Scanned pages/files
Request | Server response | Status |
http://cooperthomas.net/ | 200 OK Content-Length: 552 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By MR . HOSSEIN <!DOCTYPE html>
<html><head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <meta charset="utf-8"> <title>Hacked By MR . HOSSEIN</title> </head> <body bgcolor="#000000"> <center> <p style="font-size: 50px; color: #FFF;">! Hacked By MR . HOSSEIN !</p> <p style="font-size: 45px; color: #FFF;">! Security IS LOW !</p> <p style="font-size: 45px; color: #FFF;">! And We Are Iranian HackerS !</p> <p style="font-size: 36px; color: #FFF;"> hossein.blackhat@gmail.com </p> <p style="font-size: 36px; color: #FFF;"> | ||
http://cooperthomas.net/test404page.js | 404 Not Found Content-Length: 15369 Content-Type: text/html | clean |
http://cooper-thomas.com/wp-content/cache/minify/000000/M9bPKixNLarUMYYydHMz04sSS1L1cjPzAA.js?223e5e | 200 OK Content-Length: 103122 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: cooperthomas.net
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=3600, public
Connection: close
Date: Thu, 29 Jan 2015 02:36:33 GMT
Pragma: public
Accept-Ranges: bytes
ETag: "228-50db4db859380"
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Length: 552
Content-Type: text/html
Expires: Thu, 29 Jan 2015 03:36:33 GMT
Last-Modified: Wed, 28 Jan 2015 11:41:51 GMT
...552 bytes of data.
GET / HTTP/1.1
Host: cooperthomas.net
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=3600, public
Connection: close
Date: Thu, 29 Jan 2015 02:36:33 GMT
Pragma: public
Accept-Ranges: bytes
ETag: "228-50db4db859380"
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Length: 552
Content-Type: text/html
Expires: Thu, 29 Jan 2015 03:36:33 GMT
Last-Modified: Wed, 28 Jan 2015 11:41:51 GMT
...552 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: cooperthomas.net
Referer: http://www.google.com/search?q=cooperthomas.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: cooperthomas.net
Referer: http://www.google.com/search?q=cooperthomas.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=cooperthomas.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://cooperthomas.net/
Result: cooperthomas.net is not infected or malware details are not published yet.
Result: cooperthomas.net is not infected or malware details are not published yet.