Scanned pages/files
Request | Server response | Status |
http://1ra.net/ | 200 OK Content-Length: 33234 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HacKeD bY MeX707 <html dir="rtl"> <head> <meta http-equiv="Content-Language" content="en-us"> <meta http-equiv="Content-Type" content="text/html; charset=windows-1252"> <title>HacKeD bY MeX707</title> <meta name="description" content="HacKeD bY MeX707"> <script type="text/javascript"> //<![CDATA[ try{if (!window.CloudFlare) {var CloudFlare=[{verbose:0,p:0,byc:0,owlid:"cf",bag2:1,mirage2:0,oracle:0,paths:{cloudflare:"/cdn-cgi/nexp/dokv=abba2f56bd/"},atok:"d35e65297f7a93f24987252eca0ed88a",petok:"5a6a888a22d25dd9fc498eb32ab618b99d38ca8e-1402849847-1800",zone:"3asfh.net",rocket:"0",apps ...[38074 bytes skipped]... | ||
http://1ra.net/index.php/component/jbolo/?view=js&format=raw | 200 OK Content-Length: 33234 Content-Type: text/html | clean |
http://www.freaksnetwork.in/components/com_jbolo/js/jquery-1.7.2.min.js | 500 Can't connect to www.freaksnetwork.in:80 (Bad hostname) Content-Length: 172 Content-Type: text/plain | clean |
http://www.freaksnetwork.in/test404page.js | 500 Can't connect to www.freaksnetwork.in:80 (Bad hostname) Content-Length: 172 Content-Type: text/plain | clean |
http://www.freaksnetwork.in/components/com_jbolo/sound/soundmanager2.js | 500 Can't connect to www.freaksnetwork.in:80 (Bad hostname) Content-Length: 172 Content-Type: text/plain | clean |
http://www.freaksnetwork.in/components/com_jbolo/js/fb_chat.js | 500 Can't connect to www.freaksnetwork.in:80 (Bad hostname) Content-Length: 172 Content-Type: text/plain | clean |
http://www.freaksnetwork.in/components/com_jbolo/js/fbar.js | 500 Can't connect to www.freaksnetwork.in:80 (Bad hostname) Content-Length: 172 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 1ra.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 05 Sep 2014 11:23:46 GMT
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Content-Type: text/html
GET / HTTP/1.1
Host: 1ra.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 05 Sep 2014 11:23:46 GMT
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: 1ra.net
Referer: http://www.google.com/search?q=1ra.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 1ra.net
Referer: http://www.google.com/search?q=1ra.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=1ra.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://1ra.net/
Result: 1ra.net is not infected or malware details are not published yet.
Result: 1ra.net is not infected or malware details are not published yet.