Scanned pages/files
Request | Server response | Status |
http://bapao.org/ | 200 OK Content-Length: 9889 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED BY : E ...[11435 bytes skipped]... t; <body style="color: #FFFFFF; background-color: #000000"> <center> <img src="http://i1354.photobucket.com/albums/q687/eprotocol/nicd2_zpsea45610d.gif"></center> <br> <EMBED SRC="http://a.tumblr.com/tumblr_lo98ww46C91qh5o20o1.mp3" AUTOSTART="TRUE" LOOP="TRUE" WIDTH="1" HEIGHT="1" ALIGN="CENTER"></EMBED> <h2> HACKED BY : E </h2> <h1>ZONE 404</h1> <h3> M Y A N M A R </h3> <div id="matrix" class="auto-style8">| J0T4N | B-FSS | E | 0MJ37 |</div> <h4>Message For Admin</h4> <h4>Use your brain before you make fucking mistakes</h4> <center> </body> </html> | ||
http://bapao.org/test404page.js | 404 Not Found Content-Length: 479 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: bapao.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 21 Aug 2014 07:56:20 GMT
Accept-Ranges: bytes
ETag: "1901cae-26a1-4fdf7fb01335b"
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_bwlimited/1.4 mod_perl/2.0.6 Perl/v5.10.1
Content-Length: 9889
Content-Type: text/html
Last-Modified: Sat, 12 Jul 2014 05:03:36 GMT
...9889 bytes of data.
GET / HTTP/1.1
Host: bapao.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 21 Aug 2014 07:56:20 GMT
Accept-Ranges: bytes
ETag: "1901cae-26a1-4fdf7fb01335b"
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_bwlimited/1.4 mod_perl/2.0.6 Perl/v5.10.1
Content-Length: 9889
Content-Type: text/html
Last-Modified: Sat, 12 Jul 2014 05:03:36 GMT
...9889 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: bapao.org
Referer: http://www.google.com/search?q=bapao.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: bapao.org
Referer: http://www.google.com/search?q=bapao.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bapao.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bapao.org/
Result: bapao.org is not infected or malware details are not published yet.
Result: bapao.org is not infected or malware details are not published yet.