Scanned pages/files
Request | Server response | Status |
http://beermugmafia.com/ | 200 OK Content-Length: 7439 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HaCked By ...[5157 bytes skipped]... 8000">.</font>SP!<font color="#FF0000">DeR</font></font><span style="font-weight: bold; color: gold;"><font size="2">☆★</font></span></div> <div id="bv_Text1" style="position:absolute;left:435px;top:47px;width:283px;height:18px;z-index:11" align="left"> <font style="font-size:16px" color="#FFFFFF" face="Courier New">HaCked By </font> <font style="font-size:16px" color="#FFFFFF">SuDaN SeCuR!Ty TeAM</font></div> <div id="bv_Marquee1" style="position:absolute;left:43px;top:47px;width:349px;height:17px;background-color:#000000;z-index:12" align="left"> <marquee direction="left" height="17" scrolldelay="90" scrollamount="6" behavior="scroll" loop="0" style="background-color:#000000;" id="Marquee1"><font style="font-size:16px" color="#FFFFFF" face="Cou ...[3326 bytes skipped]... | ||
http://beermugmafia.com/test404page.js | 404 Not Found Content-Length: 1812 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: beermugmafia.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Sat, 27 Sep 2014 09:54:18 GMT
Pragma: private
Server: Apache/2.2.19 (Unix) mod_ssl/2.2.19 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Type: text/html; charset=ISO-8859-1
Set-Cookie: bbsessionhash=1f0ce811c5924825310a1b3465ce1d17; path=/; HttpOnly
Set-Cookie: bblastvisit=1411811658; expires=Sun, 27-Sep-2015 09:54:18 GMT; path=/
Set-Cookie: bblastactivity=0; expires=Sun, 27-Sep-2015 09:54:18 GMT; path=/
X-Powered-By: PHP/5.2.17
X-UA-Compatible: IE=7
GET / HTTP/1.1
Host: beermugmafia.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Sat, 27 Sep 2014 09:54:18 GMT
Pragma: private
Server: Apache/2.2.19 (Unix) mod_ssl/2.2.19 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Type: text/html; charset=ISO-8859-1
Set-Cookie: bbsessionhash=1f0ce811c5924825310a1b3465ce1d17; path=/; HttpOnly
Set-Cookie: bblastvisit=1411811658; expires=Sun, 27-Sep-2015 09:54:18 GMT; path=/
Set-Cookie: bblastactivity=0; expires=Sun, 27-Sep-2015 09:54:18 GMT; path=/
X-Powered-By: PHP/5.2.17
X-UA-Compatible: IE=7
Second query (visit from search engine):
GET / HTTP/1.1
Host: beermugmafia.com
Referer: http://www.google.com/search?q=beermugmafia.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: beermugmafia.com
Referer: http://www.google.com/search?q=beermugmafia.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=beermugmafia.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://beermugmafia.com/
Result: beermugmafia.com is not infected or malware details are not published yet.
Result: beermugmafia.com is not infected or malware details are not published yet.