Scanned pages/files
Request | Server response | Status |
http://nextroundrobin.com/ | 200 OK Content-Length: 439 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: ./Hacked By 1337MiR | White Hat Hacker <html><head>
<title>./Hacked By 1337MiR | White Hat Hacker </title> <body> Hi there, <br>your website security is very weak. fix your website security issue. update all outdated software, themes, module and plugins. <br>contact: mir@1337mir.com <br><br> cheers<br> mir </body> <embed src="http://www.youtube.com/v/14iOfprWMX4&autoplay=1" type="application/x-shockwave-flash" wmode=show width=1 height=1></embed> </html> | ||
http://nextroundrobin.com/test404page.js | 200 OK Content-Length: 439 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: nextroundrobin.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=0, no-store
Connection: close
Date: Thu, 19 Jun 2014 17:10:06 GMT
Accept-Ranges: bytes
ETag: "1b7-4fbce13f55f1c"
Server: Apache
Vary: Accept-Encoding
Content-Length: 439
Content-Type: text/html
Last-Modified: Sat, 14 Jun 2014 16:13:43 GMT
...439 bytes of data.
GET / HTTP/1.1
Host: nextroundrobin.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=0, no-store
Connection: close
Date: Thu, 19 Jun 2014 17:10:06 GMT
Accept-Ranges: bytes
ETag: "1b7-4fbce13f55f1c"
Server: Apache
Vary: Accept-Encoding
Content-Length: 439
Content-Type: text/html
Last-Modified: Sat, 14 Jun 2014 16:13:43 GMT
...439 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: nextroundrobin.com
Referer: http://www.google.com/search?q=nextroundrobin.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: nextroundrobin.com
Referer: http://www.google.com/search?q=nextroundrobin.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=nextroundrobin.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://nextroundrobin.com/
Result: nextroundrobin.com is not infected or malware details are not published yet.
Result: nextroundrobin.com is not infected or malware details are not published yet.