Scanned pages/files
Request | Server response | Status |
http://1breastup.com/ | 200 OK Content-Length: 7643 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by Krad Xin <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-7" /> <title> Hacked by Krad Xin</title> <meta name="keywords" content="è±è¸,æè¡,ãã¹ãã¢ãã,è¸,å¸å¼,èèª" /> <meta name="description" content="è±è¸æè¡ãããã«ã§ãããã¹ãï¼è¸ï¼ã¢ããæ³ã¨ã¯ï¼è¸ã¯èèªã§ãï¼" /> <link rel="stylesheet" href="http://1breastup.com/wp-content/themes/twentyeleven/style.css" type="text/css" media="screen" /> <link rel="alternate" type=" ...[9035 bytes skipped]... | ||
http://1breastup.com/magazine | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 07 Sep 2014 18:23:24 GMT Location: http://1breastup.com/magazine/ Server: Apache Vary: Accept-Encoding Content-Length: 238 Content-Type: text/html; charset=iso-8859-1 | clean |
http://1breastup.com/magazine/ | 200 OK Content-Length: 4122 Content-Type: text/html | clean |
http://1breastup.com/test404page.js | 404 Not Found Content-Length: 8453 Content-Type: text/html | clean |
http://js.ad-stir.com/js/adstir.js?20130527 | 200 OK Content-Length: 13264 Content-Type: application/x-javascript | clean |
http://spdeliverp.i-mobile.co.jp/script/ads_premium.js?20111025 | 200 OK Content-Length: 4229 Content-Type: application/x-javascript | clean |
http://1breastup.com/?p=6 | 200 OK Content-Length: 8394 Content-Type: text/html | clean |
http://1breastup.com/breastup.html | HTTP/1.1 200 OK Connection: close Date: Sun, 07 Sep 2014 18:23:28 GMT Accept-Ranges: bytes ETag: "9428d75-7e-22072a00" Server: Apache Vary: Accept-Encoding Content-Length: 126 Content-Type: text/html Last-Modified: Sun, 14 Oct 2012 00:38:00 GMT X-Pad: avoid browser bug | clean |
http://www.infotop.jp/click.php?aid=111497&iid=40954 | HTTP/1.1 302 Found Connection: close Date: Sun, 07 Sep 2014 18:23:29 GMT Location: /click.php?aid=111497&iid=40954&delfalg=1 Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=EUC-JP Set-Cookie: CAFI_TAB_ID_I=deleted; expires=Sat, 07-Sep-2013 18:23:28 GMT Set-Cookie: ClickTime=deleted; expires=Sat, 07-Sep-2013 18:23:28 GMT Set-Cookie: CPRIVILEGE_TAB_ID_I=deleted; expires=Sat, 07-Sep-2013 18:23:28 GMT Set-Cookie: CSITE_ID_TXT=deleted; expires=Sat, 07-Sep-2013 18:23:28 GMT Set-Cookie: PREV_CLICK_TIME=deleted; expires=Sat, 07-Sep-2013 18:23:28 GMT | clean |
http://www.infotop.jp/click.php?aid=111497&iid=40954&delfalg=1 | HTTP/1.1 302 Found Connection: close Date: Sun, 07 Sep 2014 18:23:29 GMT Location: /click_save.php?aid=111497&iid=40954 Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=EUC-JP Set-Cookie: CAFI_TAB_ID_I=deleted; expires=Sat, 07-Sep-2013 18:23:28 GMT; path=/; domain=www.infotop.jp Set-Cookie: ClickTime=deleted; expires=Sat, 07-Sep-2013 18:23:28 GMT; path=/; domain=www.infotop.jp Set-Cookie: CPRIVILEGE_TAB_ID_I=deleted; expires=Sat, 07-Sep-2013 18:23:28 GMT; path=/; domain=www.infotop.jp Set-Cookie: CSITE_ID_TXT=deleted; expires=Sat, 07-Sep-2013 18:23:28 GMT; path=/; domain=www.infotop.jp Set-Cookie: PREV_CLICK_TIME=deleted; expires=Sat, 07-Sep-2013 18:23:28 GMT; path=/; domain=www.infotop.jp Set-Cookie: CAFI_TAB_ID_I=deleted; expires=Sat, 07-Sep-2013 18:23:28 GMT; path=/; domain=.infotop.jp Set-Cookie: ClickTime=deleted; expires=Sat, 07-Sep-2013 