Scanned pages/files
Request | Server response | Status |
http://ma-wi.pl/ | 200 OK Content-Length: 25953 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By TRAFIQUANT ...[23326 bytes skipped]... </font></font></pre></center> </center> <head> <meta http-equiv="Content-Type" content="text/HTML; charset=utf-8" /> <link rel="shortcut icon" href="http://www.ferrobattuto.info/blog/wp-content/uploads/2013/08/Tunisian_text_flag_by_graffadetoart.jpg" type="image/x-icon"> <title>Hacked By TRAFIQUANT</title> <link href='http://fonts.googleapis.com/css?family=Wallpoet' rel='stylesheet' type='text/css'> <link href='http://fonts.googleapis.com/css?family=Cherry+Swash' rel='stylesheet' type='text/css'> <link href='http://fonts.googleapis.com/css?family=Creepster' rel='stylesheet' type='text/css'> <br><span class="wglow" style="font-family: Courier;"><b> </b></span ...[3413 bytes skipped]... | ||
http://ma-wi.pl/test404page.js | 404 Not Found Content-Length: 2159 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ma-wi.pl
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 24 May 2015 03:38:54 GMT
Server: Apache/2
Vary: Accept-Encoding
Content-Type: text/html
GET / HTTP/1.1
Host: ma-wi.pl
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 24 May 2015 03:38:54 GMT
Server: Apache/2
Vary: Accept-Encoding
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: ma-wi.pl
Referer: http://www.google.com/search?q=ma-wi.pl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ma-wi.pl
Referer: http://www.google.com/search?q=ma-wi.pl
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ma-wi.pl
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ma-wi.pl/
Result: ma-wi.pl is not infected or malware details are not published yet.
Result: ma-wi.pl is not infected or malware details are not published yet.