Scanned pages/files
| Request | Server response | Status |
http://khg-cr3w.org/ | 200 OK Content-Length: 118615 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://assets.tumblr.com/assets/html/iframe/teaser.html?_v=45631c19c03dbcf0e4dc673313d6c70d#src=http%3a%2f%2fkhg-cr3w.org%2f&lang=en_us&name=khgcr3w&brag=false&avatar=http%3a%2f%2f38.media.tumblr.com%2favatar_1120196d83cd_64.png&title=kosova+hackers+group&url=http%3a%2f%2fkhg-cr3w.org%2f&page_slide=slide <iframe scrolling="no" frameborder="0" src="http://assets.tumblr.com/assets/html/iframe/teaser.html?_v=45631c19c03dbcf0e4dc673313d6c70d#src=http%3a%2f%2fkhg-cr3w.org%2f&lang=en_us&name=khgcr3w&brag=false&avatar=http%3a%2f%2f38.media.tumblr.com%2favatar_1120196d83cd_64.png&title=kosova+hackers+group&url=http%3a%2f%2fkhg-cr3w.org%2f&page_slide=slide" id="teaser_iframe" width="1" height="1"> | ||
http://assets.tumblr.com/assets/scripts/pre_tumblelog.js?_v=4407ac63b04a974114891da19b333539 | 200 OK Content-Length: 3361 Content-Type: application/javascript | clean |
http://static.tumblr.com/x0ukhl9/fOqlwlc36/modernizr.custom.08999.js | 200 OK Content-Length: 6420 Content-Type: text/javascript | clean |
http://assets.tumblr.com/assets/scripts/tumblelog.js?_v=454fc1618d865ba96c0749de3c9277c9 | 200 OK Content-Length: 44937 Content-Type: application/javascript | clean |
http://khg-cr3w.org//ajax.googleapis.com/ajax/libs/jquery/1.6.4/jquery.min.js/ | 404 Not Found Content-Length: 26943 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://assets.tumblr.com/assets/html/iframe/teaser.html?_v=45631c19c03dbcf0e4dc673313d6c70d#src=http%3a%2f%2fkhg-cr3w.org%2f%2fajax.googleapis.com%2fajax%2flibs%2fjquery%2f1.6.4%2fjquery.min.js%2f&lang=en_us&name=khgcr3w&brag=false&avatar=http%3a%2f%2f38.media.tumblr.com%2favatar_1120196d83cd_64.png&title=kosova+hackers+group&url=http%3a%2f%2fkhg-cr3w.org%2f&page_slide=slide <iframe scrolling="no" frameborder="0" src="http://assets.tumblr.com/assets/html/iframe/teaser.html?_v=45631c19c03dbcf0e4dc673313d6c70d#src=http%3a%2f%2fkhg-cr3w.org%2f%2fajax.googleapis.com%2fajax%2flibs%2fjquery%2f1.6.4%2fjquery.min.js%2f&lang=en_us&name=khgcr3w&brag=false&avatar=http%3a%2f%2f38.media.tumblr.com%2favatar_1120196d83cd_64.png&title=kosova+hackers+group&url=http%3a%2f%2fkhg-cr3w.org%2f&page_slide=slide" id="teaser_iframe" width="1" height="1"> | ||
http://static.tumblr.com/x0ukhl9/NX8lwlc8w/jquery.killphotoset.js | 200 OK Content-Length: 2094 Content-Type: text/javascript | clean |
http://static.tumblr.com/x0ukhl9/NjTlwlcaq/jquery.fancybox.pack.js | 200 OK Content-Length: 15816 Content-Type: text/javascript | clean |
http://static.tumblr.com/x0ukhl9/QnBm0lso9/script-lite.js | 200 OK Content-Length: 5468 Content-Type: text/javascript | clean |
http://khg-cr3w.org/contact | 200 OK Content-Length: 27689 Content-Type: text/html | clean |
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js | 200 OK Content-Length: 93868 Content-Type: text/javascript | clean |
https://ajax.googleapis.com/ajax/libs/jqueryui/1.7.2/jquery-ui.min.js | 200 OK Content-Length: 186181 Content-Type: text/javascript | clean |
http://www.emailmeform.com/builder/js/dynamic.php?t=post&t2=0&use_CDN=true | 200 OK Content-Length: 205756 Content-Type: application/x-javascript | clean |
