Scanned pages/files
Request | Server response | Status |
http://tunezja-last-minute.com.pl/ | 200 OK Content-Length: 17430 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: +ADw-title+AD4-Hacked By Must+AEA-f+AEAAPA-/title+AD4 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head profile="http://gmpg.org/xfn/1"> <title>+ADw-/title+AD4APA-html+AD4 +ADw-meta charset+AD0AIg-UTF-8+ACIAPg +ADw-title+AD4-Hacked By Must+AEA-f+AEAAPA-/title+AD4 +ADw-body bgcolor+AD0AIg-black+ACI oncontextmenu+AD0AIg-return false+ACI onselectstart+AD0AIg-return false+ACI ondragstart+AD0AIg-return false+ACIAPg +ADw-link href+AD0AIg-http://fonts.googleapis.com/css?family+AD0-Share+ACs-Tech+ACs-Mono+ACI rel+AD0AIg-stylesheet+ACI type+AD0AIg-text/css+ACIAPg +ADw-center+AD4 +ADw-br+AD4APA-br+AD4 +ADw-img src+AD0AIg-http://i.hizliresim.com/7mQ7gv.jpg+ ...[18185 bytes skipped]... | ||
http://www.traveligo.pl/scripts/belka.js?id=430 | 200 OK Content-Length: 12402 Content-Type: text/javascript | clean |
http://hiszpania.latolastminute.pl/wp-content/plugins/contact-form-7/jquery.form.js?ver=2.47 | 500 Can't connect to hiszpania.latolastminute.pl:80 Content-Length: 202 Content-Type: text/plain | clean |
http://hiszpania.latolastminute.pl/test404page.js | 500 Can't connect to hiszpania.latolastminute.pl:80 Content-Length: 202 Content-Type: text/plain | clean |
http://hiszpania.latolastminute.pl/wp-content/plugins/contact-form-7/scripts.js?ver=2.4.1 | 500 Can't connect to hiszpania.latolastminute.pl:80 Content-Length: 202 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tunezja-last-minute.com.pl
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 25 Jan 2015 01:05:34 GMT
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-7
X-Pingback: http://tunezja-last-minute.com.pl/xmlrpc.php
X-Powered-By: PHP/5.3.28
GET / HTTP/1.1
Host: tunezja-last-minute.com.pl
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 25 Jan 2015 01:05:34 GMT
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-7
X-Pingback: http://tunezja-last-minute.com.pl/xmlrpc.php
X-Powered-By: PHP/5.3.28
Second query (visit from search engine):
GET / HTTP/1.1
Host: tunezja-last-minute.com.pl
Referer: http://www.google.com/search?q=tunezja-last-minute.com.pl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tunezja-last-minute.com.pl
Referer: http://www.google.com/search?q=tunezja-last-minute.com.pl
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tunezja-last-minute.com.pl
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tunezja-last-minute.com.pl/
Result: tunezja-last-minute.com.pl is not infected or malware details are not published yet.
Result: tunezja-last-minute.com.pl is not infected or malware details are not published yet.