Scanned pages/files
Request | Server response | Status |
http://www.nic.gov.np/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 01 Jul 2014 01:12:13 GMT Location: http://nic.gov.np/ Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Content-Length: 363 Content-Type: text/html; charset=iso-8859-1 | clean |
http://nic.gov.np/ | 200 OK Content-Length: 34122 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HaCkEd By AL.MaX HaCkEr ...[26404 bytes skipped]... ¯à¥à¤à¤à¥ डायरà¥</h4> </a> <ul> <li> <a href="http://nic.gov.np/posts/2014/03/ayogka-karyaharu-2070">राषà¥à¤à¥à¤°à¤¿à¤¯ सà¥à¤à¤¨à¤¾ à¤à¤¯à¥à¤à¤²à¥ à¤à¤°à¥à¤à¤¾ मà¥à¤à¥à¤¯ मà¥à¤à¥à¤¯ à¤à¤¾à¤°à¥à¤¯à¤¹à¤°à¥</a> </li> <li> <a href="http://nic.gov.np/posts/2013/03/HaCkEd-By-AL.MaX-HaCkEr">HaCkEd By AL.MaX HaCkEr</a> </li> <li> <a href="http://nic.gov.np/posts/2013/03/aayog-naya-thauma">राषà¥à¤à¥à¤°à¤¿à¤¯ सà¥à¤à¤¨à¤¾ à¤à¤¯à¥à¤ नयाठठाà¤à¤à¤®à¤¾</a> </li> <li> <a href="http://nic.gov.np/posts/2013/03/morang-antrakriya">सà¥à¤à¤¨à¤¾à¤à¥ हठविषयमा मà¥à¤°à¤à¤®à¤¾ ठनà¥à¤¤à¤°à¤à¥à¤°à¤¿à¤¯à¤¾à¤¤à¥à¤®à¤ à¤à¥à¤·à¥à¤ ॠसमà¥à¤ªà¤¨à¥à¤¨< ...[14172 bytes skipped]... | ||
http://nic.gov.np/addons/shared_addons/themes/nic/js/js-for-slider.js | 200 OK Content-Length: 93868 Content-Type: application/javascript | clean |
http://www.nic.gov.np/addons/shared_addons/themes/nic/js/bjqs-1.3.min.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 01 Jul 2014 01:12:18 GMT Location: http://nic.gov.np/addons/shared_addons/themes/nic/js/bjqs-1.3.min.js Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Content-Length: 413 Content-Type: text/html; charset=iso-8859-1 | clean |
http://nic.gov.np/addons/shared_addons/themes/nic/js/bjqs-1.3.min.js | 200 OK Content-Length: 6981 Content-Type: application/javascript | clean |
http://www.nic.gov.np/addons/shared_addons/themes/nic/js/SpryValidationRadio.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 01 Jul 2014 01:12:20 GMT Location: http://nic.gov.np/addons/shared_addons/themes/nic/js/SpryValidationRadio.js Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Content-Length: 420 Content-Type: text/html; charset=iso-8859-1 | clean |
http://nic.gov.np/addons/shared_addons/themes/nic/js/spryvalidationradio.js | 404 Not Found Content-Length: 18011 Content-Type: text/html | clean |
http://nic.gov.np/addons/shared_addons/themes/nic/js/jquery-1.8.3.min.js | 200 OK Content-Length: 93636 Content-Type: application/javascript | clean |
http://www.nic.gov.np/addons/shared_addons/themes/nic/js/jquery.lightbox-0.5.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 01 Jul 2014 01:12:24 GMT Location: http://nic.gov.np/addons/shared_addons/themes/nic/js/jquery.lightbox-0.5.js Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Content-Length: 420 Content-Type: text/html; charset=iso-8859-1 | clean |
