Scanned pages/files
Request | Server response | Status |
http://swansfoundation.com/ | 200 OK Content-Length: 7176 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By K4C3 Undetected <html>
<head> <LINK rel="SHORTCUT ICON" href="http://i50.tinypic.com/33u8ugl.gif"> <meta http-equiv="Content-Language" content="en-us"> <meta http-equiv="Content-Type" content="text/html; charset=windows-1252"> <title>Hacked By K4C3 Undetected</title> <meta name="keywords" content=" Hacked by K4C3 Undetected , K4C3 Undetected , Malaysia, malingsial, fuck malaysia, indonesia, indonesian,K4C3 Undetected, K4C3 Undetected, K4C3 Undetected Attack, Indonesian Hacker, Network, Netpark, network, hacking, cracking, Berita, Galeri Foto, Pemerintahan, Fasilitas Kota, Potensi Daerah, Produk Hukum, Interaktif, Video, Lagu, internet, ppkia, stmik ppkia, tarakan, am ...[7731 bytes skipped]... | ||
http://K4C3-Undetected.googlecode.com/files/K4C3 Undetected.js | 404 Not Found Content-Length: 1451 Content-Type: text/html | clean |
http://K4C3-Undetected.googlecode.com//www.google.com/ | 404 Not Found Content-Length: 1425 Content-Type: text/html | clean |
http://K4C3-Undetected.googlecode.com/test404page.js | 404 Not Found Content-Length: 1439 Content-Type: text/html | clean |
http://swansfoundation.com//www.google.com/ | 404 Not Found Content-Length: 468 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: swansfoundation.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 22 Nov 2014 23:48:05 GMT
Accept-Ranges: bytes
ETag: "140db8-1c08-4c3747831e0c0"
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Length: 7176
Content-Type: text/html
Last-Modified: Wed, 27 Jun 2012 13:48:27 GMT
...7176 bytes of data.
GET / HTTP/1.1
Host: swansfoundation.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 22 Nov 2014 23:48:05 GMT
Accept-Ranges: bytes
ETag: "140db8-1c08-4c3747831e0c0"
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Length: 7176
Content-Type: text/html
Last-Modified: Wed, 27 Jun 2012 13:48:27 GMT
...7176 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: swansfoundation.com
Referer: http://www.google.com/search?q=swansfoundation.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: swansfoundation.com
Referer: http://www.google.com/search?q=swansfoundation.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=swansfoundation.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://swansfoundation.com/
Result: swansfoundation.com is not infected or malware details are not published yet.
Result: swansfoundation.com is not infected or malware details are not published yet.