Scanned pages/files
Request | Server response | Status |
http://coppersan.com/ | 200 OK Content-Length: 3235 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Black Worm ...[237 bytes skipped]... a.swf " type=video/mp3> </video> <script type="text/javascript"></script><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/><meta name="keywords" content="Black Worm"><meta name="description" content="Black Worm"><script type="text/javascript"></script><script type="text/javascript"></script></head><title>Hacked By Black Worm</title><style type="text/css">--></style></head><body><div align="center"><script language="JavaScript1.2"></script><html><title></title></head><body bgcolor=black><center><img width=800 src="http://s13.postimg.org/mald1mmyf/received_10153688628297796.jpg"></center><font size='6' face=' One'style="color: green; text-shadow: 0px 1px 7px red";>Hacked By AnonCoders</f ...[2769 bytes skipped]... | ||
http://coppersan.com/test404page.js | 200 OK Content-Length: 3235 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: coppersan.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 08 Mar 2015 14:39:13 GMT
Server: Apache/2.0.54 (Fedora)
Content-Type: text/html
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: coppersan.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 08 Mar 2015 14:39:13 GMT
Server: Apache/2.0.54 (Fedora)
Content-Type: text/html
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: coppersan.com
Referer: http://www.google.com/search?q=coppersan.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: coppersan.com
Referer: http://www.google.com/search?q=coppersan.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=coppersan.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://coppersan.com/
Result: coppersan.com is not infected or malware details are not published yet.
Result: coppersan.com is not infected or malware details are not published yet.