Scanned pages/files
Request | Server response | Status |
http://www.polgres.pl/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 27 Dec 2015 07:40:35 GMT Location: http://polgres.pl/ Server: nginx Content-Length: 0 Content-Type: text/html; charset=UTF-7 Set-Cookie: wfvt_4168730160=567f95f31fdc9; expires=Sun, 27-Dec-2015 08:10:35 GMT; path=/; httponly X-Pingback: http://polgres.pl/xmlrpc.php X-Powered-By: PHP/5.3.28 | clean |
http://polgres.pl/ | 200 OK Content-Length: 19182 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: +ADw-/title+AD4APA-h1+AD4 HaCkEd By RxR HaCkEr +ADw-/h1+AD4APA-DIV style+AD0AIg-DISPLAY: none+ACIAPg ...[108 bytes skipped]... gt; <!--[if IE 7]> <html id="ie7" lang="en-US"> <![endif]--> <!--[if IE 8]> <html id="ie8" lang="en-US"> <![endif]--> <!--[if !(IE 6) | !(IE 7) | !(IE 8) ]><!--> <html lang="en-US"> <!--<![endif]--> <head> <meta charset="UTF-7" /> <title>+ADw-/title+AD4APA-h1+AD4 HaCkEd By RxR HaCkEr +ADw-/h1+AD4APA-DIV style+AD0AIg-DISPLAY: none+ACIAPgA8-xmp+AD4- |</title> <link rel="pingback" href="http://polgres.pl/xmlrpc.php" /> <!--[if lt IE 9]> <script src="http://polgres.pl/wp-content/themes/Divi/js/html5.js" type="text/javascript"></script> <![endif]--> <script type="text/javascript"> document.documentElement.className = 'js'; </script> <li ...[21684 bytes skipped]... | ||
http://polgres.pl/wp-includes/js/jquery/jquery.js?ver=56f7c860763d9392b682c286bc7187c7 | 200 OK Content-Length: 95977 Content-Type: application/x-javascript | clean |
http://polgres.pl/wp-includes/js/jquery/jquery-migrate.min.js?ver=56f7c860763d9392b682c286bc7187c7 | 200 OK Content-Length: 7200 Content-Type: application/x-javascript | clean |
http://polgres.pl/wp-includes/js/comment-reply.min.js?ver=56f7c860763d9392b682c286bc7187c7 | 200 OK Content-Length: 757 Content-Type: application/x-javascript | clean |
http://polgres.pl/wp-content/themes/Divi/js/jquery.fitvids.js?ver=56f7c860763d9392b682c286bc7187c7 | 200 OK Content-Length: 2943 Content-Type: application/x-javascript | clean |
http://polgres.pl/wp-content/themes/Divi/js/waypoints.min.js?ver=56f7c860763d9392b682c286bc7187c7 | 200 OK Content-Length: 8051 Content-Type: application/x-javascript | clean |
http://polgres.pl/wp-content/themes/Divi/js/jquery.magnific-popup.js?ver=56f7c860763d9392b682c286bc7187c7 | 200 OK Content-Length: 47718 Content-Type: application/x-javascript | clean |
http://polgres.pl/wp-content/themes/Divi/js/custom.js?ver=56f7c860763d9392b682c286bc7187c7 | 200 OK Content-Length: 99515 Content-Type: application/x-javascript | clean |
http://www.polgres.pl/test404page.js | 404 Not Found Content-Length: 1070 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: polgres.pl
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 27 Dec 2015 07:40:35 GMT
Pragma: no-cache
Server: nginx
Content-Type: text/html; charset=UTF-7
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://polgres.pl/>; rel=shortlink
Set-Cookie: wfvt_4168730160=567f95f34b77f; expires=Sun, 27-Dec-2015 08:10:35 GMT; path=/; httponly
Set-Cookie: PHPSESSID=2dcd5eef423e14fc9675edb6e0a62288; path=/
X-Pingback: http://polgres.pl/xmlrpc.php
X-Powered-By: PHP/5.3.28
GET / HTTP/1.1
Host: polgres.pl
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 27 Dec 2015 07:40:35 GMT
Pragma: no-cache
Server: nginx
Content-Type: text/html; charset=UTF-7
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://polgres.pl/>; rel=shortlink
Set-Cookie: wfvt_4168730160=567f95f34b77f; expires=Sun, 27-Dec-2015 08:10:35 GMT; path=/; httponly
Set-Cookie: PHPSESSID=2dcd5eef423e14fc9675edb6e0a62288; path=/
X-Pingback: http://polgres.pl/xmlrpc.php
X-Powered-By: PHP/5.3.28
Second query (visit from search engine):
GET / HTTP/1.1
Host: polgres.pl
Referer: http://www.google.com/search?q=polgres.pl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: polgres.pl
Referer: http://www.google.com/search?q=polgres.pl
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=polgres.pl
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://polgres.pl/
Result: polgres.pl is not infected or malware details are not published yet.
Result: polgres.pl is not infected or malware details are not published yet.