Scanned pages/files
Request | Server response | Status |
http://acbk.org/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 18 Jul 2015 04:10:05 GMT Location: http://acbk.org/tcc.php Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=iso-8859-1 Set-Cookie: startBAK=R3415743754; path=/; expires=Sat, 18-Jul-2015 05:25:18 GMT Set-Cookie: start=R118998673; path=/; expires=Sat, 18-Jul-2015 05:28:28 GMT X-Cacheable: Not cacheable: no cache headers from backend X-Geo: varn24.rbx5 X-Geo-Port: 1014 | clean |
http://acbk.org/tcc.php | 200 OK Content-Length: 10413 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://www.youtube.com/embed/videoseries?list=pl3e6316c123cfc160&hl=en_us&autoplay=1&loop=1&index= <iframe width="1" height="1" src="http://www.youtube.com/embed/videoseries?list=pl3e6316c123cfc160&hl=en_us&autoplay=1&loop=1&index='+ct[0]+'" frameborder="0"> Deface/Content modification. The following signature was found: Hacked by Team_CC <!doctype html>
<html> <head> <meta charset=utf-8> <title>Hacked by Team_CC</title> <style>.matrix{padding-left:30px}.out{-webkit-animation-name:out;-webkit-animation-duration:1s;-webkit-animation-iteration-count:1;animation-name:out;animation-duration:1s}.in{-webkit-animation-name:in;-webkit-animation-duration:1s;-webkit-animation-iteration-count:1;animation-name:in;animation-duration:1s}@-webkit-keyframes in{0%{right:-200px}100%{right:0}}@keyframes in{0%{right:-200px}100%{right:0}}@-we ...[10890 bytes skipped]... | ||
http://acbk.org/test404page.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 18 Jul 2015 04:10:06 GMT Location: http://acbk.org/tcc.php Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=iso-8859-1 Set-Cookie: startBAK=R3415777513; path=/; expires=Sat, 18-Jul-2015 05:21:05 GMT Set-Cookie: start=R118998673; path=/; expires=Sat, 18-Jul-2015 05:19:14 GMT X-Cacheable: Not cacheable: no cache headers from backend X-Geo: varn24.rbx5 X-Geo-Port: 1014 | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: acbk.org
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 18 Jul 2015 04:10:05 GMT
Location: http://acbk.org/tcc.php
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: startBAK=R3415743754; path=/; expires=Sat, 18-Jul-2015 05:25:18 GMT
Set-Cookie: start=R118998673; path=/; expires=Sat, 18-Jul-2015 05:28:28 GMT
X-Cacheable: Not cacheable: no cache headers from backend
X-Geo: varn24.rbx5
X-Geo-Port: 1014
GET / HTTP/1.1
Host: acbk.org
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 18 Jul 2015 04:10:05 GMT
Location: http://acbk.org/tcc.php
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: startBAK=R3415743754; path=/; expires=Sat, 18-Jul-2015 05:25:18 GMT
Set-Cookie: start=R118998673; path=/; expires=Sat, 18-Jul-2015 05:28:28 GMT
X-Cacheable: Not cacheable: no cache headers from backend
X-Geo: varn24.rbx5
X-Geo-Port: 1014
Second query (visit from search engine):
GET / HTTP/1.1
Host: acbk.org
Referer: http://www.google.com/search?q=acbk.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: acbk.org
Referer: http://www.google.com/search?q=acbk.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=acbk.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://acbk.org/
Result: acbk.org is not infected or malware details are not published yet.
Result: acbk.org is not infected or malware details are not published yet.