Scanned pages/files
Request | Server response | Status |
http://thekbf.com/ | 200 OK Content-Length: 9840 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HackeD BY Moroccan Hackers Pro <html><head><style type='text/css'>.AFhss_dpnone{display:none;width:0;height:0}</style><link rel="SHORTCUT ICON" href="http://s.myniceprofile.com/myspacepic/1/th/152.gif">
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> <title> HackeD BY Moroccan Hackers Pro</title> <body bgcolor="black" background="http://www.userlogos.org/files/backgrounds/macleod.mac/bg.jpg"> <div id="AFhss_dfs"class="AFhss_dpnone"><div id="AFhss_adrp3"class="AFhss_dpnone"></div><div id="AFhss_adrp4"class="AFhss_dpnone"></div><div id="AFhss_adrp5"class="AFhss_dpnone"></div><div id="AFhss_adrp6"class="AFhss_dpnone"></div><di ...[11322 bytes skipped]... | ||
http://thekbf.com/media/system/js/mootools-core.js | 200 OK Content-Length: 88540 Content-Type: application/javascript | clean |
http://thekbf.com/media/system/js/core.js | 200 OK Content-Length: 4225 Content-Type: application/javascript | clean |
http://thekbf.com/media/system/js/mootools-more.js | 200 OK Content-Length: 238128 Content-Type: application/javascript | clean |
http://mccutchenfamily.info//components/com_gcalendar/libraries/jquery/jquery.min.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Sat, 19 Dec 2015 00:12:36 GMT Pragma: no-cache Location: http://www.mccutchenfamily.info/components/com_gcalendar/libraries/jquery/jquery.min.js/ Server: nginx Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Ngpass_ngall: 1 Set-Cookie: ct_cookies_test=e0d8a81f6f91f65a7a512adf3eab8ff6; path=/ Set-Cookie: wptouch_customizer_use=desktop; path=/ Set-Cookie: PHPSESSID=2d72daa74bda8650cdac24e8d4f92cce; path=/ | clean |
http://www.mccutchenfamily.info/components/com_gcalendar/libraries/jquery/jquery.min.js/ | 404 Not Found Content-Length: 30595 Content-Type: text/html | clean |
http://www.mccutchenfamily.info/wp-includes/js/jquery/jquery.js?ver=1.11.3 | 200 OK Content-Length: 95977 Content-Type: application/javascript | clean |
http://www.mccutchenfamily.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://www.mccutchenfamily.info/wp-content/plugins/cleantalk-spam-protect/inc/cleantalk_nocache.js?random=5.33.1 | 200 OK Content-Length: 5831 Content-Type: application/javascript | clean |
http://www.mccutchenfamily.info/wp-content/plugins/jetpack/modules/photon/photon.js?ver=20130122 | 200 OK Content-Length: 1378 Content-Type: application/javascript | clean |
http://www.mccutchenfamily.info/wp-content/themes/newsy/themify/themify-builder/js/themify.builder.module.plugins.js?ver=2.4.5 | 200 OK Content-Length: 4174 Content-Type: application/javascript | clean |
http://www.mccutchenfamily.info/wp-content/themes/newsy/themify/js/lightbox.js?ver=2.4.5 | 200 OK Content-Length: 21780 Content-Type: application/javascript | clean |
http://www.mccutchenfamily.info/wp-content/themes/newsy/themify/js/main.js?ver=2.4.5 | 200 OK Content-Length: 15623 Content-Type: application/javascript | clean |
http://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201551 | 200 OK Content-Length: 10372 Content-Type: application/x-javascript | clean |
http://s.gravatar.com/js/gprofiles.js?ver=2015Decaa | 200 OK Content-Length: 20650 Content-Type: application/x-javascript | clean |
http://www.mccutchenfamily.info/wp-content/plugins/jetpack/modules/wpgroho.js?ver=4.4 | 200 OK Content-Length: 1015 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: thekbf.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 19 Dec 2015 00:12:31 GMT
Accept-Ranges: bytes
ETag: "2670-4dceaa191fd80"
Server: Apache
Content-Length: 9840
Content-Type: text/html
Last-Modified: Fri, 17 May 2013 14:16:38 GMT
...9840 bytes of data.
GET / HTTP/1.1
Host: thekbf.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 19 Dec 2015 00:12:31 GMT
Accept-Ranges: bytes
ETag: "2670-4dceaa191fd80"
Server: Apache
Content-Length: 9840
Content-Type: text/html
Last-Modified: Fri, 17 May 2013 14:16:38 GMT
...9840 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: thekbf.com
Referer: http://www.google.com/search?q=thekbf.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: thekbf.com
Referer: http://www.google.com/search?q=thekbf.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=thekbf.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://thekbf.com/
Result: thekbf.com is not infected or malware details are not published yet.
Result: thekbf.com is not infected or malware details are not published yet.