Scanned pages/files
| Request | Server response | Status |
http://kentuckyrepackaging.com/ | 200 OK Content-Length: 10083 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: hacked by ahor4 ...[9186 bytes skipped]... ial size=2><br><center> <FONT size="2"><FONT face="arial, helvetica, sans-serif" color="#000000"></b> <center><table id="mainContent" cellpadding=10 cellspacing=0 width=560 HEIGHT=200 style="border: 0px solid #000000;"><tr><td> <html><head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> <title>hacked by ahor4</title> <style type="text/css"> <!-- .style1 { color: #FFFFFF; font-family: Arial, Helvetica, sans-serif; font-size: 18px; } .style4 {font-size: 12px} a:link { color: #FF0000; text-decoration: none; } a:visited { text-decoration: none; } a:hover { text-decoration: none; } a:active { text-decoration: none; } .style5 {color: #FF0000} --> ...[2279 bytes skipped]... | ||
http://kentuckyrepackaging.com/../scripts/highlight.js | 400 Bad Request Content-Length: 509 Content-Type: text/html | clean |
http://kentuckyrepackaging.com/test404page.js | 404 Not Found Content-Length: 493 Content-Type: text/html | clean |
http://kentuckyrepackaging.com/AC_RunActiveContent.js | 404 Not Found Content-Length: 501 Content-Type: text/html | clean |
http://kentuckyrepackaging.com/js/prototype.js | 404 Not Found Content-Length: 494 Content-Type: text/html | clean |
http://kentuckyrepackaging.com/js/scriptaculous.js?load=effects,builder | 404 Not Found Content-Length: 519 Content-Type: text/html | clean |
http://kentuckyrepackaging.com/js/lightbox.js | 404 Not Found Content-Length: 493 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: kentuckyrepackaging.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 25 Jul 2015 09:21:11 GMT
Pragma: no-cache
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.17
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=79659227dc14dd40744c4be85e716b3e; path=/
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: kentuckyrepackaging.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 25 Jul 2015 09:21:11 GMT
Pragma: no-cache
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.17
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=79659227dc14dd40744c4be85e716b3e; path=/
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: kentuckyrepackaging.com
Referer: http://www.google.com/search?q=kentuckyrepackaging.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: kentuckyrepackaging.com
Referer: http://www.google.com/search?q=kentuckyrepackaging.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=kentuckyrepackaging.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://kentuckyrepackaging.com/
Result: kentuckyrepackaging.com is not infected or malware details are not published yet.
Result: kentuckyrepackaging.com is not infected or malware details are not published yet.