New scan:

Malware Scanner report for thetabloids.net

Malicious/Suspicious/Total urls checked
0/0/22
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/1/6
1 suspicious iframe found. See details below
Deface / Content modification
Found
Probably the website is defaced. The following signature was found:

Hacked by Zyb3r  (8 websites defaced)

See details below

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://thetabloids.net/
200 OK
Content-Length: 17999
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 1x1     
src: http://www.youtube.com/embed/roorps_e-do?rel=0&autoplay=1&loop=1&playlist=roorps_e-do

<iframe width="1" height="1" src="http://www.youtube.com/embed/roorps_e-do?rel=0&autoplay=1&loop=1&playlist=roorps_e-do" frameborder="0" allowfullscreen>

Deface/Content modification. The following signature was found: Hacked by Zyb3r

...[160 bytes skipped]...
r/> <link rel="SHORTCUT ICON"
href="http://imageshack.com/a/img440/4273/6fix.png" type="image/x-icon" rel="icon">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<title></title>
<script type="text/javascript">
function tb8_makeArray(n){
this.length = n;
return this.length;
}
tb8_messages = new tb8_makeArray(3);
tb8_messages[0] = "Hacked by Zyb3r";
tb8_messages[1] = "We Are BloodSec Hackers";
tb8_messages[2] = "Your database is safe";
tb8_messages[3] = "Please patch your security! ";
tb8_rptType = 'infinite';
tb8_rptNbr = 5;
tb8_speed = 100;
tb8_delay = 2000;
var tb8_counter=1;
var tb8_currMsg=0;
var tb8_tekst ="";
var tb8_i=0;
var tb8_TID = null;
function tb8_pisi(){
tb8_tekst = tb8_tekst + tb8_messages[tb8_currMsg].substring(tb8_i, tb8_i+1);
document.tit
...[19997 bytes skipped]...


http://hellox.persiangig.com/DefacePage/jquery-1.js
200 OK
Content-Length: 91669
Content-Type: application/x-javascript
clean
http://hellox.persiangig.com/DefacePage/cufon-yu.js
200 OK
Content-Length: 18258
Content-Type: application/x-javascript
clean
http://hellox.persiangig.com/DefacePage/Yanone_K.js
200 OK
Content-Length: 54966
Content-Type: application/x-javascript
clean
http://hellox.persiangig.com/DefacePage/jquery00.js
500 timeout
Content-Length: 30
Content-Type: text/plain
clean
http://hellox.persiangig.com/test404page.js
HTTP/1.1 200 OK
Connection: close
Date: Wed, 08 Apr 2015 02:16:22 GMT
Server: Microsoft-IIS/7.5
Content-Length: 4421
Content-Type: text/html; charset=UTF-8
Content-Control: private
X-Powered-By: PHP/5.3.6
clean
http://www.persiangig.com/
HTTP/1.1 302 Found
Connection: close
Date: Wed, 08 Apr 2015 02:16:22 GMT
Location: http://v.persiangig.com/
Server: Apache/2.2.15 (CentOS)
Content-Length: 292
Content-Type: text/html; charset=iso-8859-1
clean
http://v.persiangig.com/
HTTP/1.1 302 Found
Connection: close
Date: Wed, 08 Apr 2015 02:16:23 GMT
Location: http://cld.persiangig.com/home.html
Server: Apache/2.2.15 (CentOS)
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/5.3.6
clean
http://cld.persiangig.com/home.html
200 OK
Content-Length: 25293
Content-Type: text/html
clean
http://cld.persiangig.com/script/html5.js
200 OK
Content-Length: 2636
Content-Type: application/x-javascript
clean
http://hellox.persiangig.com//ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js/
HTTP/1.1 200 OK
Connection: close
Date: Wed, 08 Apr 2015 02:16:24 GMT
Server: Microsoft-IIS/7.5
Content-Length: 4421
Content-Type: text/html; charset=UTF-8
Content-Control: private
X-Powered-By: PHP/5.3.6
clean
http://www.persiangig.com/test404page.js
HTTP/1.1 302 Found
Connection: close
Date: Wed, 08 Apr 2015 02:16:25 GMT
Location: http://v.persiangig.com/test404page.js
Server: Apache/2.2.15 (CentOS)
Content-Length: 306
Content-Type: text/html; charset=iso-8859-1
clean
http://v.persiangig.com/test404page.js
HTTP/1.1 302 Found
Connection: close
Date: Wed, 08 Apr 2015 02:16:25 GMT
Location: http://www.persiangig.com/notfound/
Server: Apache/2.2.15 (CentOS)
Content-Length: 301
Content-Type: text/html; charset=iso-8859-1
clean
http://www.persiangig.com/notfound/
500 timeout
Content-Length: 30
Content-Type: text/plain
clean
http://hellox.persiangig.com/script/simple-slider.min.js
HTTP/1.1 200 OK
Connection: close
Date: Wed, 08 Apr 2015 02:16:30 GMT
Server: Microsoft-IIS/7.5
Content-Length: 4421
Content-Type: text/html; charset=UTF-8
Content-Control: private
X-Powered-By: PHP/5.3.6
clean
http://hellox.persiangig.com/DefacePage/jquery01.js
200 OK
Content-Length: 27151
Content-Type: application/x-javascript
clean
http://hellox.persiangig.com/DefacePage/jquery02.js
200 OK
Content-Length: 6297
Content-Type: application/x-javascript
clean
http://hellox.persiangig.com/DefacePage/jquery03.js
200 OK
Content-Length: 4824
Content-Type: application/x-javascript
clean
http://hellox.persiangig.com/DefacePage/jquery04.js
200 OK
Content-Length: 2235
Content-Type: application/x-javascript
clean
http://hellox.persiangig.com/DefacePage/jquery05.js
200 OK
Content-Length: 44500
Content-Type: application/x-javascript
clean
http://hellox.persiangig.com/DefacePage/jquery06.js
200 OK
Content-Length: 4866
Content-Type: application/x-javascript
clean
http://hellox.persiangig.com/DefacePage/jquery07.js
200 OK
Content-Length: 3104
Content-Type: application/x-javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: thetabloids.net

Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 08 Apr 2015 02:16:13 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/5.4.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: thetabloids.net
Referer: http://www.google.com/search?q=thetabloids.net

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=thetabloids.net

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://thetabloids.net/

Result: thetabloids.net is not infected or malware details are not published yet.