Scanned pages/files
| Request | Server response | Status |
http://yogaalliancevietnam.com/ | 200 OK Content-Length: 18694 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Lun4r 3cl1ps3 ...[702 bytes skipped]... p;!document.getElementById){ document.onmousedown=clickIE4; } document.oncontextmenu=new Function("alert(message);return false") </script> <script type="text/javascript"> var rev = "fwd"; function titlebar(val) { var msg = "Security Tester"; var res = " "; var speed = 100; var pos = val; msg = "Hacked By Lun4r 3cl1ps3" var le = msg.length; if(rev == "fwd"){ if(pos < le){ pos = pos+1; scroll = msg.substr(0,pos); document.title = scroll; timer = window.setTimeout("titlebar("+pos+")",speed); } else{ rev = "bwd"; timer = window.setTimeout("titlebar("+pos+")",speed); ...[20559 bytes skipped]... | ||
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js | 200 OK Content-Length: 72174 Content-Type: text/javascript | clean |
http://jqueryrotate.googlecode.com/svn/trunk/jQueryRotate.js | 200 OK Content-Length: 13892 Content-Type: text/plain | clean |
http://jqueryrotate.googlecode.com/test404page.js | 404 Not Found Content-Length: 1439 Content-Type: text/html | clean |
http://jqueryrotate.googlecode.com//www.google.com/ | 404 Not Found Content-Length: 1425 Content-Type: text/html | clean |
http://www.p0wersurge.com/js/jquery-css-transform.js | 200 OK Content-Length: 4109 Content-Type: text/javascript | clean |
http://www.p0wersurge.com/js/rotate3Di.js | 200 OK Content-Length: 5389 Content-Type: text/javascript | clean |
http://www.widgeo.net/effets/effets.php?id=1&adult=0&cat=informatique&msg=Security Tester By :&taille=400 | 200 OK Content-Length: 2484 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: yogaalliancevietnam.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 19 Jun 2014 22:25:08 GMT
Pragma: no-cache
Server: nginx admin
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Thu, 19 Jun 2014 22:25:08 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: b44a49b79d90de14ee64a173263d4aa4=22ffd3007feba70969a30917d669e5a3; path=/
X-Cache: HIT from Backend
X-Powered-By: PHP/5.3.25
GET / HTTP/1.1
Host: yogaalliancevietnam.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 19 Jun 2014 22:25:08 GMT
Pragma: no-cache
Server: nginx admin
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Thu, 19 Jun 2014 22:25:08 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: b44a49b79d90de14ee64a173263d4aa4=22ffd3007feba70969a30917d669e5a3; path=/
X-Cache: HIT from Backend
X-Powered-By: PHP/5.3.25
Second query (visit from search engine):
GET / HTTP/1.1
Host: yogaalliancevietnam.com
Referer: http://www.google.com/search?q=yogaalliancevietnam.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: yogaalliancevietnam.com
Referer: http://www.google.com/search?q=yogaalliancevietnam.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=yogaalliancevietnam.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://yogaalliancevietnam.com/
Result: yogaalliancevietnam.com is not infected or malware details are not published yet.
Result: yogaalliancevietnam.com is not infected or malware details are not published yet.