Scanned pages/files
Request | Server response | Status |
http://thehackerway.co/ | 200 OK Content-Length: 46856 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://assets.tumblr.com/assets/html/iframe/teaser.html?_v=0d37994445d67296c1c5ffea020e7fd9#src=http%3a%2f%2fthehackerway.co%2f&lang=en_us&name=brunobar79&avatar=http%3a%2f%2f38.media.tumblr.com%2favatar_910b94d8e4d3_64.png&title=the+hacker+way&url=http%3a%2f%2fthehackerway.co%2f&page_slide=slide <iframe scrolling="no" frameborder="0" src="http://assets.tumblr.com/assets/html/iframe/teaser.html?_v=0d37994445d67296c1c5ffea020e7fd9#src=http%3a%2f%2fthehackerway.co%2f&lang=en_us&name=brunobar79&avatar=http%3a%2f%2f38.media.tumblr.com%2favatar_910b94d8e4d3_64.png&title=the+hacker+way&url=http%3a%2f%2fthehackerway.co%2f&page_slide=slide" id="teaser_iframe" width="1" height="1"> Deface/Content modification. The following signature was found: . Hacked by ...[41665 bytes skipped]... </div> </div> <div class="clear"></div> </div> <div id="footer"> <div class="footer-center"><a href="http://thehackerway.co/rss">Subscribe via RSS</a>. Designed by <a href="http://www.sleepoversf.com/">Sleepover</a>. Hacked by <a href='http://about.me/brunobar79'>me</a></div> </div> </div> <script type="text/javascript"> //<![CDATA[ (function() { var links = document.getElementsByTagName('a'); var query = '?'; for(var i = 0; i < links.length; i++) { if(links[i].href.indexOf('#disqus_thread') ...[12274 bytes skipped]... | ||
http://assets.tumblr.com/assets/scripts/pre_tumblelog.js?_v=75ff60d174af47d7ea271d82d4fe1151 | 200 OK Content-Length: 3361 Content-Type: application/javascript | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1/jquery.js | 200 OK Content-Length: 282766 Content-Type: text/javascript | clean |
http://assets.tumblr.com/assets/scripts/tumblelog.js?_v=a4169182721d644dacd145af89115b95 | 200 OK Content-Length: 44895 Content-Type: application/javascript | clean |
http://thehackerway.co//s3.amazonaws.com/opportunityco/proud/proud.js/ | 404 Not Found Content-Length: 30295 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://assets.tumblr.com/assets/html/iframe/teaser.html?_v=0d37994445d67296c1c5ffea020e7fd9#src=http%3a%2f%2fthehackerway.co%2f%2fs3.amazonaws.com%2fopportunityco%2fproud%2fproud.js%2f&lang=en_us&name=brunobar79&avatar=http%3a%2f%2f38.media.tumblr.com%2favatar_910b94d8e4d3_64.png&title=the+hacker+way&url=http%3a%2f%2fthehackerway.co%2f&page_slide=slide <iframe scrolling="no" frameborder="0" src="http://assets.tumblr.com/assets/html/iframe/teaser.html?_v=0d37994445d67296c1c5ffea020e7fd9#src=http%3a%2f%2fthehackerway.co%2f%2fs3.amazonaws.com%2fopportunityco%2fproud%2fproud.js%2f&lang=en_us&name=brunobar79&avatar=http%3a%2f%2f38.media.tumblr.com%2favatar_910b94d8e4d3_64.png&title=the+hacker+way&url=http%3a%2f%2fthehackerway.co%2f&page_slide=slide" id="teaser_iframe" width="1" height="1"> | ||
