Scanned pages/files
Request | Server response | Status |
http://voteadvantage.com/ | 200 OK Content-Length: 11574 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 src: http://www.youtube.com/v/nzycfjpsmou?rel=0&autoplay=1 <iframe width="0" height="0" src="http://www.youtube.com/v/nzycfjpsmou?rel=0&autoplay=1" frameborder="0" allowfullscreen> Deface/Content modification. The following signature was found: Hacked By T1G3R_TR4C3 <html> <head> <br><br><br><br> <title>Hacked By T1G3R_TR4C3</title> <link rel="shortcut icon" href="http://cyb3rsw0rd.org/logo.png"> <script language="JavaScript"> <!-- var left="["; var right="]"; var msg="Hacked By T1G3R_TR4C3 <--"; var speed=200; function scroll_title() { document.title=left+msg+right; msg=msg.substring(1,msg.length)+msg.charAt(0); setTimeout("scroll_title()" ...[13288 bytes skipped]... | ||
http://ajax.googleapis.com/ajax/libs/jquery/1.3.1/jquery.min.js | 200 OK Content-Length: 55272 Content-Type: text/javascript | clean |
http://local.adfender.com/adfender/elemhide.js | 404 Not Found Content-Length: 1363 Content-Type: text/html | clean |
http://local.adfender.com/test404page.js | 404 Not Found Content-Length: 1363 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: voteadvantage.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 18 Dec 2015 20:28:38 GMT
Server: Apache
Content-Type: text/html
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: voteadvantage.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 18 Dec 2015 20:28:38 GMT
Server: Apache
Content-Type: text/html
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: voteadvantage.com
Referer: http://www.google.com/search?q=voteadvantage.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: voteadvantage.com
Referer: http://www.google.com/search?q=voteadvantage.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=voteadvantage.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://voteadvantage.com/
Result: voteadvantage.com is not infected or malware details are not published yet.
Result: voteadvantage.com is not infected or malware details are not published yet.