Scanned pages/files
| Request | Server response | Status |
http://nihanakin.com/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Thu, 04 Sep 2014 03:18:41 GMT Pragma: no-cache Via: 1.1 varnish Age: 0 Location: http://www.nihanakin.com/ Server: nginx/1.4.4 Content-Type: text/html; charset=UTF-7 Magicmarker: 1 Set-Cookie: PHPSESSID=a46506c1616989c4195c37ee3ae43aa9; path=/ X-Cacheable: YES X-Pingback: http://www.nihanakin.com/xmlrpc.php X-Varnish: 2090635667 | clean |
http://www.nihanakin.com/ | 200 OK Content-Length: 1480 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by ...[581 bytes skipped]... om",d="/cdn-cgi/cl/",e="img.gif",f=new a;f.src=[b,c,d,e].join("")})(Image)}catch(e){}//]]></script> <div align="center"> <p class="style8"><br> </br></br></br></br></br> <img alt="http://i.hizliresim.com/wzRyqO.png" src="http://i.hizliresim.com/wzRyqO.png"></p> </font><font face="Tahoma"><br> <br> Hacked by <b> Ka4p3 - BlackDefacer78 <br> <br> </font><font face="Tahoma"> We"re alive, you freak out.</font></p> 2011 - RedHat<strong><font color="#FF0000">Z</font></strong></span><b><span class="style2"> Corporation</span></b><br/> </font><font face="Tahoma"><br> <span class="style3"> </span></p> </div> ...[579 bytes skipped]... | ||
http://www.nihanakin.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: nihanakin.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 04 Sep 2014 03:18:41 GMT
Pragma: no-cache
Via: 1.1 varnish
Age: 0
Location: http://www.nihanakin.com/
Server: nginx/1.4.4
Content-Type: text/html; charset=UTF-7
Magicmarker: 1
Set-Cookie: PHPSESSID=a46506c1616989c4195c37ee3ae43aa9; path=/
X-Cacheable: YES
X-Pingback: http://www.nihanakin.com/xmlrpc.php
X-Varnish: 2090635667
GET / HTTP/1.1
Host: nihanakin.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 04 Sep 2014 03:18:41 GMT
Pragma: no-cache
Via: 1.1 varnish
Age: 0
Location: http://www.nihanakin.com/
Server: nginx/1.4.4
Content-Type: text/html; charset=UTF-7
Magicmarker: 1
Set-Cookie: PHPSESSID=a46506c1616989c4195c37ee3ae43aa9; path=/
X-Cacheable: YES
X-Pingback: http://www.nihanakin.com/xmlrpc.php
X-Varnish: 2090635667
Second query (visit from search engine):
GET / HTTP/1.1
Host: nihanakin.com
Referer: http://www.google.com/search?q=nihanakin.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: nihanakin.com
Referer: http://www.google.com/search?q=nihanakin.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=nihanakin.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://nihanakin.com/
Result: nihanakin.com is not infected or malware details are not published yet.
Result: nihanakin.com is not infected or malware details are not published yet.