http://disqus.com/forums/thehackerway/embed.js | HTTP/1.1 302 Found Cache-Control: public, max-age=3600 Connection: close Date: Fri, 26 Jun 2015 23:46:09 GMT Accept-Ranges: bytes Location: https://thehackerway.disqus.com/embed.js Server: Varnish Content-Length: 0 | clean |
https://thehackerway.disqus.com/embed.js | HTTP/1.1 302 Found Cache-Control: public, max-age=3600 Connection: close Date: Fri, 26 Jun 2015 23:46:09 GMT Accept-Ranges: bytes Location: https://a.disquscdn.com/embed.js Server: Varnish Content-Length: 0 | clean |
https://a.disquscdn.com/embed.js | 200 OK Content-Length: 43475 Content-Type: application/javascript | clean |
http://assets.tumblr.com/assets/scripts/vendor/yahoo/rapid-3.29.js?_v=eba0b54ceda4a58e0c1ee32920e5bc09 | 200 OK Content-Length: 53393 Content-Type: application/javascript | clean |
http://assets.tumblr.com/assets/scripts/vendor/yahoo/rapidworker-1.2.js?_v=2c11d5915df4de9216a0aae5988fad84 | 200 OK Content-Length: 16395 Content-Type: application/javascript | clean |
http://thehackerway.co/rss | 200 OK Content-Length: 12184 Content-Type: text/xml | clean |
http://thehackerway.co/test404page.js | 404 Not Found Content-Length: 30094 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://assets.tumblr.com/assets/html/iframe/teaser.html?_v=0d37994445d67296c1c5ffea020e7fd9#src=http%3a%2f%2fthehackerway.co%2ftest404page.js&lang=en_us&name=brunobar79&avatar=http%3a%2f%2f38.media.tumblr.com%2favatar_910b94d8e4d3_64.png&title=the+hacker+way&url=http%3a%2f%2fthehackerway.co%2f&page_slide=slide <iframe scrolling="no" frameborder="0" src="http://assets.tumblr.com/assets/html/iframe/teaser.html?_v=0d37994445d67296c1c5ffea020e7fd9#src=http%3a%2f%2fthehackerway.co%2ftest404page.js&lang=en_us&name=brunobar79&avatar=http%3a%2f%2f38.media.tumblr.com%2favatar_910b94d8e4d3_64.png&title=the+hacker+way&url=http%3a%2f%2fthehackerway.co%2f&page_slide=slide" id="teaser_iframe" width="1" height="1"> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: thehackerway.co
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 26 Jun 2015 23:46:07 GMT
Vary: X-UA-Device
Content-Type: text/html; charset=utf-8
Link: <http://38.media.tumblr.com/avatar_910b94d8e4d3_128.png>; rel=icon
P3P: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
X-Tumblr-Pixel: 2
X-Tumblr-Pixel-0: http://px.srvcs.tumblr.com/impixu?T=1435362367&J=eyJ0eXBlIjoidXJsIiwidXJsIjoiaHR0cDpcL1wvdGhlaGFja2Vyd2F5LmNvXC8iLCJyZXF0eXBlIjowLCJyb3V0ZSI6IlwvIn0=&U=KFEAIGPOFF&K=1b715bdf5c45015f32867173fe507dd3ab79d2eae7753ccc021a639723720d67--http://px.srvcs.tumblr.com/impixu?T=1435362367&J=eyJ0eXBlIjoicG9zdCIsInVybCI6Imh0dHA6XC9cL3RoZWhhY2tlcndheS5jb1wvIiwicmVxdHlwZSI6MCwicm91dGUiOiJcLyIsInBvc3RzIjpbeyJwb3N0aWQiOiI0MTg1MDgxMzkzNyIsImJsb2dpZCI6IjQ4OTU1NDc0Iiwic291cmNlIjozM30seyJwb3N0aWQiOiIzNTM3OD