http://nic.gov.np/addons/shared_addons/themes/nic/js/jquery.lightbox-0.5.js | 200 OK Content-Length: 19598 Content-Type: application/javascript | clean |
http://www.nic.gov.np/addons/shared_addons/themes/nic/js/bootstrap.min.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 01 Jul 2014 01:12:26 GMT Location: http://nic.gov.np/addons/shared_addons/themes/nic/js/bootstrap.min.js Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Content-Length: 414 Content-Type: text/html; charset=iso-8859-1 | clean |
http://nic.gov.np/addons/shared_addons/themes/nic/js/bootstrap.min.js | 200 OK Content-Length: 25563 Content-Type: application/javascript | clean |
http://www.nic.gov.np/addons/shared_addons/themes/nic/js/bootstrap-editable.min.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 01 Jul 2014 01:12:28 GMT Location: http://nic.gov.np/addons/shared_addons/themes/nic/js/bootstrap-editable.min.js Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Content-Length: 423 Content-Type: text/html; charset=iso-8859-1 | clean |
http://nic.gov.np/addons/shared_addons/themes/nic/js/bootstrap-editable.min.js | 200 OK Content-Length: 29726 Content-Type: application/javascript | clean |
http://www.nic.gov.np//s7.addthis.com/js/300/addthis_widget.js/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 01 Jul 2014 01:12:30 GMT Location: http://nic.gov.np/s7.addthis.com/js/300/addthis_widget.js/ Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Content-Length: 403 Content-Type: text/html; charset=iso-8859-1 | clean |
http://nic.gov.np/s7.addthis.com/js/300/addthis_widget.js/ | 404 Not Found Content-Length: 18011 Content-Type: text/html | clean |
http://nic.gov.np/addons/shared_addons/themes/nic/js/SpryValidationRadio.js | 200 OK Content-Length: 15146 Content-Type: application/javascript | clean |
https://www.google.com/jsapi | 200 OK Content-Length: 24553 Content-Type: text/javascript | clean |
http://www.nic.gov.np/test404page.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 01 Jul 2014 01:12:33 GMT Location: http://nic.gov.np/test404page.js Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Content-Length: 377 Content-Type: text/html; charset=iso-8859-1 | clean |
http://nic.gov.np/test404page.js | 404 Not Found Content-Length: 18011 Content-Type: text/html | clean |
http://nic.gov.np//s7.addthis.com/js/300/addthis_widget.js/ | 404 Not Found Content-Length: 18011 Content-Type: text/html | clean |
http://nic.gov.np/about-us | 200 OK Content-Length: 21671 Content-Type: text/html | clean |
http://nic.gov.np/downloads | 200 OK Content-Length: 23858 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: nic.gov.np
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 01 Jul 2014 01:12:14 GMT
Pragma: no-cache
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: csrf_cookie_name=b43655dfebf008a112ec4af0cfc66028; expires=Tue, 01-Jul-2014 03:12:14 GMT; path=/; domain=nic.gov.np
