Scanned pages/files
Request | Server response | Status |
http://kucatim.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 15 May 2015 15:42:55 GMT Location: http://www.kucatim.com/ Server: nginx admin Content-Length: 0 Content-Type: text/html; charset=UTF-7 X-Cache: HIT from Backend X-Pingback: http://www.kucatim.com/xmlrpc.php X-Powered-By: PHP/5.3.29 | clean |
http://www.kucatim.com/ | 200 OK Content-Length: 56998 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: +ADw-meta name+AD0AIg-keywords+ACI content+AD0AIg-HaCkeD By : Fallag Iheb +ACY Fallag XDroges +ACI ...[2883 bytes skipped]... +ADsAJgAj-9480+ADsAJgAj-9480+ADsAJgAj-39+ADs)+ADs-return false+ADsAIg onkeydown+AD0AIg-return false+ADsAIgA+ +ADw-p align+AD0AIg-center+ACIAPgAmACM-65279+ADsAJgAj-65279+ADs +ADwAIQ-DOCTYPE HTML PUBLIC +ACI--//W3C//DTD HTML 4.01 Transitional//EN+ACIAPg +ADw-html+AD4APA-head+AD4 +ADw-meta http-equiv+AD0AIg-Content-Language+ACI content+AD0AIg-en-us+ACIAPg +ADw-meta name+AD0AIg-keywords+ACI content+AD0AIg-HaCkeD By : Fallag Iheb +ACY Fallag XDroges +ACIAPg +ADw-meta name+AD0AIg-description+ACI content+AD0AIg-HaCkeD By : Fallag Iheb +ACY Fallag XDroges +ACIAPgA8-title+AD4.Hacked By Fallag Iheb +ACY Fallag XDroges +ADw-/title+AD4 +ADw-style+AD4 +ADwAIQ--- +ACoAew-padding: 0px+ADs-margin: 0px+ADsAfQ .style68 +AHs color: +ACM-FFFFFF+ADs +AH0 .style69 +AHs color: +ACM-CC0000+ADs +AH0 --+AD4 +ADw-/style+AD4 +ADw-scrip ...[58036 bytes skipped]... | ||
http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js | 200 OK Content-Length: 93868 Content-Type: text/javascript | clean |
http://www.kucatim.com/wp-content/plugins/nextgen-gallery/js/jquery.cycle.all.min.js?ver=2.9995 | 200 OK Content-Length: 26590 Content-Type: application/javascript | clean |
http://www.kucatim.com/wp-content/plugins/nextgen-gallery/js/ngg.slideshow.min.js?ver=1.06 | 200 OK Content-Length: 1791 Content-Type: application/javascript | clean |
http://www.kucatim.com/wp-content/plugins/tinynav/js/tinynav.min.js | 200 OK Content-Length: 644 Content-Type: application/javascript | clean |
http://www.kucatim.com/wp-content/plugins/j-shortcodes/js/jay.js | 200 OK Content-Length: 3460 Content-Type: application/javascript | clean |
http://www.kucatim.com/wp-content/plugins/j-shortcodes/galleryview/js/jquery.easing.1.3.js | 200 OK Content-Length: 8301 Content-Type: application/javascript | clean |
http://www.kucatim.com/wp-content/plugins/j-shortcodes/galleryview/js/jquery.timers-1.2.js | 200 OK Content-Length: 3338 Content-Type: application/javascript | clean |
http://www.kucatim.com/wp-content/plugins/j-shortcodes/galleryview/js/jquery.galleryview-3.0.min.js | 200 OK Content-Length: 24998 Content-Type: application/javascript | clean |
http://www.kucatim.com/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.9.2 | 200 OK Content-Length: 4693 Content-Type: application/javascript | clean |
http://www.kucatim.com/wp-includes/js/jquery/ui/jquery.ui.widget.min.js?ver=1.9.2 | 200 OK Content-Length: 6759 Content-Type: application/javascript | clean |
http://www.kucatim.com/wp-includes/js/jquery/ui/jquery.ui.tabs.min.js?ver=1.9.2 | 200 OK Content-Length: 18572 Content-Type: application/javascript | clean |
http://www.kucatim.com/wp-includes/js/jquery/ui/jquery.ui.accordion.min.js?ver=1.9.2 | 200 OK Content-Length: 10454 Content-Type: application/javascript | clean |
http://www.kucatim.com/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.js?ver=1.3.3 | 200 OK Content-Length: 9986 Content-Type: application/javascript | clean |
http://www.kucatim.com/wp-content/themes/kucatim/javascripts/foundation.min.js?ver=1.0 | 200 OK Content-Length: 167826 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: kucatim.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 15 May 2015 15:42:55 GMT
Location: http://www.kucatim.com/
Server: nginx admin
Content-Length: 0
Content-Type: text/html; charset=UTF-7
X-Cache: HIT from Backend
X-Pingback: http://www.kucatim.com/xmlrpc.php
X-Powered-By: PHP/5.3.29
...0 bytes of data.
GET / HTTP/1.1
Host: kucatim.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 15 May 2015 15:42:55 GMT
Location: http://www.kucatim.com/
Server: nginx admin
Content-Length: 0
Content-Type: text/html; charset=UTF-7
X-Cache: HIT from Backend
X-Pingback: http://www.kucatim.com/xmlrpc.php
X-Powered-By: PHP/5.3.29
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: kucatim.com
Referer: http://www.google.com/search?q=kucatim.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: kucatim.com
Referer: http://www.google.com/search?q=kucatim.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=kucatim.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://kucatim.com/
Result: kucatim.com is not infected or malware details are not published yet.
Result: kucatim.com is not infected or malware details are not published yet.