Scanned pages/files
Request | Server response | Status |
http://hackingfacebook.net/ | 200 OK Content-Length: 17208 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Recent 5 Facebook accounts hacked by members: ...[15251 bytes skipped]... ref="payment.php" title="Western Union"><img src="http://s3.amazonaws.com/ox1vzsy33oao/westernunion.png" alt="Western Union" width="86" height="29"/></a> </span> <p><a href="payment.php" title="Payment methods" class="link">Payment information in details</a></p> </div> </div> </div> <div class="row"> <h2>Recent 5 Facebook accounts hacked by members:</h2> <marquee direction="left" scrollamount="7" behavior="scroll" onmouseover="stop()" onmouseout="start()"> <div class="message-blue center"><p>Click to view: <strong><a href="/facebook-account-hacked/770232849" title="View info about owner of this Facebook ID 770232849" target="_blank">Denise Fernandez</a></strong> <strong><a href="/facebook-account-hacked/10000624157700 ...[4961 bytes skipped]... | ||
http://hackingfacebook.net/hacking-service.php | 200 OK Content-Length: 19664 Content-Type: text/html | clean |
http://hackingfacebook.net/payment.php | 200 OK Content-Length: 12583 Content-Type: text/html | clean |
http://hackingfacebook.net/hacking-facebook-for-free.php | 200 OK Content-Length: 11243 Content-Type: text/html | clean |
http://hackingfacebook.net/testimonials-hack-facebook.php | 200 OK Content-Length: 14977 Content-Type: text/html | clean |
http://hackingfacebook.net/faq.php | 200 OK Content-Length: 18924 Content-Type: text/html | clean |
http://hackingfacebook.net/login.php | 200 OK Content-Length: 11451 Content-Type: text/html | clean |
http://hackingfacebook.net/signup.php | 200 OK Content-Length: 12190 Content-Type: text/html | clean |
http://hackingfacebook.net/../widget/?_ts=1436057723&return_to=http%3A%2F%2Fhackingfacebook.net%2Fsignup.php | 400 Bad Request Content-Length: 177 Content-Type: text/html | clean |
http://hackingfacebook.net/test404page.js | HTTP/1.1 302 Found Cache-Control: public, max-age=2678400 Connection: close Date: Sun, 05 Jul 2015 00:55:22 GMT Location: / Server: cloudflare-nginx Content-Language: en-US Content-Type: text/html; charset=UTF-8 Expires: Wed, 05 Aug 2015 00:55:22 GMT CF-Cache-Status: MISS CF-RAY: 200f1a9b9c7205c9-WAW Set-Cookie: __cfduid=d4d66494a3eca5982d9bb7c44a45d60681436057722; expires=Mon, 04-Jul-16 00:55:22 GMT; path=/; domain=.hackingfacebook.net; HttpOnly Status: 404 Not Found X-Powered-By: PHP/5.4.3 | clean |
http://hackingfacebook.net/contact.php | 200 OK Content-Length: 12654 Content-Type: text/html | clean |
http://hackingfacebook.net/hacking.php | 200 OK Content-Length: 10860 Content-Type: text/html | clean |
http://hackingfacebook.net/rss.php?url=http://hackingfacebook.net/hacking.php | 200 OK Content-Length: 736 Content-Type: text/xml | clean |
http://hackingfacebook.net/facebook-account-hacked.php?p=1 | 200 OK Content-Length: 19208 Content-Type: text/html | clean |
http://hackingfacebook.net/facebook-account-hacked/231726420265559 | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sun, 05 Jul 2015 00:55:29 GMT Pragma: no-cache Location: /hack-facebook-password.php Server: cloudflare-nginx Vary: User-Agent Content-Language: en-US Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT CF-RAY: 200f1ac271f70afc-WAW Set-Cookie: __cfduid=d3fa3ba964630477363b93dc5161902901436057728; expires=Mon, 04-Jul-16 00:55:28 GMT; path=/; domain=.hackingfacebook.net; HttpOnly Set-Cookie: PHPSESSID=ecnjtdk84jb9q4ceb8t93q50g2; path=/ X-Powered-By: PHP/5.4.3 | clean |
http://hackingfacebook.net/hack-facebook-password.php | 200 OK Content-Length: 15067 Content-Type: text/html | clean |
http://hackingfacebook.net/rss.php?url=http://hackingfacebook.net/hack-facebook-password.php | 200 OK Content-Length: 1015 Content-Type: text/xml | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: hackingfacebook.net
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 05 Jul 2015 00:55:11 GMT
Pragma: no-cache
Server: cloudflare-nginx
Vary: Accept-Encoding,User-Agent
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
CF-RAY: 200f1a4e103c0af0-WAW
Set-Cookie: __cfduid=dca8c25476ff6422a5e79e4ed764ca5cf1436057709; expires=Mon, 04-Jul-16 00:55:09 GMT; path=/; domain=.hackingfacebook.net; HttpOnly
Set-Cookie: PHPSESSID=d074jtsi28vgdcc6t2ud52t0g5; path=/
X-Powered-By: PHP/5.4.3
GET / HTTP/1.1
Host: hackingfacebook.net
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 05 Jul 2015 00:55:11 GMT
Pragma: no-cache
Server: cloudflare-nginx
Vary: Accept-Encoding,User-Agent
Content-Language: en-US
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
CF-RAY: 200f1a4e103c0af0-WAW
Set-Cookie: __cfduid=dca8c25476ff6422a5e79e4ed764ca5cf1436057709; expires=Mon, 04-Jul-16 00:55:09 GMT; path=/; domain=.hackingfacebook.net; HttpOnly
Set-Cookie: PHPSESSID=d074jtsi28vgdcc6t2ud52t0g5; path=/
X-Powered-By: PHP/5.4.3
Second query (visit from search engine):
GET / HTTP/1.1
Host: hackingfacebook.net
Referer: http://www.google.com/search?q=hackingfacebook.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: hackingfacebook.net
Referer: http://www.google.com/search?q=hackingfacebook.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=hackingfacebook.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://hackingfacebook.net/
Result: hackingfacebook.net is not infected or malware details are not published yet.
Result: hackingfacebook.net is not infected or malware details are not published yet.