Scanned pages/files
Request | Server response | Status |
http://visitcreation.org/ | 200 OK Content-Length: 176012 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by NG689Skw ...[16851 bytes skipped]... ader{border:none;vertical-align:middle;margin-left:4px}div.wpcf7 div.ajax-error{display:none}div.wpcf7 .placeheld{color:#888}</style><link rel='stylesheet' id='rs-settings-css' href='wp-content/plugins/revslider/rs-plugin/css/settings.css?ver=4.2.2' type='text/css' media='all'/><style>x<body style='color: transparent;background-color: black'><center><h1><b style='color: white'>Hacked by NG689Skw <br><p style='color: transparent'></style><link rel='stylesheet' id='ait-jquery-colorbox-css' href='wp-content/themes/touroperator/design/css/colorbox.css,qver=4.2.2.pagespeed.ce.ykktNptRM7.css' type='text/css' media='all'/><link rel='stylesheet' id='ait-jquery-fancybox-css' href='wp-content/themes/touroperator/design/css/fancybox/jquery.fancybox-1.3.4.css?ver=4.2.2' type='text/css' media='all'/><link rel='stylesheet' id='ait-jquery-hover-zo ...[180618 bytes skipped]... | ||
http://visitcreation.org/wp-includes/js/jquery/jquery.js,qver=1.11.2.pagespeed.jm.0kUhGt7Mm3.js | 200 OK Content-Length: 95864 Content-Type: text/javascript | clean |
http://visitcreation.org/wp-includes/js/jquery/jquery-migrate.min.js,qver=1.2.1.pagespeed.jm.mhpNjdU8Wl.js | 200 OK Content-Length: 7085 Content-Type: text/javascript | clean |
http://visitcreation.org/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js,qver=3.51.0-2014.06.20.pagespeed.jm.RVBOol6lkO.js | 200 OK Content-Length: 14900 Content-Type: text/javascript | clean |
http://visitcreation.org/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.plugins.min.js,qver=4.2.2.pagespeed.jm.t-2oG_xxa6.js | 200 OK Content-Length: 15296 Content-Type: text/javascript | clean |
http://visitcreation.org/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js,qver=4.2.2.pagespeed.jm.pTKaBaYV21.js | 200 OK Content-Length: 54510 Content-Type: text/javascript | clean |
http://visitcreation.org/wp-content/themes/touroperator/design/js/libs/jquery.html5-placeholder-shim.js,qver=4.2.2.pagespeed.jm.nUlEfLiiYW.js | 200 OK Content-Length: 2244 Content-Type: text/javascript | clean |
http://visitcreation.org//maps.google.com/maps/api/js?sensor=false&language=en&ver=4.2.2/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Fri, 19 Jun 2015 09:05:11 GMT Pragma: no-cache Location: http://visitcreation.org/maps.google.com/maps/api/js?sensor=false&language=en&ver=4.2.2/ Server: cloudflare-nginx Vary: Accept-Encoding,User-Agent Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT CF-RAY: 1f8e1217ede80a5a-ARN Set-Cookie: __cfduid=da61112d5ccd74266d97bf395123f30bf1434704710; expires=Sat, 18-Jun-16 09:05:10 GMT; path=/; domain=.visitcreation.org; HttpOnly X-Pingback: http://visitcreation.org/xmlrpc.php X-Powered-By: W3 Total Cache/0.9.4.1 | clean |
http://visitcreation.org/maps.google.com/maps/api/js?sensor=false&language=en&ver=4.2.2/ | 404 Not Found Content-Length: 61122 Content-Type: text/html | clean |
http://visitcreation.org/wp-includes/js/jquery/jquery.js?ver=1.11.2 | 200 OK Content-Length: 95865 Content-Type: application/javascript | clean |
http://visitcreation.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://visitcreation.org/wp-content/plugins/directory-extension-plugin//libs/bf_script.js?ver=4.2.2 | 200 OK Content-Length: 152 Content-Type: application/javascript | clean |
http://visitcreation.org/wp-content/plugins/directory-extension-plugin//libs/script.js?ver=4.2.2 | 200 OK Content-Length: 1246 Content-Type: application/javascript | clean |
http://visitcreation.org/wp-content/plugins/mailchimp/js/scrollTo.js?ver=1.4.2 | 200 OK Content-Length: 1927 Content-Type: application/javascript | clean |
http://visitcreation.org/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20 | 200 OK Content-Length: 15248 Content-Type: application/javascript | clean |
http://visitcreation.org/wp-content/plugins/mailchimp/js/mailchimp.js?ver=1.4.2 | 200 OK Content-Length: 582 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: visitcreation.org
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=3600, public
Cache-Control: max-age=0, no-cache, no-store
Connection: close
Date: Fri, 19 Jun 2015 09:05:08 GMT
Pragma: public
Server: cloudflare-nginx
Vary: Accept-Encoding
Content-Type: text/html
Expires: Fri, 19 Jun 2015 10:05:08 GMT
CF-RAY: 1f8e12035c1e16a0-ARN
Set-Cookie: __cfduid=d5bfb45d86d9bf66e50d89feb6c9238481434704707; expires=Sat, 18-Jun-16 09:05:07 GMT; path=/; domain=.visitcreation.org; HttpOnly
X-Mod-Pagespeed: 0.9.17.7-716
X-Powered-By: W3 Total Cache/0.9.4.1
GET / HTTP/1.1
Host: visitcreation.org
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=3600, public
Cache-Control: max-age=0, no-cache, no-store
Connection: close
Date: Fri, 19 Jun 2015 09:05:08 GMT
Pragma: public
Server: cloudflare-nginx
Vary: Accept-Encoding
Content-Type: text/html
Expires: Fri, 19 Jun 2015 10:05:08 GMT
CF-RAY: 1f8e12035c1e16a0-ARN
Set-Cookie: __cfduid=d5bfb45d86d9bf66e50d89feb6c9238481434704707; expires=Sat, 18-Jun-16 09:05:07 GMT; path=/; domain=.visitcreation.org; HttpOnly
X-Mod-Pagespeed: 0.9.17.7-716
X-Powered-By: W3 Total Cache/0.9.4.1
Second query (visit from search engine):
GET / HTTP/1.1
Host: visitcreation.org
Referer: http://www.google.com/search?q=visitcreation.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: visitcreation.org
Referer: http://www.google.com/search?q=visitcreation.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=visitcreation.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://visitcreation.org/
Result: visitcreation.org is not infected or malware details are not published yet.
Result: visitcreation.org is not infected or malware details are not published yet.