New scan:

Malware Scanner report for rahegroup.com

Malicious/Suspicious/Total urls checked
1/0/3
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/1
Deface / Content modification
Found
Probably the website is defaced. The following signature was found:

Hacked By KING_HAXOR   (45 websites defaced)

See details below

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://rahegroup.com/
200 OK
Content-Length: 4536
Content-Type: text/html
suspicious
Malicious code - confirmed by antiviruses (see below)

<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js" type="text/javascript"> <link rel="shortcut icon" type="image/png" href="http://www.pakconsulatebcn.com/images/Pakistani%20Flag-animated.gif"/> <body onload="teclear();"oncontextmenu='return false;' onkeydown='return false;' onmousedown='return false;'><table width="423" border="0" align="center" cellpadding="0" cellspacing="0"> <title>Hacked By KING_HAXOR </title> <div id="click
... 228 bytes are skipped ...
n"> <iframe src="http://www.facebook.com/plugins/like.php?href=https://www.facebook.com/KinGHaxoROfficial&amp;layout=button_count&amp;show_faces=false&amp;width=50&amp;action=like&amp;colorscheme=light&amp;height=21" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:45px; left:-19px; height:21px; z-index: 0; position: relative;" allowTransparency="true"></iframe> <script src="Embs/l.js" charset="UTF-8" type="text/javascript">

Antivirus reports:

Avast
JS:Clickjack-Y [Trj]

Deface/Content modification. The following signature was found: Hacked By KING_HAXOR

...[167 bytes skipped]...
x.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js" type="text/javascript"> <link rel="shortcut icon" type="image/png" href="http://www.pakconsulatebcn.com/images/Pakistani%20Flag-animated.gif"/> <body onload="teclear();"oncontextmenu='return false;' onkeydown='return false;' onmousedown='return false;'><table width="423" border="0" align="center" cellpadding="0" cellspacing="0"> <title>Hacked By KING_HAXOR </title> <div id="clickjack-button-wrapper-5" style="position: absolute; opacity: 0; filter: alpha(opacity = 0); -ms-filter:'progid:DXImageTransform.Microsoft.Alpha(Opacity=0)'; margin-left: -50px; z-index: 100; width:27px; height:20px; overflow:hidden"> <iframe src="http://www.facebook.com/plugins/like.php?href=https://www.facebook.com/KinGHaxoROfficial&amp;layout=button_count&amp;show_faces=false&amp;width=50&amp;action=like&amp;colo
...[4086 bytes skipped]...


http://rahegroup.com/test404page.js
404 Not Found
Content-Length: 497
Content-Type: text/html
clean
http://cdn.dsultra.com/js/registrar.js
200 OK
Content-Length: 1688
Content-Type: application/x-javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: rahegroup.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 06 Apr 2015 06:24:14 GMT
Accept-Ranges: bytes
ETag: "17c02a-11b8-5008c1547c600"
Server: Apache
Content-Length: 4536
Content-Type: text/html
Last-Modified: Thu, 14 Aug 2014 00:35:36 GMT

...4536 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: rahegroup.com
Referer: http://www.google.com/search?q=rahegroup.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=rahegroup.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://rahegroup.com/

Result: rahegroup.com is not infected or malware details are not published yet.