Scanned pages/files
Request | Server response | Status |
http://www.romedicaltravel.ro/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Thu, 21 Aug 2014 02:33:20 GMT Pragma: no-cache Location: http://romedicaltravel.ro/ Server: nginx admin Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 14 Aug 2014 02:33:19 GMT Last-Modified: Thu, 21 Aug 2014 02:33:19 GMT Set-Cookie: qtrans_cookie_test=qTranslate+Cookie+Test; path=/; domain=www.romedicaltravel.ro X-Cache: HIT from Backend X-Pingback: http://romedicaltravel.ro/xmlrpc.php X-Powered-By: PHP/5.2.17 | clean |
http://romedicaltravel.ro/ | 200 OK Content-Length: 2609 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by JingkLong <html> <head> <meta name="description" content="Hacked by JingkLong"> <link rel="SHORTCUT ICON" href="http://www.paper-machinery.com/flags/Indonesia.gif"> <link href='http://fonts.googleapis.com/css?family=Pirata+One' rel='stylesheet' type='text/css'> <title>Hacked By JingkLong</title> <style type="text/css"> .style6 {font-family: Courier New; font-size: xx-small; } </style> <style type="text/css">body, a:hover {curs ...[2556 bytes skipped]... | ||
http://romedicaltravel.ro/test404page.js | 404 Not Found Content-Length: 2609 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: romedicaltravel.ro
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Date: Thu, 21 Aug 2014 02:33:20 GMT
Pragma: no-cache
Server: nginx admin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 14 Aug 2014 02:33:20 GMT
Last-Modified: Thu, 21 Aug 2014 02:33:20 GMT
Set-Cookie: qtrans_cookie_test=qTranslate+Cookie+Test; path=/; domain=romedicaltravel.ro
X-Cache: HIT from Backend
X-Pingback: http://romedicaltravel.ro/xmlrpc.php
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: romedicaltravel.ro
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Date: Thu, 21 Aug 2014 02:33:20 GMT
Pragma: no-cache
Server: nginx admin
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 14 Aug 2014 02:33:20 GMT
Last-Modified: Thu, 21 Aug 2014 02:33:20 GMT
Set-Cookie: qtrans_cookie_test=qTranslate+Cookie+Test; path=/; domain=romedicaltravel.ro
X-Cache: HIT from Backend
X-Pingback: http://romedicaltravel.ro/xmlrpc.php
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: romedicaltravel.ro
Referer: http://www.google.com/search?q=romedicaltravel.ro
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: romedicaltravel.ro
Referer: http://www.google.com/search?q=romedicaltravel.ro
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=romedicaltravel.ro
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://romedicaltravel.ro/
Result: romedicaltravel.ro is not infected or malware details are not published yet.
Result: romedicaltravel.ro is not infected or malware details are not published yet.