Scanned pages/files
Request | Server response | Status |
http://atrocitymuseum.org/ | 200 OK Content-Length: 300529 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by LogView7 ...[9279 bytes skipped]... " onorientationchange="resize()" onmousedown="context.fillStyle='rgba(0,0,0,'+opacity+')'" onmouseup="context.fillStyle='rgb(0,0,0)'"> <p class="STYLE1" id="message"> <font color="maroon">me@root:#</font><span class="STYLE11">./Message</span><br /> Sanjungan Jiwa stay in here !!<br /> <font color='red'><i>" Hacked by LogView7 "</i></font><br /><br /> <font color="maroon">Greet </font><span class="STYLE11">For My Friends: </span><br /> <font color="#475dde">Jje Incovers | ReC0ded | Topi Jerami | ViruzTomcat | ice-cream | Podol | AnakOrang | reg~X </font> <font color="#475dde"></font><font color="#475dde">Blitargetar | De4dly_PoiSon | eX-Sh1Ne | MrTieDie | Freezer22 | Ad ...[299373 bytes skipped]... | ||
http://atrocitymuseum.org/test404page.js | 200 OK Content-Length: 301437 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: atrocitymuseum.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 04 Jun 2015 03:55:02 GMT
Server: cloudflare-nginx
Vary: User-Agent,Accept-Encoding
Content-Type: text/html; charset=UTF-8
CF-RAY: 1f10b32990d605bb-ARN
Set-Cookie: __cfduid=ddde8f8bf43c90422090f00fcaf26fa621433390102; expires=Fri, 03-Jun-16 03:55:02 GMT; path=/; domain=.atrocitymuseum.org; HttpOnly
X-Powered-By: PHP/5.3.26
GET / HTTP/1.1
Host: atrocitymuseum.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 04 Jun 2015 03:55:02 GMT
Server: cloudflare-nginx
Vary: User-Agent,Accept-Encoding
Content-Type: text/html; charset=UTF-8
CF-RAY: 1f10b32990d605bb-ARN
Set-Cookie: __cfduid=ddde8f8bf43c90422090f00fcaf26fa621433390102; expires=Fri, 03-Jun-16 03:55:02 GMT; path=/; domain=.atrocitymuseum.org; HttpOnly
X-Powered-By: PHP/5.3.26
Second query (visit from search engine):
GET / HTTP/1.1
Host: atrocitymuseum.org
Referer: http://www.google.com/search?q=atrocitymuseum.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: atrocitymuseum.org
Referer: http://www.google.com/search?q=atrocitymuseum.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=atrocitymuseum.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://atrocitymuseum.org/
Result: atrocitymuseum.org is not infected or malware details are not published yet.
Result: atrocitymuseum.org is not infected or malware details are not published yet.