Scanned pages/files
Request | Server response | Status |
http://ultimatebreweries.com/ | 200 OK Content-Length: 17144 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Ceo (mcgbg) turkhackteam.net <html> <title> T.Y.H.T </title> <body> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Hacked By Ceo (mcgbg) turkhackteam.net</title> <script type="text/javascript" SRC="http://www.sezerguven.com/ceo/js/jquery-1.11.1.min.js"></script> <script type="text/javascript" SRC="http://www.sezerguven.com/ceo/js/jquery.vibrate.js"></script> <script type="text/javascript" SRC="http://www.sezerguven.com/ceo/js/jquery.jticker.js"></script> <style type="text/css"> </style> <div ...[19378 bytes skipped]... | ||
http://www.sezerguven.com/ceo/js/jquery-1.11.1.min.js | 200 OK Content-Length: 7279 Content-Type: text/html | clean |
http://code.jquery.com/jquery-latest.min.js | 200 OK Content-Length: 95786 Content-Type: application/x-javascript | clean |
http://www.sezerguven.com/js/standard.js?rte=1&tm=2&dn=sezerguven.com&tid=1020 | 200 OK Content-Length: 1297 Content-Type: text/javascript | clean |
http://www.sezerguven.com/js/google_caf.js?rte=1&tm=2&dn=sezerguven.com&tid=1020 | 200 OK Content-Length: 9155 Content-Type: text/javascript | clean |
http://www.google.com/adsense/domains/caf.js | 200 OK Content-Length: 258 Content-Type: text/javascript | clean |
http://www.sezerguven.com/renewal.aspx | 200 OK Content-Length: 1716 Content-Type: text/html | clean |
http://www.sezerguven.com/test404page.js | 200 OK Content-Length: 7264 Content-Type: text/html | clean |
http://www.sezerguven.com/ceo/js/jquery.vibrate.js | 200 OK Content-Length: 7275 Content-Type: text/html | clean |
http://www.sezerguven.com/ceo/js/jquery.jticker.js | 200 OK Content-Length: 7275 Content-Type: text/html | clean |
http://ultimatebreweries.com/renewal.aspx | 200 OK Content-Length: 17144 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ultimatebreweries.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 09 Oct 2014 03:26:09 GMT
Server: nginx/1.6.2
Content-Type: text/html
GET / HTTP/1.1
Host: ultimatebreweries.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 09 Oct 2014 03:26:09 GMT
Server: nginx/1.6.2
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: ultimatebreweries.com
Referer: http://www.google.com/search?q=ultimatebreweries.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ultimatebreweries.com
Referer: http://www.google.com/search?q=ultimatebreweries.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ultimatebreweries.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ultimatebreweries.com/
Result: ultimatebreweries.com is not infected or malware details are not published yet.
Result: ultimatebreweries.com is not infected or malware details are not published yet.