Scanned pages/files
Request | Server response | Status |
http://literacysa.org/ | 200 OK Content-Length: 6500 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by pagolmoon3 ...[5242 bytes skipped]... er">Hacked</h1> <article id="node-10243" class="node node-page clearfix"> <header> </header> <div class="field field-name-body field-type-text-with-summary field-label-hidden"><div class="field-items"><div class="field-item even"><html> <head> <title>Hacked by pagolmoon3</title> <meta http-equiv="Content-Type" content="text/html; charset=utf8" /> <meta name="Author" content="pagolmoon3"/> <meta name="copyright" content="3xp1r3 Cyber Army"/> <meta name="description" content="A List of Geniuses"/> <meta name="keywords" content="pagolmoon3, Hacked By pagol, 3xp1r3 Cyber Army"/> <meta name="robots" content="ARCHIVE"/> <meta name="revisit" content="1 day"/> <met ...[1751 bytes skipped]... | ||
http://code.jquery.com/jquery-1.7.1.js | 200 OK Content-Length: 248235 Content-Type: application/javascript | clean |
http://literacysa.org/misc/jquery.once.js?v=1.2 | 200 OK Content-Length: 2974 Content-Type: text/javascript | clean |
http://literacysa.org/misc/drupal.js?nkcwo9 | 200 OK Content-Length: 14544 Content-Type: text/javascript | clean |
http://literacysa.org//netdna.bootstrapcdn.com/twitter-bootstrap/2.3.2/js/bootstrap.min.js?nkcwo9/ | 404 Not Found Content-Length: 358 Content-Type: text/html | clean |
http://literacysa.org/test404page.js | 404 Not Found Content-Length: 297 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: literacysa.org
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 19 Jul 2015 08:55:10 GMT
ETag: "1437296110"
Server: Apache/2.2.15 (CentOS)
Content-Language: en
Content-Length: 6500
Content-Type: text/html; charset=utf-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Sun, 19 Jul 2015 08:55:10 +0000
Link: </?q=node/10243>; rel="shortlink",</?q=content/hacked>; rel="canonical"
X-Generator: Drupal 7 (http://drupal.org)
X-Powered-By: PHP/5.3.3
...6500 bytes of data.
GET / HTTP/1.1
Host: literacysa.org
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 19 Jul 2015 08:55:10 GMT
ETag: "1437296110"
Server: Apache/2.2.15 (CentOS)
Content-Language: en
Content-Length: 6500
Content-Type: text/html; charset=utf-8
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Sun, 19 Jul 2015 08:55:10 +0000
Link: </?q=node/10243>; rel="shortlink",</?q=content/hacked>; rel="canonical"
X-Generator: Drupal 7 (http://drupal.org)
X-Powered-By: PHP/5.3.3
...6500 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: literacysa.org
Referer: http://www.google.com/search?q=literacysa.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: literacysa.org
Referer: http://www.google.com/search?q=literacysa.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=literacysa.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://literacysa.org/
Result: literacysa.org is not infected or malware details are not published yet.
Result: literacysa.org is not infected or malware details are not published yet.