Scanned pages/files
| Request | Server response | Status |
http://thbwcgroup.com/ | 200 OK Content-Length: 41248 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Saeed0511 & Saeed.jok3r From Iran FaceBook.com/Saeed.0511 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US"> <head profile="http://gmpg.org/xfn/11"> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <link rel="pingback" href="http://thbwcgroup.com/xmlrpc.php" /> <title>Hacked By Saeed0511 ...[46824 bytes skipped]... | ||
http://thbwcgroup.com/wp-includes/js/l10n.js?ver=20101110 | 200 OK Content-Length: 308 Content-Type: application/javascript | clean |
http://thbwcgroup.com/wp-includes/js/jquery/jquery.js?ver=1.6.1 | 200 OK Content-Length: 91363 Content-Type: application/javascript | clean |
http://thbwcgroup.com/wp-content/themes/suffusion/scripts/suffusion.js?ver=3.8.3 | 200 OK Content-Length: 16294 Content-Type: application/javascript | clean |
http://static.ak.fbcdn.net/connect.php/js/FB.Share | 200 OK Content-Length: 172404 Content-Type: application/x-javascript | clean |
http://thbwcgroup.com/wp-content/plugins/tweetmeme/button.js | 200 OK Content-Length: 3779 Content-Type: application/javascript | clean |
http://thbwcgroup.com/overview/ | 200 OK Content-Length: 27966 Content-Type: text/html | clean |
http://thbwcgroup.com/wp-includes/js/comment-reply.js?ver=20090102 | 200 OK Content-Length: 786 Content-Type: application/javascript | clean |
http://thbwcgroup.com/contact-us/ | 200 OK Content-Length: 27314 Content-Type: text/html | clean |
http://thbwcgroup.com/category/general-information/ | 200 OK Content-Length: 34218 Content-Type: text/html | clean |
http://thbwcgroup.com/category/workplace-safety/ | 200 OK Content-Length: 40069 Content-Type: text/html | clean |
http://thbwcgroup.com/2011/10/17/five-tips-for-keeping-young-workers-safe/ | 200 OK Content-Length: 36808 Content-Type: text/html | clean |
http://thbwcgroup.com/author/jennifer/ | 200 OK Content-Length: 40531 Content-Type: text/html | clean |
http://thbwcgroup.com/2011/10/11/making-safety-a-universal-language/ | 200 OK Content-Length: 33221 Content-Type: text/html | clean |
http://thbwcgroup.com/2011/10/ | 200 OK Content-Length: 37903 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: thbwcgroup.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 25 Jun 2015 18:50:07 GMT
Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Type: text/html; charset=UTF-8
X-Pingback: http://thbwcgroup.com/xmlrpc.php
X-Powered-By: PHP/5.3.10
GET / HTTP/1.1
Host: thbwcgroup.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 25 Jun 2015 18:50:07 GMT
Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Type: text/html; charset=UTF-8
X-Pingback: http://thbwcgroup.com/xmlrpc.php
X-Powered-By: PHP/5.3.10
Second query (visit from search engine):
GET / HTTP/1.1
Host: thbwcgroup.com
Referer: http://www.google.com/search?q=thbwcgroup.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: thbwcgroup.com
Referer: http://www.google.com/search?q=thbwcgroup.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=thbwcgroup.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://thbwcgroup.com/
Result: thbwcgroup.com is not infected or malware details are not published yet.
Result: thbwcgroup.com is not infected or malware details are not published yet.