto.js Server: Apache Vary: Cookie Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: PHPSESSID=3e17bff78c559627ca333bda37933778; path=/ X-Pingback: http://yahova.ir/xmlrpc.php X-Powered-By: PHP/5.4.32 | clean |
http://yahova.ir/google_analytics_auto.js | 404 Not Found Content-Length: 19119 Content-Type: text/html | clean |
http://yahova.ir/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 95807 Content-Type: application/javascript | clean |
http://yahova.ir/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://yahova.ir/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.plugins.min.js?ver=4.0.1 | 404 Not Found Content-Length: 19403 Content-Type: text/html | clean |
http://yahova.ir/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=4.0.1 | 404 Not Found Content-Length: 19403 Content-Type: text/html | clean |
http://yahova.ir/wp-content/themes/alcatron/js/foundation.min.js?ver=4.0.1 | 200 OK Content-Length: 60680 Content-Type: application/javascript | clean |
http://yahova.ir/wp-content/themes/alcatron/plugins/carouFredSel/jquery.carouFredSel-6.2.0-packed.js?ver=3.0.1 | 200 OK Content-Length: 36065 Content-Type: application/javascript | clean |
http://yahova.ir/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20 | 200 OK Content-Length: 15248 Content-Type: application/javascript | clean |
http://yahova.ir/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.0.1 | 200 OK Content-Length: 9658 Content-Type: application/javascript | clean |
http://yahova.ir/wp-content/themes/alcatron/js/vendor/custom.modernizr.js?ver=3.2 | 200 OK Content-Length: 9288 Content-Type: application/javascript | clean |
http://yahova.ir/wp-content/themes/alcatron/js/jquery.quicksand.js?ver=3.2 | 200 OK Content-Length: 18247 Content-Type: application/javascript | clean |
http://yahova.ir/wp-content/themes/alcatron/js/jplayer/jquery.jplayer.min.js?ver=3.2 | 200 OK Content-Length: 42856 Content-Type: application/javascript | clean |
http://yahova.ir/wp-content/themes/alcatron/plugins/prettyphoto/jquery.prettyPhoto.js?ver=3.2 | 200 OK Content-Length: 22060 Content-Type: application/javascript | clean |
http://yahova.ir/wp-content/themes/alcatron/plugins/smallipop/lib/contrib/prettify.js?ver=3.2 | 200 OK Content-Length: 13632 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: yahova.ir
Result:
GET / HTTP/1.1
Host: yahova.ir
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: yahova.ir
Referer: http://www.google.com/search?q=yahova.ir
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: yahova.ir
Referer: http://www.google.com/search?q=yahova.ir
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=yahova.ir
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://yahova.ir/
Result: yahova.ir is not infected or malware details are not published yet.
Result: yahova.ir is not infected or malware details are not published yet.