18:23:28 GMT; path=/; domain=.infotop.jp Set-Cookie: CPRIVILEGE_TAB_ID_I=deleted; expires=Sat, 07-Sep-2013 18:23:28 GMT; path=/; domain=.infotop.jp Set-Cookie: CSITE_ID_TXT=deleted; expires=Sat, 07-Sep-2013 18:23:28 GMT; path=/; domain=.infotop.jp Set-Cookie: PREV_CLICK_TIME=deleted; expires=Sat, 07-Sep-2013 18:23:28 GMT; path=/; domain=.infotop.jp Set-Cookie: CAFI_TAB_ID_I=deleted; expires=Sat, 07-Sep-2013 18:23:28 GMT; path=/ Set-Cookie: ClickTime=deleted; expires=Sat, 07-Sep-2013 18:23:28 GMT; path=/ Set-Cookie: CPRIVILEGE_TAB_ID_I=deleted; expires=Sat, 07-Sep-2013 18:23:28 GMT; path=/ Set-Cookie: CSITE_ID_TXT=deleted; expires=Sat, 07-Sep-2013 18:23:28 GMT; path=/ Set-Cookie: PREV_CLICK_TIME=deleted; expires=Sat, 07-Sep-2013 18:23:28 GMT; path=/ | clean |
http://www.infotop.jp/click_save.php?aid=111497&iid=40954 | HTTP/1.1 302 Found Connection: close Date: Sun, 07 Sep 2014 18:23:30 GMT Location: http://bustuprun.com Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=EUC-JP Set-Cookie: ClickTime=1410114210; expires=Tue, 07-Oct-2014 18:23:30 GMT; path=/ Set-Cookie: CAFI_TAB_ID_I=111497; expires=Tue, 07-Oct-2014 18:23:30 GMT; path=/ Set-Cookie: CSITE_ID_TXT=deleted; expires=Sat, 07-Sep-2013 18:23:29 GMT; path=/ Set-Cookie: CPRIVILEGE_TAB_ID_I=deleted; expires=Sat, 07-Sep-2013 18:23:29 GMT; path=/ Set-Cookie: PREV_CLICK_TIME=interval; expires=Sun, 07-Sep-2014 18:23:40 GMT; path=/ | clean |
http://bustuprun.com/ | 200 OK Content-Length: 102043 Content-Type: text/html | clean |
http://bustuprun.com/toku.html | 200 OK Content-Length: 486 Content-Type: text/html | clean |
http://1breastup.com/?p=32 | 200 OK Content-Length: 9277 Content-Type: text/html | clean |
http://1breastup.com/?cat=3 | 200 OK Content-Length: 3009 Content-Type: text/html | clean |
http://1breastup.com/led/ | 200 OK Content-Length: 22668 Content-Type: text/html | clean |
http://1breastup.com/led/category/0/?c=0&p=1 | 200 OK Content-Length: 19172 Content-Type: text/html | clean |
http://1breastup.com/led/category/0/./?c=0&p=2 | 200 OK Content-Length: 18881 Content-Type: text/html | clean |
http://1breastup.com/led/category/0/./?c=0&p=1 | 200 OK Content-Length: 19172 Content-Type: text/html | clean |
http://1breastup.com/led/category/0/././?c=0&p=2 | 200 OK Content-Length: 18881 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 1breastup.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 07 Sep 2014 18:23:22 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-7
X-Pingback: http://1breastup.com/xmlrpc.php
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: 1breastup.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 07 Sep 2014 18:23:22 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-7
X-Pingback: http://1breastup.com/xmlrpc.php
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: 1breastup.com
Referer: http://www.google.com/search?q=1breastup.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 1breastup.com
Referer: http://www.google.com/search?q=1breastup.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=1breastup.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://1breastup.com/
Result: 1breastup.com is not infected or malware details are not published yet.
Result: 1breastup.com is not infected or malware details are not published yet.