Scanned pages/files
Request | Server response | Status |
http://ratchada115.com/ | 200 OK Content-Length: 53481 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: hacked by saeed afee ...[36685 bytes skipped]... ;td bgcolor="#E5E5E5" width="25%"><CENTER><B>Çѹ·Õè</B></CENTER></td> </tr> <tr><td colspan="3" height=1 class="dotline"></td></tr> <tr height="20"><td bgcolor="#F0F0F0"><IMG SRC="images/icon/dok.gif" BORDER="0" ALIGN="absmiddle"> <B>00005 : </B> <A HREF="?name=webboard&file=read&id=5" target="_blank">hacked by saeed afee</A><FONT FACE="tahoma" COLOR="#808080">(73/0)</FONT></td> <td bgcolor="#F0F0F0" width="120"><CENTER><B><FONT COLOR="#6600FF"><IMG SRC="images/human.gif" BORDER="0" ALIGN="absmiddle"> <B><FONT COLOR="#FF0066">vjvjjhjjjjjhjhfghfds</FONT></B></CENTER></td> <td bgcolor="#F0F0F0" width="120"><CENTER><FONT COLOR="#339900">19 Ê.¤. 2557 : 18:36</FONT></CENTE ...[31483 bytes skipped]... | ||
http://ratchada115.com/highslide/highslide.js | 200 OK Content-Length: 45234 Content-Type: application/javascript | clean |
http://ratchada115.com/highslide/highslide-html.js | 200 OK Content-Length: 13700 Content-Type: application/javascript | clean |
http://ratchada115.com/java.js | 200 OK Content-Length: 656 Content-Type: application/javascript | clean |
http://guru.sanook.com/gadget/gadget_tis620.js | 200 OK Content-Length: 227 Content-Type: text/javascript | clean |
http://ratchada115.com/modules/randomimg/contentslider.js | 200 OK Content-Length: 10732 Content-Type: application/javascript | clean |
http://ratchada115.com/index.php | 200 OK Content-Length: 53484 Content-Type: text/html | clean |
http://ratchada115.com/?name=news | 200 OK Content-Length: 33683 Content-Type: text/html | clean |
http://ratchada115.com/?name=knowledge | HTTP/1.1 200 OK Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Tue, 21 Oct 2014 05:08:08 GMT Pragma: no-cache Accept-Ranges: bytes Age: 0 Vary: Accept-Encoding,User-Agent Content-Length: 17892 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=j0d1or8r8h78mo3cn2lj7vr717; path=/ X-Backend: default X-Cache: MISS X-ID: 2003922840 X-Varnish-IP: 119.59.127.115 | clean |
http://ratchada115.com/index.php?name=member | 200 OK Content-Length: 43218 Content-Type: text/html | clean |
http://ratchada115.com/?name=gallery | 200 OK Content-Length: 20386 Content-Type: text/html | clean |
http://ratchada115.com/swfobject.js | 404 Not Found Content-Length: 483 Content-Type: text/html | clean |
http://ratchada115.com/test404page.js | 404 Not Found Content-Length: 485 Content-Type: text/html | clean |
http://ratchada115.com/?name=gbook | 200 OK Content-Length: 43148 Content-Type: text/html | clean |
http://ratchada115.com/?name=webboard | 200 OK Content-Length: 21315 Content-Type: text/html | clean |
http://ratchada115.com/?name=calendar | 200 OK Content-Length: 52421 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ratchada115.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 21 Oct 2014 05:07:58 GMT
Pragma: no-cache
Accept-Ranges: bytes
Age: 0
Vary: Accept-Encoding,User-Agent
Content-Length: 53481
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: CP="NOI NID"
Set-Cookie: PHPSESSID=347bhs448k2uh2tqrpmpo0id15; path=/
Set-Cookie: gcount_unique=index; expires=Wed, 22-Oct-2014 05:07:57 GMT
X-Backend: default
X-Cache: MISS
X-ID: 2003922797
X-Varnish-IP: 119.59.127.115
...53481 bytes of data.
GET / HTTP/1.1
Host: ratchada115.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 21 Oct 2014 05:07:58 GMT
Pragma: no-cache
Accept-Ranges: bytes
Age: 0
Vary: Accept-Encoding,User-Agent
Content-Length: 53481
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: CP="NOI NID"
Set-Cookie: PHPSESSID=347bhs448k2uh2tqrpmpo0id15; path=/
Set-Cookie: gcount_unique=index; expires=Wed, 22-Oct-2014 05:07:57 GMT
X-Backend: default
X-Cache: MISS
X-ID: 2003922797
X-Varnish-IP: 119.59.127.115
...53481 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ratchada115.com
Referer: http://www.google.com/search?q=ratchada115.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ratchada115.com
Referer: http://www.google.com/search?q=ratchada115.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ratchada115.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ratchada115.com/
Result: ratchada115.com is not infected or malware details are not published yet.
Result: ratchada115.com is not infected or malware details are not published yet.