X-Tumblr-Pixel-1: E0ODIwMyIsImJsb2dpZCI6IjQ4OTU1NDc0Iiwic291cmNlIjozM30seyJwb3N0aWQiOiIyMTQwNTIxMjI1NiIsImJsb2dpZCI6IjQ4OTU1NDc0Iiwic291cmNlIjozM30seyJwb3N0aWQiOiIxOTc1MTE4Nzc4NSIsImJsb2dpZCI6IjQ4OTU1NDc0Iiwic291cmNlIjozM30seyJwb3N0aWQiOiIxOTY1MjMzODM0MCIsImJsb2dpZCI6IjQ4OTU1NDc0Iiwic291cmNlIjozM30seyJwb3N0aWQiOiIxOTY0OTYwODg4MyIsImJsb2dpZCI6IjQ4OTU1NDc0Iiwic291cmNlIjozM31dfQ==&U=BOJKIBPLII&K=7e214e82bcb7f4e253a0c57ffeb8271214102ff97cf0b917171c94a4e917c755
X-Tumblr-User: brunobar79
X-UA-Compatible: IE=Edge,chrome=1
X-UA-Device: desktop
GET / HTTP/1.1
Host: thehackerway.co
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 26 Jun 2015 23:46:07 GMT
Vary: X-UA-Device
Content-Type: text/html; charset=utf-8
Link: <http://38.media.tumblr.com/avatar_910b94d8e4d3_128.png>; rel=icon
P3P: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
X-Tumblr-Pixel: 2
X-Tumblr-Pixel-0: http://px.srvcs.tumblr.com/impixu?T=1435362367&J=eyJ0eXBlIjoidXJsIiwidXJsIjoiaHR0cDpcL1wvdGhlaGFja2Vyd2F5LmNvXC8iLCJyZXF0eXBlIjowLCJyb3V0ZSI6IlwvIn0=&U=KFEAIGPOFF&K=1b715bdf5c45015f32867173fe507dd3ab79d2eae7753ccc021a639723720d67--http://px.srvcs.tumblr.com/impixu?T=1435362367&J=eyJ0eXBlIjoicG9zdCIsInVybCI6Imh0dHA6XC9cL3RoZWhhY2tlcndheS5jb1wvIiwicmVxdHlwZSI6MCwicm91dGUiOiJcLyIsInBvc3RzIjpbeyJwb3N0aWQiOiI0MTg1MDgxMzkzNyIsImJsb2dpZCI6IjQ4OTU1NDc0Iiwic291cmNlIjozM30seyJwb3N0aWQiOiIzNTM3OD
X-Tumblr-Pixel-1: E0ODIwMyIsImJsb2dpZCI6IjQ4OTU1NDc0Iiwic291cmNlIjozM30seyJwb3N0aWQiOiIyMTQwNTIxMjI1NiIsImJsb2dpZCI6IjQ4OTU1NDc0Iiwic291cmNlIjozM30seyJwb3N0aWQiOiIxOTc1MTE4Nzc4NSIsImJsb2dpZCI6IjQ4OTU1NDc0Iiwic291cmNlIjozM30seyJwb3N0aWQiOiIxOTY1MjMzODM0MCIsImJsb2dpZCI6IjQ4OTU1NDc0Iiwic291cmNlIjozM30seyJwb3N0aWQiOiIxOTY0OTYwODg4MyIsImJsb2dpZCI6IjQ4OTU1NDc0Iiwic291cmNlIjozM31dfQ==&U=BOJKIBPLII&K=7e214e82bcb7f4e253a0c57ffeb8271214102ff97cf0b917171c94a4e917c755
X-Tumblr-User: brunobar79
X-UA-Compatible: IE=Edge,chrome=1
X-UA-Device: desktop
Second query (visit from search engine):
GET / HTTP/1.1
Host: thehackerway.co
Referer: http://www.google.com/search?q=thehackerway.co
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: thehackerway.co
Referer: http://www.google.com/search?q=thehackerway.co
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=thehackerway.co
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://thehackerway.co/
Result: thehackerway.co is not infected or malware details are not published yet.
Result: thehackerway.co is not infected or malware details are not published yet.