Scanned pages/files
| Request | Server response | Status |
http://bakugas.com/ | 200 OK Content-Length: 164933 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: 14 Million Government Employee Records Hacked by China in Massive Data Breach ...[89474 bytes skipped]... _in_Massive_Data_Breach/p"><span class="fa fa-play-circle-o transparent_class"></span></a> <img src="http://i.ytimg.com/vi/7G2IP_382x0/0.jpg" alt=""> <div class="vc-meta"> <p class="pull-right"></p> </div> </div> <a href="http://article.wn.com/view/2015/07/10/215_million_affected_by_US_government_data_breach_blames_Chi/videos">14 Million Government Employee Records Hacked by China in Massive Data Breach</a> </div> <div class="rvl-item"> <div class="video-thumb"> <a href="http://wn.com/Massive_Federal_Data_Breach_US_Suspects_Chinese_Hackers_in_China_Behind_Government_Data_Breach/p"><span class="fa fa-play-circle-o transparent_class"></span></a> <img src="http://i.ytimg.com/vi/5IQgVUw_yvA/0.jpg" alt=""> <div class="vc-meta"> <p class="pull-right"></p> </div> </div ...[105611 bytes skipped]... | ||
http://cdn9.wn.com/vp/m/cd/199f5ee0962d2242db980c5b26970b.js | 200 OK Content-Length: 128818 Content-Type: application/javascript | clean |
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.1/js/bootstrap.min.js | 200 OK Content-Length: 35601 Content-Type: text/javascript | clean |
http://bakugas.com/test404page.js | 404 Not Found Content-Length: 955 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: bakugas.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache="set-cookie"
Connection: close
Date: Fri, 10 Jul 2015 20:46:06 GMT
Accept-Ranges: bytes
ETag: "5201b8-28445-51a8b721e4af0"
Server: Apache/2.2.22 (Debian)
Vary: Accept-Encoding
Content-Length: 164933
Content-Type: text/html
Last-Modified: Fri, 10 Jul 2015 20:45:00 GMT
Set-Cookie: wnTrk=wn.1436561166.309730.wnstatic1.25383.10207; domain=.bakugas.com; expires=Fri, 01-Jan-2038 12:34:00 GMT
...164933 bytes of data.
GET / HTTP/1.1
Host: bakugas.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache="set-cookie"
Connection: close
Date: Fri, 10 Jul 2015 20:46:06 GMT
Accept-Ranges: bytes
ETag: "5201b8-28445-51a8b721e4af0"
Server: Apache/2.2.22 (Debian)
Vary: Accept-Encoding
Content-Length: 164933
Content-Type: text/html
Last-Modified: Fri, 10 Jul 2015 20:45:00 GMT
Set-Cookie: wnTrk=wn.1436561166.309730.wnstatic1.25383.10207; domain=.bakugas.com; expires=Fri, 01-Jan-2038 12:34:00 GMT
...164933 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: bakugas.com
Referer: http://www.google.com/search?q=bakugas.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: bakugas.com
Referer: http://www.google.com/search?q=bakugas.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bakugas.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bakugas.com/
Result: bakugas.com is not infected or malware details are not published yet.
Result: bakugas.com is not infected or malware details are not published yet.