Scanned pages/files
Request | Server response | Status |
http://www.vatleasing.pl/ | 200 OK Content-Length: 2659 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 src: http://www.youtube.com/embed/fnejyc-n5uc?&autoplay=1 <iframe allowfullscreen="" frameborder="0" height="0" src="http://www.youtube.com/embed/fnejyc-n5uc?&autoplay=1" width="0"> Deface/Content modification. The following signature was found: Hacked By Cyberizm <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml"> <head> <body bgcolor="white"> <title>Hacked By Cyberizm</title> <p style="text-align: center;"> </p> <p style="text-align: center;"></p> <center> <img alt="" src=" style="width: 452px; height: 300px;"/> <img alt="" src="http://www.resim-yukle.org/images/2014/11/29/cyberizm-bayrak.gif" style="width: 452px; height: 300px;"/> <p> </p> </center> <h2 style= ...[2284 bytes skipped]... | ||
http://www.adcash.com/script/java.php?option=rotateur&rotateur=359571 | 200 OK Content-Length: 8998 Content-Type: text/html | clean |
http://www.adcash.com/test404page.js | 404 Not Found Content-Length: 565 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: vatleasing.pl
Result:
GET / HTTP/1.1
Host: vatleasing.pl
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: vatleasing.pl
Referer: http://www.google.com/search?q=vatleasing.pl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: vatleasing.pl
Referer: http://www.google.com/search?q=vatleasing.pl
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=vatleasing.pl
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://vatleasing.pl/
Result: vatleasing.pl is not infected or malware details are not published yet.
Result: vatleasing.pl is not infected or malware details are not published yet.