For the majority of the defaced websites via logol dot ru, see the security header situation there:
Tragic - security headers all missing and one with a warning.
Server is not following best policies on configuration, ispmanager external cloud log-in import bug not patched?
Questions, questions, but we find various defacements here.
polonus