Set-Cookie: PHPSESSID=4268eb9441fb4a720ea66ae7d767e287; path=/
Set-Cookie: pyrocms=uk2GpiOgzERx5GMHYaxCqUmjtG6h%2F6AfWXJX57QNCEfwdTsxaBr36zud281fAjmY0ZPdNyYK2dWTeEF7mG2mkzui04f7%2FSw%2BUFPbX7elFzeOeysaA0uQmt1eHGNLY8bFgDyg6TvlY59xw%2BhZlN8%2Bd9dgg9AnSQV8vHqGNC3rimKyi9ICdhrWADYv22WO0FCvTaWl%2BknCO0QI7m2m2wltLfS3ZbD2Yj1GVvzTQRcOMINt0s2NOyY068gDOmijhFxJMiS0oq6BWQa22aJiwB0yRLnIv%2FDQm48hbqFQcqbTz3E9b0%2BNfX5nbWSX%2BnzRt94ittypVPvnwspBz5OQnqOYdNtFghjFUeVqYU1m5C3ayaGbfZJWN9p%2BJJuXKZGfFLOL; path=/; domain=nic.gov.np
Set-Cookie: pyrocms=vN0k9h13KLBAsNPGdS%2BuEdR4TxyAwSpmLu9BuEzpD%2FeJIfW3zNjFxamGwjMFY5ZmHKZ96KZf0tKbFg46IU26igVH6Pev0afD2K7qipLECgc6t3ixudPuZIPAkqPnSvJWP8IoOEVxY0HKn6oYtseCr5DFKBTT5n4ZkEjJm2KmzkEhNaLIUh26r1fYxBgcNDSwJjTCA1Bs%2FY%2FXsQIkUc%2FOykQTMhFGmWWLMe7fVvUssTuAWLsou8z3Ntasuvs192OO7O1xBA4HVVRusHT%2BeSmLOb5yFCNNFtNCUKAJRlfcMcOsVXMerFJR2QPip6Dxkw3%2BSUwDZ%2BZpkpZgU%2BwUbYAfGQ%3D%3D; path=/; domain=nic.gov.np
X-Powered-By: PHP/5.4.26
GET / HTTP/1.1
Host: nic.gov.np
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 01 Jul 2014 01:12:14 GMT
Pragma: no-cache
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: csrf_cookie_name=b43655dfebf008a112ec4af0cfc66028; expires=Tue, 01-Jul-2014 03:12:14 GMT; path=/; domain=nic.gov.np
Set-Cookie: PHPSESSID=4268eb9441fb4a720ea66ae7d767e287; path=/
Set-Cookie: pyrocms=uk2GpiOgzERx5GMHYaxCqUmjtG6h%2F6AfWXJX57QNCEfwdTsxaBr36zud281fAjmY0ZPdNyYK2dWTeEF7mG2mkzui04f7%2FSw%2BUFPbX7elFzeOeysaA0uQmt1eHGNLY8bFgDyg6TvlY59xw%2BhZlN8%2Bd9dgg9AnSQV8vHqGNC3rimKyi9ICdhrWADYv22WO0FCvTaWl%2BknCO0QI7m2m2wltLfS3ZbD2Yj1GVvzTQRcOMINt0s2NOyY068gDOmijhFxJMiS0oq6BWQa22aJiwB0yRLnIv%2FDQm48hbqFQcqbTz3E9b0%2BNfX5nbWSX%2BnzRt94ittypVPvnwspBz5OQnqOYdNtFghjFUeVqYU1m5C3ayaGbfZJWN9p%2BJJuXKZGfFLOL; path=/; domain=nic.gov.np
Set-Cookie: pyrocms=vN0k9h13KLBAsNPGdS%2BuEdR4TxyAwSpmLu9BuEzpD%2FeJIfW3zNjFxamGwjMFY5ZmHKZ96KZf0tKbFg46IU26igVH6Pev0afD2K7qipLECgc6t3ixudPuZIPAkqPnSvJWP8IoOEVxY0HKn6oYtseCr5DFKBTT5n4ZkEjJm2KmzkEhNaLIUh26r1fYxBgcNDSwJjTCA1Bs%2FY%2FXsQIkUc%2FOykQTMhFGmWWLMe7fVvUssTuAWLsou8z3Ntasuvs192OO7O1xBA4HVVRusHT%2BeSmLOb5yFCNNFtNCUKAJRlfcMcOsVXMerFJR2QPip6Dxkw3%2BSUwDZ%2BZpkpZgU%2BwUbYAfGQ%3D%3D; path=/; domain=nic.gov.np
X-Powered-By: PHP/5.4.26
Second query (visit from search engine):
GET / HTTP/1.1
Host: nic.gov.np
Referer: http://www.google.com/search?q=nic.gov.np
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: nic.gov.np
Referer: http://www.google.com/search?q=nic.gov.np
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=nic.gov.np
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://nic.gov.np/
Result: nic.gov.np is not infected or malware details are not published yet.
Result: nic.gov.np is not infected or malware details are not published yet.