Scanned pages/files
Request | Server response | Status |
http://pftas.com.au/ | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=0, no-cache Connection: close Date: Mon, 20 Jul 2015 23:07:17 GMT Location: http://www.pftas.com.au/ Server: nginx/1.7.9 Content-Type: text/html; charset=iso-8859-1 X-Page-Speed: 1.9.32.3-4448 X-Proxy-Cache: MISS | clean |
http://www.pftas.com.au/ | 200 OK Content-Length: 61502 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by NG689Skw ...[3219 bytes skipped]... AX_.css' type='text/css' media='all'/> <link rel='stylesheet' id='rs-settings-css' href='http://www.pftas.com.au/wp-content/plugins/revslider/rs-plugin/css/A.settings.css,qver=4.2.2.pagespeed.cf.gRUxbW2xgB.css' type='text/css' media='all'/> <style id='rs-captions-css' media='all'>x<body style='color: transparent;background-color: black'><center><h1><b style='color: white'>Hacked by NG689Skw <br><p style='color: transparent'></style> <style id='featured-widget-css-css' media='all'>.featured-post-widget{clear:both}.fpw-image-left{float:left;padding-right:10px;padding-bottom:5px}.fpw-image-right{float:right;padding-left:10px;padding-bottom:5px}h3.featured-post-title{margin:5px 0;font-size:16px}div.featured-post-widget-border{border:solid 1px #dadada;margin-bottom:8px}div.featured-post-widget-border h3.featured-post-title{padding:0 5px ...[61948 bytes skipped]... | ||
http://www.pftas.com.au/wp-includes/js/jquery/jquery.js,qver=1.11.2.pagespeed.jm.0kUhGt7Mm3.js | 200 OK Content-Length: 95864 Content-Type: application/javascript | clean |
http://www.pftas.com.au/wp-includes,_js,_jquery,_jquery-migrate.min.js,qver==1.2.1+wp-content,_plugins,_jquery-vertical-accordion-menu,_js,_jquery.hoverIntent.minified.js,qver==4.2.2+wp-content,_plugins,_jquery-vertical-accordion-menu,_js,_jquery.cookie.js,qver==4.2.2+wp-content,_plugins,_jquery-vertical-accordion-menu,_js,_jquery.dcjqaccordion.2.9.js,qver==4.2.2.pagespeed.jc.5sN7HtE1CF.js | 200 OK Content-Length: 14023 Content-Type: application/javascript | clean |
http://www.pftas.com.au/wp-content/themes/headway/library/media/js/jquery.fitvids.js?ver=4.2.2 | 200 OK Content-Length: 1874 Content-Type: application/javascript | clean |
http://www.pftas.com.au/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.plugins.min.js,qver=4.2.2.pagespeed.jm.57aauWwuhg.js | 200 OK Content-Length: 15799 Content-Type: application/javascript | clean |
http://www.pftas.com.au/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=4.2.2 | 200 OK Content-Length: 49346 Content-Type: application/javascript | clean |
http://form.jotformpro.com/jsform/23021172444946 | 200 OK Content-Length: 11450 Content-Type: text/javascript | clean |
http://www.pftas.com.au/wp-content/plugins,_lazy-load,_js,_jquery.sonar.min.js,qver==0.5+plugins,_lazy-load,_js,_lazy-load.js,qver==0.5+themes,_headway,_library,_media,_js,_jquery.hoverintent.js,qver==4.2.2+themes,_headway,_library,_blocks,_navigation,_js,_jquery.superfish.js,qver==4.2.2+themes,_headway,_library,_blocks,_navigation,_js,_selectnav.js,qver==4.2.2+uploads,_headway,_cache,_block-dynam <span>...73 symbols skipped</span> | 200 OK Content-Length: 11780 Content-Type: application/javascript | clean |
http://www.pftas.com.au/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=2.16.2 | 200 OK Content-Length: 77124 Content-Type: application/javascript | clean |
http://www.pftas.com.au/wp-includes/js/mediaelement/wp-mediaelement.js,qver=4.2.2.pagespeed.jm.A5YEohtHFl.js | 200 OK Content-Length: 684 Content-Type: application/javascript | clean |
http://pftas.com.au/pellet/ | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=0, no-cache Connection: close Date: Mon, 20 Jul 2015 23:07:35 GMT Location: http://www.pftas.com.au/pellet/ Server: nginx/1.7.9 Content-Type: text/html; charset=iso-8859-1 X-Page-Speed: 1.9.32.3-4448 X-Proxy-Cache: MISS | clean |
http://www.pftas.com.au/pellet/ | 200 OK Content-Length: 44594 Content-Type: text/html | clean |
http://www.pftas.com.au/wp-content/plugins,_lazy-load,_js,_jquery.sonar.min.js,qver==0.5+plugins,_lazy-load,_js,_lazy-load.js,qver==0.5+themes,_headway,_library,_media,_js,_jquery.hoverintent.js,qver==4.2.2+themes,_headway,_library,_blocks,_navigation,_js,_jquery.superfish.js,qver==4.2.2+themes,_headway,_library,_blocks,_navigation,_js,_selectnav.js,qver==4.2.2.pagespeed.jc.bz_ABWEQQQ.js | 200 OK Content-Length: 10890 Content-Type: application/javascript | clean |
http://pftas.com.au/wp-content/uploads/2012/10/081.jpg | 200 OK Content-Length: 303124 Content-Type: image/jpeg | clean |
http://pftas.com.au/test404page.js | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=0, no-cache Connection: close Date: Mon, 20 Jul 2015 23:07:46 GMT Location: http://www.pftas.com.au/test404page.js Server: nginx/1.7.9 Content-Type: text/html; charset=iso-8859-1 X-Page-Speed: 1.9.32.3-4448 X-Proxy-Cache: MISS | clean |
http://www.pftas.com.au/test404page.js | 404 Not Found Content-Length: 37640 Content-Type: text/html | clean |
http://www.pftas.com.au/about-us/ | 200 OK Content-Length: 42005 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: pftas.com.au
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=0, no-cache
Connection: close
Date: Mon, 20 Jul 2015 23:07:17 GMT
Location: http://www.pftas.com.au/
Server: nginx/1.7.9
Content-Type: text/html; charset=iso-8859-1
X-Page-Speed: 1.9.32.3-4448
X-Proxy-Cache: MISS
GET / HTTP/1.1
Host: pftas.com.au
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=0, no-cache
Connection: close
Date: Mon, 20 Jul 2015 23:07:17 GMT
Location: http://www.pftas.com.au/
Server: nginx/1.7.9
Content-Type: text/html; charset=iso-8859-1
X-Page-Speed: 1.9.32.3-4448
X-Proxy-Cache: MISS
Second query (visit from search engine):
GET / HTTP/1.1
Host: pftas.com.au
Referer: http://www.google.com/search?q=pftas.com.au
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: pftas.com.au
Referer: http://www.google.com/search?q=pftas.com.au
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=pftas.com.au
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://pftas.com.au/
Result: pftas.com.au is not infected or malware details are not published yet.
Result: pftas.com.au is not infected or malware details are not published yet.