Scanned pages/files
Request | Server response | Status |
http://smartercountry.org/ | 200 OK Content-Length: 1339 Content-Type: text/html | clean |
http://smartercountry.org/index.php | 200 OK Content-Length: 1854 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://www.youtube.com/embed/j_u5nfdr7aa?rel=0&autoplay=1 <iframe width="1" frameborder="0" height="1" allowfullscreen="" src="http://www.youtube.com/embed/j_u5nfdr7aa?rel=0&autoplay=1"> Deface/Content modification. The following signature was found: Your website has been hacked by centerX ...[805 bytes skipped]... <ul> <li><a href="?page=1">T3RR0R_TC-X</a></li> </ul> </div> <div id="logo"> <a href="index.php"><img src="img/logo2.gif" width="430" height="107" border="0" alt="" align="left"></a> </div> <br clear="all" /> <div id="text-home"> <center> <h1>Your website has been hacked by centerX</h1> <h2>TC-X Team</h2> <h2><img alt="" src="http://1.bp.blogspot.com/-EciqKcF5MeQ/T4wk5lOUzvI/AAAAAAAAAOI/UFKadrDREhU/s320/centerX.jpg" /></h2> <h3>Greetings to: T3RROR21,VAG,DOM,INA,ANNOULA,TAS,SIS <3</h3> <iframe width="1" frameborder="0" height="1" allowfullscreen="" src="http://www.youtube.com/embed/j_u5NfDR7AA?rel=0&autoplay=1"></iframe></center> <scri ...[654 bytes skipped]... | ||
http://smartercountry.org/?page=1 | 200 OK Content-Length: 1339 Content-Type: text/html | clean |
http://smartercountry.org/test404page.js | 404 Not Found Content-Length: 631 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: smartercountry.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 12 Dec 2015 17:34:31 GMT
Accept-Ranges: bytes
ETag: "f97d35-53b-44e6cb6bb3800"
Server: Apache
Content-Length: 1339
Content-Type: text/html
Last-Modified: Fri, 30 May 2008 06:25:36 GMT
...1339 bytes of data.
GET / HTTP/1.1
Host: smartercountry.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 12 Dec 2015 17:34:31 GMT
Accept-Ranges: bytes
ETag: "f97d35-53b-44e6cb6bb3800"
Server: Apache
Content-Length: 1339
Content-Type: text/html
Last-Modified: Fri, 30 May 2008 06:25:36 GMT
...1339 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: smartercountry.org
Referer: http://www.google.com/search?q=smartercountry.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: smartercountry.org
Referer: http://www.google.com/search?q=smartercountry.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=smartercountry.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://smartercountry.org/
Result: smartercountry.org is not infected or malware details are not published yet.
Result: smartercountry.org is not infected or malware details are not published yet.