http://khg-cr3w.org/team | 200 OK Content-Length: 28160 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://assets.tumblr.com/assets/html/iframe/teaser.html?_v=45631c19c03dbcf0e4dc673313d6c70d#src=http%3a%2f%2fkhg-cr3w.org%2fteam&lang=en_us&name=khgcr3w&brag=false&avatar=http%3a%2f%2f38.media.tumblr.com%2favatar_1120196d83cd_64.png&title=kosova+hackers+group&url=http%3a%2f%2fkhg-cr3w.org%2f&page_slide=slide <iframe scrolling="no" frameborder="0" src="http://assets.tumblr.com/assets/html/iframe/teaser.html?_v=45631c19c03dbcf0e4dc673313d6c70d#src=http%3a%2f%2fkhg-cr3w.org%2fteam&lang=en_us&name=khgcr3w&brag=false&avatar=http%3a%2f%2f38.media.tumblr.com%2favatar_1120196d83cd_64.png&title=kosova+hackers+group&url=http%3a%2f%2fkhg-cr3w.org%2f&page_slide=slide" id="teaser_iframe" width="1" height="1"> | ||
http://khg-cr3w.org/logos | 200 OK Content-Length: 27048 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://assets.tumblr.com/assets/html/iframe/teaser.html?_v=45631c19c03dbcf0e4dc673313d6c70d#src=http%3a%2f%2fkhg-cr3w.org%2flogos&lang=en_us&name=khgcr3w&brag=false&avatar=http%3a%2f%2f38.media.tumblr.com%2favatar_1120196d83cd_64.png&title=kosova+hackers+group&url=http%3a%2f%2fkhg-cr3w.org%2f&page_slide=slide <iframe scrolling="no" frameborder="0" src="http://assets.tumblr.com/assets/html/iframe/teaser.html?_v=45631c19c03dbcf0e4dc673313d6c70d#src=http%3a%2f%2fkhg-cr3w.org%2flogos&lang=en_us&name=khgcr3w&brag=false&avatar=http%3a%2f%2f38.media.tumblr.com%2favatar_1120196d83cd_64.png&title=kosova+hackers+group&url=http%3a%2f%2fkhg-cr3w.org%2f&page_slide=slide" id="teaser_iframe" width="1" height="1"> | ||
http://khg-cr3w.org/portfolio | 200 OK Content-Length: 26920 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: khg-cr3w.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 30 Nov 2015 22:13:42 GMT
Vary: X-UA-Device
Content-Type: text/html; charset=utf-8
Link: <http://31.media.tumblr.com/avatar_1120196d83cd_128.png>; rel=icon
P3P: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
X-Tumblr-Pixel: 4
X-Tumblr-Pixel-0: http://px.srvcs.tumblr.com/impixu?T=1448921621&J=eyJ0eXBlIjoidXJsIiwidXJsIjoiaHR0cDpcL1wva2hnLWNyM3cub3JnXC8iLCJyZXF0eXBlIjowLCJyb3V0ZSI6IlwvIn0=&U=CALOOBBGGK&K=b1899c6b98e38c30dee498be25b9073dcb11674268afbe3b1521460a1d1b9015--http://px.srvcs.tumblr.com/impixu?T=1448921621&J=eyJ0eXBlIjoicG9zdCIsInVybCI6Imh0dHA6XC9cL2toZy1jcjN3Lm9yZ1wvIiwicmVxdHlwZSI6MCwicm91dGUiOiJcLyIsInBvc3RzIjpbeyJwb3N0aWQiOiIxMTAzODIxODQ5NDUiLCJibG9naWQiOiI1OTU4NDgwOSIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMjcxODIxOTY2Mz
X-Tumblr-Pixel-1: giLCJibG9naWQiOiI1OTU4NDgwOSIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMjUyODA2MjE2OTQiLCJibG9naWQiOiI1OTU4NDgwOSIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMjcyNTI2Mzg3NzAiLCJibG9naWQiOiI1OTU4NDgwOSIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMjcxODEwNjMyMDQiLCJibG9naWQiOiI1OTU4NDgwOSIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMjUyMjU3ODE5NTAiLCJibG9naWQiOiI1OTU4NDgwOSIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMjcxODE5MDMwNDciLCJibG9naWQiOiI1OTU4NDgwOSIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMjcxODA1ODczNzQiLCJibG9naWQiOiI1OTU4NDgwOSIsInNv
X-Tumblr-Pixel-2: dXJjZSI6MzN9LHsicG9zdGlkIjoiMjcxODE3NjY3MTMiLCJibG9naWQiOiI1OTU4NDgwOSIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMjUyODE0ODAyMDgiLCJibG9naWQiOiI1OTU4NDgwOSIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMjcxODIzNTI0MjEiLCJibG9naWQiOiI1OTU4NDgwOSIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMjUyODExODI5NDAiLCJibG9naWQiOiI1OTU4NDgwOSIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMjcxODI1MDAzMjEiLCJibG9naWQiOiI1OTU4NDgwOSIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMjUyODA3NjE4MTUiLCJibG9naWQiOiI1OTU4NDgwOSIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMjcxOD
