Scanned pages/files
Request | Server response | Status |
http://npsgfc.com/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Tue, 13 Oct 2015 12:00:27 GMT Pragma: no-cache Location: http://www.npsgfc.com/ Server: LiteSpeed Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=mjtkub63om06jrciem4g44ami2; path=/ X-Pingback: http://www.npsgfc.com/xmlrpc.php | clean |
http://www.npsgfc.com/ | 200 OK Content-Length: 38912 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by ghost-dz ...[43437 bytes skipped]... tyle="color: #ffffff;">1</span></p> </div> <hr class="clear" /> <div class="info"> </div> </div> <html> <head> <meta http-equiv="Content-Language" content="fr"> <meta http-equiv="Content-Type" content="text/html; charset=windows-1252"> <title>Hacked by ghost-dz</title> </head> <body bgcolor="#000000"> <p align="center"> </p> <p align="center"> </p> </body> </html> </div> <!-- Footer --> <div id="footer"> <span class="backtoTop"><a href="#container" title="Back to Top" class="backtotop">Back to Top</a></span> <p><strong>&co ...[1349 bytes skipped]... | ||
http://www.npsgfc.com/wp-includes/js/jquery/jquery.js?ver=1.11.3 | 200 OK Content-Length: 95977 Content-Type: application/x-javascript | clean |
http://www.npsgfc.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/x-javascript | clean |
http://www.npsgfc.com/wp-content/plugins/wp-rotator/jquery.scrollTo-1.4.2-min.js?ver=1.4.2 | 200 OK Content-Length: 2262 Content-Type: application/x-javascript | clean |
http://www.npsgfc.com/wp-content/themes/painter/js/jquery.cycle-2.3.pack.js?ver=2.3 | 200 OK Content-Length: 12403 Content-Type: application/x-javascript | clean |
http://www.npsgfc.com/wp-content/themes/painter/js/backtotop.js?ver=4.3 | 200 OK Content-Length: 662 Content-Type: application/x-javascript | clean |
http://www.npsgfc.com/wp-content/themes/painter/js/script.js?ver=4.3 | 200 OK Content-Length: 1347 Content-Type: application/x-javascript | clean |
http://www.npsgfc.com/wp-content/plugins/gallery-plugin/fancybox/jquery.mousewheel-3.0.4.pack.js?ver=4.3 | 200 OK Content-Length: 1279 Content-Type: application/x-javascript | clean |
http://www.npsgfc.com/wp-content/plugins/gallery-plugin/fancybox/jquery.fancybox-1.3.4.pack.js?ver=4.3 | 200 OK Content-Length: 15624 Content-Type: application/x-javascript | clean |
http://www.npsgfc.com/wp-content/plugins/easy-logo-slider/js/jquery.jcarousel.min.js?ver=4.3 | 200 OK Content-Length: 17494 Content-Type: application/x-javascript | clean |
http://www.npsgfc.com/wp-content/plugins/easy-logo-slider/js/jcarousel.responsive.js?ver=4.3 | 200 OK Content-Length: 2331 Content-Type: application/x-javascript | clean |
http://www.npsgfc.com/wp-content/plugins/flash-album-gallery/admin/js/swfobject.js?ver=2.2 | 200 OK Content-Length: 11754 Content-Type: application/x-javascript | clean |
http://www.npsgfc.com/wp-content/plugins/flash-album-gallery/admin/js/swfaddress.js?ver=2.4 | 200 OK Content-Length: 15916 Content-Type: application/x-javascript | clean |
http://www.npsgfc.com/wp-content/plugins/sh-slideshow/jquery.cycle.all.js | 200 OK Content-Length: 46880 Content-Type: application/x-javascript | clean |
http://www.npsgfc.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.18 | 200 OK Content-Length: 15021 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: npsgfc.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 13 Oct 2015 12:00:27 GMT
Pragma: no-cache
Location: http://www.npsgfc.com/
Server: LiteSpeed
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=mjtkub63om06jrciem4g44ami2; path=/
X-Pingback: http://www.npsgfc.com/xmlrpc.php
...0 bytes of data.
GET / HTTP/1.1
Host: npsgfc.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 13 Oct 2015 12:00:27 GMT
Pragma: no-cache
Location: http://www.npsgfc.com/
Server: LiteSpeed
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=mjtkub63om06jrciem4g44ami2; path=/
X-Pingback: http://www.npsgfc.com/xmlrpc.php
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: npsgfc.com
Referer: http://www.google.com/search?q=npsgfc.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: npsgfc.com
Referer: http://www.google.com/search?q=npsgfc.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=npsgfc.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://npsgfc.com/
Result: npsgfc.com is not infected or malware details are not published yet.
Result: npsgfc.com is not infected or malware details are not published yet.