Blood runs in rivulets down President Trump’s chin as a fist punches his left cheek. Two golden missiles, each emblazoned with the Iranian flag, shoot across the bottom of the illustration.

“This is message from Islamic Republic Of Iran,” reads text in English.

The image of a bloodied Trump accompanied by pro-Iranian statements popped up in an unusual place over the weekend: the home page of a U.S. government website.

On Saturday, the website for a program that provides free public access to federal government information was reportedly hacked by a group claiming allegiance to Iran. The page for the Federal Depository Library Program was replaced with a graphic titled, “Iranian Hackers!” that included photos of Iran’s supreme leader, Ayatollah Ali Khamenei, and the country’s flag. The actors behind the apparent attack, which led to the website getting taken offline for about 24 hours, identified themselves as “Iran Cyber Security Group Hackers” and warned that their work was “only a small part of Iran’s cyber ability.”

“We’re always ready,” the text on the graphic said.

Officials have yet to establish whether the hackers are directly affiliated with Iran.

“We are aware the website of the Federal Depository Library Program (FDLP) was defaced with pro-Iranian, anti-US messaging,” a spokesperson for the Cybersecurity and Infrastructure Security Agency, a division of the Department of Homeland Security, told The Washington Post Monday. “At this time, there is no confirmation that this was the action of Iranian state-sponsored actors.”

The spokesperson noted that “a misconfiguration with the content management system allowed a malicious actor to deface the website.”

Saturday’s incident came as tensions between the United States and Iran continued to escalate dramatically in the aftermath of an U.S. drone strike that killed one of Iran’s top military figures, Maj. Gen. Qasem Soleimani, in Baghdad last week. In response, Iran has vowed revenge, prompting experts to warn that a variety of cyberattacks against the United States “should be expected.”

Revenge appeared to be the message behind the alleged cyberattack on the federal library program’s website over the weekend. In the graphic that showed up in place of the original home page, the fist punching Trump was connected to an arm covered by a green sleeve bearing an insignia similar to the one associated with the Islamic Revolutionary Guard Corps, which Soleimani helped lead. The image also featured a version of the strong statement shared by Khamenei, in which the leader promised that “severe revenge awaits those criminals who have tainted their filthy hands with [Soleimani’s] blood and the blood of the other martyrs.” Toward the bottom of the page, the hackers wrote “#Hard revenge,” punctuating the statement with an emoticon of a winking face.

A spokesperson for the Government Publishing Office, which operates the library program, told The Washington Post in a statement Monday morning that the site was taken down “to allow for a security analysis.”

“It has been determined by GPO’s IT security team none of the site’s data was compromised, and the site is back online,” said Gary Somerset, the office’s chief public relations officer. “GPO continues to coordinate with the appropriate authorities to investigate the origins of the intrusion.”

While at least one senior U.S. cybersecurity official dismissed the apparent hacking as “a nothing event,” others have stressed the importance of remaining vigilant against cyberattacks, urging all organizations to increase monitoring, back up their systems, implement multi-factor authentication and have an incident response plan prepared.

A National Terrorism Advisory System bulletin issued Saturday noted Iran’s “robust cyber program” in its summary of potential threats faced by Americans. Hackers with ties to Iran have been behind several cyberattacks in recent years that targeted U.S. entities including banks and a New York state dam.

“Iran is capable, at minimum, of carrying out attacks with temporary disruptive effects against critical infrastructure in the United States,” the bulletin said. In a tweet, acting Homeland Security secretary Chad Wolf added that the agency is “actively monitoring & preparing for any specific, credible threat, should one arise.”

Meanwhile, Trump has responded to the possibility of Iranian retaliation using another tactic: more threats. On Sunday, the president tweeted that “should Iran strike any U.S. person or target, the United States will quickly & fully strike back, & perhaps in a disproportionate manner.”