Scanned pages/files
Request | Server response | Status |
http://www.ricohsom.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Jun 2015 08:14:08 GMT Location: http://ricohsom.com/ Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://ricohsom.com/xmlrpc.php X-Powered-By: PleskLin | clean |
http://ricohsom.com/ | 200 OK Content-Length: 41899 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Fallag GassriniFallaga Team ...[3937 bytes skipped]... laceheld{color:#888}</style> <link rel='stylesheet' id='rs-settings-css' href='http://ricohsom.com/wp-content/plugins/revslider/rs-plugin/css/A.settings.css.pagespeed.cf.yEKxE2J1VS.css' type='text/css' media='all'/> <style id='rs-captions-css' media='all'><body style='color: transparent;background-color: black'><center><h1><b style='color: white'><center>Hacked By Fallag GassriniFallaga Team<p style='color: transparent'></style> <link rel='stylesheet' id='woocommerce-layout-css' href='//ricohsom.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css.pagespeed.ce.VAWR-_jHdD.css' type='text/css' media='all'/> <link rel='stylesheet' id='woocommerce-smallscreen-css' href='//ricohsom.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css.pagespeed.ce.ipuf5nIBni.css' type='text/css' media='only ...[42415 bytes skipped]... | ||
http://ricohsom.com/wp-content,_plugins,_jquery-updater,_js,_jquery-2.0.0.min.js+wp-includes,_js,_jquery,_jquery-migrate.min.js.pagespeed.jc.J8HU9wAyDk.js | 200 OK Content-Length: 92281 Content-Type: application/javascript | clean |
http://cdnjs.cloudflare.com/ajax/libs/modernizr/2.6.2/modernizr.min.js | 200 OK Content-Length: 15414 Content-Type: application/javascript | clean |
http://ricohsom.com/wp-content/plugins/CuteSlider,_js,_cute.slider.js+CuteSlider,_js,_cute.transitions.all.js+revslider,_rs-plugin,_js,_jquery.themepunch.plugins.min.js.pagespeed.jc.uxNqDO_8oo.js | 200 OK Content-Length: 76782 Content-Type: application/javascript | clean |
http://cdnjs.cloudflare.com/ajax/libs/respond.js/1.1.0/respond.min.js | 200 OK Content-Length: 4069 Content-Type: application/javascript | clean |
http://ricohsom.com/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js | 200 OK Content-Length: 55446 Content-Type: application/javascript | clean |
http://www.ricohsom.com/ricohsom.comtestrnx-index | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Thu, 18 Jun 2015 08:14:11 GMT Pragma: no-cache Location: http://ricohsom.com/ricohsom.comtestrnx-index Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Pingback: http://ricohsom.com/xmlrpc.php X-Powered-By: PleskLin | clean |
http://ricohsom.com/ricohsom.comtestrnx-index | 404 Not Found Content-Length: 37336 Content-Type: text/html | clean |
http://ricohsom.com/wp-content/plugins/jquery-updater/js/jquery-2.0.0.min.js | 200 OK Content-Length: 83095 Content-Type: application/javascript | clean |
http://ricohsom.com/wp-includes/js/jquery/jquery-migrate.min.js | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://ricohsom.com/wp-content/plugins/CuteSlider/js/cute.slider.js | 200 OK Content-Length: 42563 Content-Type: application/javascript | clean |
http://ricohsom.com/wp-content/plugins/CuteSlider/js/cute.transitions.all.js | 200 OK Content-Length: 16781 Content-Type: application/javascript | clean |
http://ricohsom.com/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.plugins.min.js | 200 OK Content-Length: 17060 Content-Type: application/javascript | clean |
http://ricohsom.com/wp-content/plugins/ubermenu/js/hoverIntent.js | 200 OK Content-Length: 1464 Content-Type: application/javascript | clean |
http://ricohsom.com/wp-content/plugins/ubermenu/js/ubermenu.min.js | 200 OK Content-Length: 11325 Content-Type: application/javascript | clean |
http://ricohsom.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js | 200 OK Content-Length: 15479 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ricohsom.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=0, no-cache
Connection: close
Date: Thu, 18 Jun 2015 08:14:08 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 41899
Content-Type: text/html; charset=utf-8
Link: <http://ricohsom.com/>; rel=shortlink
X-Mod-Pagespeed: 1.9.32.3-4448
X-Pingback: http://ricohsom.com/xmlrpc.php
X-Powered-By: PleskLin
...41899 bytes of data.
GET / HTTP/1.1
Host: ricohsom.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=0, no-cache
Connection: close
Date: Thu, 18 Jun 2015 08:14:08 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 41899
Content-Type: text/html; charset=utf-8
Link: <http://ricohsom.com/>; rel=shortlink
X-Mod-Pagespeed: 1.9.32.3-4448
X-Pingback: http://ricohsom.com/xmlrpc.php
X-Powered-By: PleskLin
...41899 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ricohsom.com
Referer: http://www.google.com/search?q=ricohsom.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ricohsom.com
Referer: http://www.google.com/search?q=ricohsom.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ricohsom.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ricohsom.com/
Result: ricohsom.com is not infected or malware details are not published yet.
Result: ricohsom.com is not infected or malware details are not published yet.