Scanned pages/files
Request | Server response | Status |
http://nccksa.com/ | 200 OK Content-Length: 22479 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Cyber_Ps ...[7067 bytes skipped]... t; </div> <!-- End six teen columns --> </div> </div> <!-- End header top --> <div class="slider_wrapper"> <!-- FlexSlider --> <div class="flexslider"> <ul class="slides"> <li> <img src="./uploaded/slider/ab67a8729b4e43bb4da5c1334c6f9260.jpg" alt="Hacked By Cyber_Ps"/><div class="flex-caption">Hacked By Cyber_Ps</div> </li><li> <img src="./uploaded/slider/280ac333afb3995c20f565a696175794.jpg" alt="Hacked By Cyber_Ps"/><div class="flex-caption">Hacked By Cyber_Ps</div> </li><li> <img src="./uploaded/slider/bbb7ab136271d37f3b8caa053e03ad6a.jpg" alt="Hacked By Cyber_Ps"/><div class="flex-caption">Hacked By Cyber_Ps</div&g ...[20807 bytes skipped]... | ||
http://nccksa.com/js/jquery-1.7.1.min.js | 200 OK Content-Length: 93868 Content-Type: text/javascript | clean |
http://nccksa.com/js/jquery.carouFredSel-6.1.0-packed.js | 200 OK Content-Length: 36416 Content-Type: text/javascript | clean |
http://nccksa.com/js/jquery.tipsy.js | 200 OK Content-Length: 9787 Content-Type: text/javascript | clean |
http://nccksa.com/js/jquery.easing.1.3.js | 200 OK Content-Length: 8097 Content-Type: text/javascript | clean |
http://nccksa.com/js/jquery.iconshadow.js | 200 OK Content-Length: 1032 Content-Type: text/javascript | clean |
http://nccksa.com/js/jquery.flexslider-min.js | 200 OK Content-Length: 11463 Content-Type: text/javascript | clean |
http://nccksa.com/js/superfish.js | 200 OK Content-Length: 3517 Content-Type: text/javascript | clean |
http://nccksa.com/js/jquery.color.js | 200 OK Content-Length: 3660 Content-Type: text/javascript | clean |
http://nccksa.com/js/custom.js | 200 OK Content-Length: 10338 Content-Type: text/javascript | clean |
http://nccksa.com/js/jquery.cycle.all.js | 200 OK Content-Length: 51308 Content-Type: text/javascript | clean |
http://nccksa.com/js/modernizr.custom.js | 200 OK Content-Length: 6525 Content-Type: text/javascript | clean |
http://nccksa.com/js/jquery.fitvids.js | 200 OK Content-Length: 2664 Content-Type: text/javascript | clean |
http://nccksa.com/js/jquery.ui.totop.js | 200 OK Content-Length: 1797 Content-Type: text/javascript | clean |
http://nccksa.com/js/jquery.prettyPhoto.js | 200 OK Content-Length: 31904 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: nccksa.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 21 Sep 2014 11:04:32 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=9fq3jj1ir5peo7761nnuahnls6; path=/
GET / HTTP/1.1
Host: nccksa.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 21 Sep 2014 11:04:32 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=9fq3jj1ir5peo7761nnuahnls6; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: nccksa.com
Referer: http://www.google.com/search?q=nccksa.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: nccksa.com
Referer: http://www.google.com/search?q=nccksa.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=nccksa.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://nccksa.com/
Result: nccksa.com is not infected or malware details are not published yet.
Result: nccksa.com is not infected or malware details are not published yet.