Scanned pages/files
Request | Server response | Status |
http://kogradigrad.org/ | 200 OK Content-Length: 1450 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by ILLYRIAN Cyber Army - ICA-CR3W ...[947 bytes skipped]... ;title>#ICACR3W</title> <body bgcolor="black" text="dafunk"> <br> <br> <p align="center"><img src="http://ts3.mm.bing.net/th?id=hn.608014043448215617&pid=1.7"></p> <p align="center"> </p> <body> <div id="tool"> <H1 style="color: #000000; text-shadow: 0px 0px 1px #000000";text-align: center;>Hacked by ILLYRIAN Cyber Army - ICA-CR3W </H1> <body> <div id="tool"> <H2 style="color: #000000; text-shadow: 0px 0px 1px #000000";text-align: center;>- DribLeX - DarkDevil - Unisson - ToksidoHack -</H2> <body> <div id="tool"> <H3 style="color: #000000; text-shadow: 0px 0px 1px #000000";text-align: center;></H1> <iframe width="0" height="0" src="" frameborder="0" allowfullscreen></iframe> </center> | ||
http://kogradigrad.org/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: kogradigrad.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 31 Jan 2015 03:10:27 GMT
Server: Apache/2.0.58 (Unix) DAV/2
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: kogradigrad.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 31 Jan 2015 03:10:27 GMT
Server: Apache/2.0.58 (Unix) DAV/2
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: kogradigrad.org
Referer: http://www.google.com/search?q=kogradigrad.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: kogradigrad.org
Referer: http://www.google.com/search?q=kogradigrad.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=kogradigrad.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://kogradigrad.org/
Result: kogradigrad.org is not infected or malware details are not published yet.
Result: kogradigrad.org is not infected or malware details are not published yet.