Scanned pages/files
| Request | Server response | Status |
http://www.xpressioninternational.us/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Wed, 29 Jul 2015 21:13:10 GMT Pragma: no-cache Location: http://xpressioninternational.us/ Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=97a5d0511c3a827d6486608ab13f31e3; path=/ X-Pingback: http://xpressioninternational.us/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://xpressioninternational.us/ | 200 OK Content-Length: 15124 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by AlfabetoVirtual ...[4642 bytes skipped]... itle"); jQuery(this).attr('title',title); }) } // Supported file extensions var thumbnails = jQuery("a:has(img)").not(".nolightbox").filter( function() { return /\.(jpe?g|png|gif|bmp)$/i.test(jQuery(this).attr('href')) }); jQuery("a.fancybox").fancybox({ 'cyclic': false, 'autoScale': false, 'padding': </script><script>document.title = 'Hacked by AlfabetoVirtual';</script><style>body {font-family: Lucida Console, cursive, sans-serif;background-color: #000000;color:white; text-shadow:0 0 100px black;font-size:20px;}</style><center><br /><br /><br /><br /><br /><br /><h1>Hackeado por AlfabetoVirtual</h1><h2 style='color: white'>Hacked by AlfabetoVirtual</h2>#BrazilUnderground #CadeiaNoPt #KissMyAssDilma <br /> All Eyez on me! Aqui ...[11850 bytes skipped]... | ||
http://xpressioninternational.us/wp-includes/js/jquery/jquery.js?ver=1.7.2 | 200 OK Content-Length: 94861 Content-Type: application/x-javascript | clean |
http://xpressioninternational.us/wp-content/themes/widescreen/includes/js/widescreen.js?ver=3.4.2 | 200 OK Content-Length: 7288 Content-Type: application/x-javascript | clean |
http://xpressioninternational.us/wp-includes/js/swfobject.js?ver=2.2-20120417 | 200 OK Content-Length: 10231 Content-Type: application/x-javascript | clean |
http://xpressioninternational.us/wp-content/themes/widescreen/includes/js/jbgallery-3.0.min.js?ver=3.4.2 | 200 OK Content-Length: 23149 Content-Type: application/x-javascript | clean |
http://xpressioninternational.us/wp-content/plugins/fancybox-for-wordpress/fancybox/jquery.fancybox.js?ver=1.3.4 | 200 OK Content-Length: 15667 Content-Type: application/x-javascript | clean |
http://xpressioninternational.us/wp-content/plugins/sexybookmarks/spritegen_default/jquery.shareaholic-publishers-sb.min.js?ver=6.0.0.3 | 200 OK Content-Length: 49137 Content-Type: application/x-javascript | clean |
http://xpressioninternational.us/wp-content/plugins/no-right-click-images-plugin/no-right-click-images.js | 200 OK Content-Length: 6116 Content-Type: application/x-javascript | clean |
http://platform.twitter.com/widgets.js?ver=1.2.3 | 200 OK Content-Length: 110097 Content-Type: application/javascript | clean |
http://www.xpressioninternational.us/test404page.js | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Wed, 29 Jul 2015 21:13:15 GMT Pragma: no-cache Location: http://xpressioninternational.us/test404page.js Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Last-Modified: Wed, 29 Jul 2015 21:13:15 GMT Set-Cookie: PHPSESSID=b2b12925ae2835eaaba3edb753bda219; path=/ X-Pingback: http://xpressioninternational.us/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://xpressioninternational.us/test404page.js | 404 Not Found Content-Length: 14510 Content-Type: text/html | clean |
http://xpressioninternational.us/xpression-international-team/ | 200 OK Content-Length: 22910 Content-Type: text/html | clean |
http://xpressioninternational.us/wp-includes/js/comment-reply.js?ver=3.4.2 | 200 OK Content-Length: 786 Content-Type: application/x-javascript | clean |
http://xpressioninternational.us/?page_id=35 | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Wed, 29 Jul 2015 21:13:17 GMT Pragma: no-cache Location: http://xpressioninternational.us/awards/ Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=4c39a82cf420fddb78e3a139a6f04623; path=/ X-Pingback: http://xpressioninternational.us/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://xpressioninternational.us/awards/ | 200 OK Content-Length: 36417 Content-Type: text/html | clean |
http://xpressioninternational.us/testimonials/ | 200 OK Content-Length: 18555 Content-Type: text/html | clean |
http://xpressioninternational.us/portfolio/international/ | 200 OK Content-Length: 27930 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: xpressioninternational.us
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 29 Jul 2015 21:13:12 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=e729cfbbb8bd3eeb9c8ecf68ea8c6ed6; path=/
X-Pingback: http://xpressioninternational.us/xmlrpc.php
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: xpressioninternational.us
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 29 Jul 2015 21:13:12 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=e729cfbbb8bd3eeb9c8ecf68ea8c6ed6; path=/
X-Pingback: http://xpressioninternational.us/xmlrpc.php
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: xpressioninternational.us
Referer: http://www.google.com/search?q=xpressioninternational.us
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: xpressioninternational.us
Referer: http://www.google.com/search?q=xpressioninternational.us
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=xpressioninternational.us
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://xpressioninternational.us/
Result: xpressioninternational.us is not infected or malware details are not published yet.
Result: xpressioninternational.us is not infected or malware details are not published yet.