X-Tumblr-Pixel-3: I2NDg1MzciLCJibG9naWQiOiI1OTU4NDgwOSIsInNvdXJjZSI6MzN9XX0=&U=LJJCNGFJDC&K=7b18654f2733dd31b2aa3e626353f1686fdfe93f19136fac9f2bfbd857e4677d
X-Tumblr-User: khgcr3w
X-UA-Compatible: IE=Edge,chrome=1
X-UA-Device: desktop
GET / HTTP/1.1
Host: khg-cr3w.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 30 Nov 2015 22:13:42 GMT
Vary: X-UA-Device
Content-Type: text/html; charset=utf-8
Link: <http://31.media.tumblr.com/avatar_1120196d83cd_128.png>; rel=icon
P3P: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
X-Tumblr-Pixel: 4
X-Tumblr-Pixel-0: http://px.srvcs.tumblr.com/impixu?T=1448921621&J=eyJ0eXBlIjoidXJsIiwidXJsIjoiaHR0cDpcL1wva2hnLWNyM3cub3JnXC8iLCJyZXF0eXBlIjowLCJyb3V0ZSI6IlwvIn0=&U=CALOOBBGGK&K=b1899c6b98e38c30dee498be25b9073dcb11674268afbe3b1521460a1d1b9015--http://px.srvcs.tumblr.com/impixu?T=1448921621&J=eyJ0eXBlIjoicG9zdCIsInVybCI6Imh0dHA6XC9cL2toZy1jcjN3Lm9yZ1wvIiwicmVxdHlwZSI6MCwicm91dGUiOiJcLyIsInBvc3RzIjpbeyJwb3N0aWQiOiIxMTAzODIxODQ5NDUiLCJibG9naWQiOiI1OTU4NDgwOSIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMjcxODIxOTY2Mz
X-Tumblr-Pixel-1: giLCJibG9naWQiOiI1OTU4NDgwOSIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMjUyODA2MjE2OTQiLCJibG9naWQiOiI1OTU4NDgwOSIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMjcyNTI2Mzg3NzAiLCJibG9naWQiOiI1OTU4NDgwOSIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMjcxODEwNjMyMDQiLCJibG9naWQiOiI1OTU4NDgwOSIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMjUyMjU3ODE5NTAiLCJibG9naWQiOiI1OTU4NDgwOSIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMjcxODE5MDMwNDciLCJibG9naWQiOiI1OTU4NDgwOSIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMjcxODA1ODczNzQiLCJibG9naWQiOiI1OTU4NDgwOSIsInNv
X-Tumblr-Pixel-2: dXJjZSI6MzN9LHsicG9zdGlkIjoiMjcxODE3NjY3MTMiLCJibG9naWQiOiI1OTU4NDgwOSIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMjUyODE0ODAyMDgiLCJibG9naWQiOiI1OTU4NDgwOSIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMjcxODIzNTI0MjEiLCJibG9naWQiOiI1OTU4NDgwOSIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMjUyODExODI5NDAiLCJibG9naWQiOiI1OTU4NDgwOSIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMjcxODI1MDAzMjEiLCJibG9naWQiOiI1OTU4NDgwOSIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMjUyODA3NjE4MTUiLCJibG9naWQiOiI1OTU4NDgwOSIsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMjcxOD
X-Tumblr-Pixel-3: I2NDg1MzciLCJibG9naWQiOiI1OTU4NDgwOSIsInNvdXJjZSI6MzN9XX0=&U=LJJCNGFJDC&K=7b18654f2733dd31b2aa3e626353f1686fdfe93f19136fac9f2bfbd857e4677d
X-Tumblr-User: khgcr3w
X-UA-Compatible: IE=Edge,chrome=1
X-UA-Device: desktop
Second query (visit from search engine):
GET / HTTP/1.1
Host: khg-cr3w.org
Referer: http://www.google.com/search?q=khg-cr3w.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: khg-cr3w.org
Referer: http://www.google.com/search?q=khg-cr3w.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=khg-cr3w.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://khg-cr3w.org/
Result: khg-cr3w.org is not infected or malware details are not published yet.
Result: khg-cr3w.org is not infected or malware details are not published yet.