Scanned pages/files
| Request | Server response | Status |
http://mixfriendship.com/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Tue, 08 Apr 2014 13:46:05 GMT Pragma: no-cache Location: http://www.mixfriendship.com/ Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-7 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=69b95182b4ba0bbb7a2faf3b42c173a5; path=/ Set-Cookie: wpsc_customer_cookie_479b42e1b6110e7375070c488da6032d=_gwR09fM2%26HA8%7C1397137566%7Ca8a5fdff234b5039a750a233dfc6cd6a; expires=Thu, 10-Apr-2014 13:46:06 GMT; path=/; httponly X-Pingback: http://www.mixfriendship.com/xmlrpc.php X-Powered-By: PHP/5.3.27 | clean |
http://www.mixfriendship.com/ | 200 OK Content-Length: 19435 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: AIg-Verdana+ACI size+AD0AIg-5+ACIAPgA8-strong+AD4-Hacked By Harun787878 TurkHackTeam.Net+ADw-/strong ...[353 bytes skipped]... set="UTF-7" /> <meta name="viewport" content="width=device-width" /> <title>+ADw-/title+AD4APA-a href+AD0AIg-http://adf.ly/V7HWI/+ACIAPg-Contact+ADw-/a+AD4 +ADw-div align+AD0AIg-center+ACIAPg +ADw-br /+AD4 +ADw-br /+AD4 +ADw-p align+AD0AIg-center+ACIAPg +ADw-font color+AD0AIgAj-666666+ACI face+AD0AIg-Verdana+ACI size+AD0AIg-5+ACIAPgA8-strong+AD4-Hacked By Harun787878 TurkHackTeam.Net+ADw-/strong+AD4APA-/font+AD4APA-/p+AD4 +ADw-a href+AD0AIg-http://adf.ly/V7HWI/+ACIAPg-Contact+ADw-/a+AD4 +ADw-p align+AD0AIg-center+ACIAPg +ACY-nbsp+ADsAPA-/p+AD4 +ADw-p align+AD0AIg-center+ACIAPg +ACY-nbsp+ADsAPA-/p+AD4 +ADw-/div+AD4 +ADw-center+AD4 +ADw-font color+AD0AIgAj-B22222+ACI face+AD0AIg-Tahoma+ACI size+AD0AIg-2+ACIAPgA8-strong+AD4APA-font color+AD0AIgAj-B22222+ACI face+AD0AIg-Tahoma+ACI ...[20330 bytes skipped]... | ||
http://www.mixfriendship.com/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 93128 Content-Type: application/javascript | clean |
http://www.mixfriendship.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://www.mixfriendship.com/wp-content/plugins/wp-e-commerce/wpsc-core/js/wp-e-commerce.js?ver=3.8.12.1.55f8cfa0d7 | 200 OK Content-Length: 31068 Content-Type: application/javascript | clean |
http://www.mixfriendship.com/index.php?wpsc_user_dynamic_js=true&ver=3.8.12.1.55f8cfa0d7 | 200 OK Content-Length: 1035 Content-Type: text/javascript | clean |
http://www.mixfriendship.com/wp-content/plugins/wp-e-commerce/wpsc-admin/js/jquery.livequery.js?ver=1.0.3 | 200 OK Content-Length: 6714 Content-Type: application/javascript | clean |
http://www.mixfriendship.com/wp-content/plugins/wp-e-commerce/wpsc-core/js/user.js?ver=3.8.12.155f8cfa0d7 | 200 OK Content-Length: 14672 Content-Type: application/javascript | clean |
http://www.mixfriendship.com/wp-content/plugins/wp-e-commerce/wpsc-core/js/thickbox.js?ver=Instinct_e-commerce | 200 OK Content-Length: 14444 Content-Type: application/javascript | clean |
http://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201415 | 200 OK Content-Length: 9168 Content-Type: application/x-javascript | clean |
http://www.mixfriendship.com/wp-content/themes/twentytwelve/js/navigation.js?ver=1.0 | 200 OK Content-Length: 863 Content-Type: application/javascript | clean |
http://mixfriendship.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: mixfriendship.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 08 Apr 2014 13:46:05 GMT
Pragma: no-cache
Location: http://www.mixfriendship.com/
Server: Apache
Content-Length: 0
Content-Type: text/html; charset=UTF-7
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=69b95182b4ba0bbb7a2faf3b42c173a5; path=/
Set-Cookie: wpsc_customer_cookie_479b42e1b6110e7375070c488da6032d=_gwR09fM2%26HA8%7C1397137566%7Ca8a5fdff234b5039a750a233dfc6cd6a; expires=Thu, 10-Apr-2014 13:46:06 GMT; path=/; httponly
X-Pingback: http://www.mixfriendship.com/xmlrpc.php
X-Powered-By: PHP/5.3.27
...0 bytes of data.
GET / HTTP/1.1
Host: mixfriendship.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 08 Apr 2014 13:46:05 GMT
Pragma: no-cache
Location: http://www.mixfriendship.com/
Server: Apache
Content-Length: 0
Content-Type: text/html; charset=UTF-7
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=69b95182b4ba0bbb7a2faf3b42c173a5; path=/
Set-Cookie: wpsc_customer_cookie_479b42e1b6110e7375070c488da6032d=_gwR09fM2%26HA8%7C1397137566%7Ca8a5fdff234b5039a750a233dfc6cd6a; expires=Thu, 10-Apr-2014 13:46:06 GMT; path=/; httponly
X-Pingback: http://www.mixfriendship.com/xmlrpc.php
X-Powered-By: PHP/5.3.27
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: mixfriendship.com
Referer: http://www.google.com/search?q=mixfriendship.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: mixfriendship.com
Referer: http://www.google.com/search?q=mixfriendship.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=mixfriendship.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://mixfriendship.com/
Result: mixfriendship.com is not infected or malware details are not published yet.
Result: mixfriendship.com is not infected or malware details are not published yet.