Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: kltforums.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 08 Apr 2014 01:25:04 GMT
Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Type: text/html
Set-Cookie: kltsession_id=8f09d65e87c650d6436e2019deb0fcda; path=/; domain=.kltforums.net
X-Powered-By: PHP/5.3.10
GET / HTTP/1.1
Host: kltforums.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 08 Apr 2014 01:25:04 GMT
Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Type: text/html
Set-Cookie: kltsession_id=8f09d65e87c650d6436e2019deb0fcda; path=/; domain=.kltforums.net
X-Powered-By: PHP/5.3.10
Second query (visit from search engine):
GET / HTTP/1.1
Host: kltforums.net
Referer: http://www.google.com/search?q=kltforums.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: kltforums.net
Referer: http://www.google.com/search?q=kltforums.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://kltforums.net/ | 200 OK Content-Length: 70217 Content-Type: text/html | clean |
http://kltforums.net/jscripts/spoiler.js | 200 OK Content-Length: 444 Content-Type: application/x-javascript | clean |
http://kltforums.net/jscripts/ipb_global.js | 200 OK Content-Length: 21300 Content-Type: application/x-javascript | clean |
http://kltforums.net/jscripts/ips_menu.js | 200 OK Content-Length: 10349 Content-Type: application/x-javascript | clean |
http://kltforums.net/style_images/1/folder_js_skin/ips_menu_html.js | 200 OK Content-Length: 2883 Content-Type: application/x-javascript | clean |
http://kltforums.net/jscripts/ips_xmlhttprequest.js | 200 OK Content-Length: 8255 Content-Type: application/x-javascript | clean |
http://kltforums.net/jscripts/ipb_global_xmlenhanced.js | 200 OK Content-Length: 9733 Content-Type: application/x-javascript | clean |
http://kltforums.net/jscripts/dom-drag.js | 200 OK Content-Length: 6333 Content-Type: application/x-javascript | clean |
http://kltforums.net/jscripts/ipb_board.js | 200 OK Content-Length: 1907 Content-Type: application/x-javascript | clean |
http://kltforums.net/lofiversion/index.php | 200 OK Content-Length: 4556 Content-Type: text/html | clean |
http://kltforums.net/lofiversion/./ | 200 OK Content-Length: 4556 Content-Type: text/html | clean |
http://kltforums.net/lofiversion/././ | 200 OK Content-Length: 4556 Content-Type: text/html | clean |
http://kltforums.net/lofiversion/./././ | 200 OK Content-Length: 4556 Content-Type: text/html | clean |
http://kltforums.net/lofiversion/././././ | 200 OK Content-Length: 4556 Content-Type: text/html | clean |
http://kltforums.net/lofiversion/./././././ | 200 OK Content-Length: 4556 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=kltforums.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://kltforums.net/
Result: kltforums.net is not infected or malware details are not published yet.
Result: kltforums.net is not infected or malware details are not published yet.