Scanned pages/files
Request | Server response | Status |
http://www.187.it/ | HTTP/1.1 302 Found Connection: close Date: Wed, 24 Sep 2014 11:26:15 GMT Location: http://www.telecomitalia.it/?ref=1 Server: Apache Content-Length: 218 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: cookie_www.187.alice.it=2871373066.36895.0000; path=/ | clean |
http://www.telecomitalia.it/?ref=1 | 200 OK Content-Length: 47497 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var axel = Math.random() + ""; var a = axel * 10000000000000; document.write('<iframe src="http://1597775.fls.doubleclick.net/activityi;src=1597775;type=landi001;cat=landi575;ord=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>'); Antivirus reports:
Hidden iFrame found. size: 1x1 style: hidden src: http://1597775.fls.doubleclick.net/activityi;src=1597775;type=landi001;cat=landi575;ord= <iframe src="http://1597775.fls.doubleclick.net/activityi;src=1597775;type=landi001;cat=landi575;ord=' + a + '?" width="1" height="1" frameborder="0" style="display:none"> Hidden iFrame found. size: 1x1 style: hidden src: http://1597775.fls.doubleclick.net/activityi;src=1597775;type=landi001;cat=landi575;ord=1? <iframe src="http://1597775.fls.doubleclick.net/activityi;src=1597775;type=landi001;cat=landi575;ord=1?" width="1" height="1" frameborder="0" style="display:none"> | ||
http://www.telecomitalia.it/misc/jquery.js?V | 200 OK Content-Length: 31028 Content-Type: application/javascript | clean |
http://www.187.it/misc/drupal.js?V | HTTP/1.1 302 Found Connection: close Date: Wed, 24 Sep 2014 11:26:16 GMT Location: http://www.telecomitalia.it/?ref=1 Server: Apache Content-Length: 218 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: cookie_www.187.alice.it=2871373066.36895.0000; path=/ | clean |
http://www.telecomitalia.it/test404page.js | 404 Not Found Content-Length: 220 Content-Type: text/html | clean |
http://www.187.it/sites/all/modules/lightbox2/js/lightbox.js?V | HTTP/1.1 302 Found Connection: close Date: Wed, 24 Sep 2014 11:26:16 GMT Location: http://www.telecomitalia.it/?ref=1 Server: Apache Content-Length: 218 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: cookie_www.187.alice.it=2821041418.36895.0000; path=/ | clean |
http://www.telecomitalia.it/sites/default/files/themes/pti-bo/js/report.js?V | 200 OK Content-Length: 4485 Content-Type: application/javascript | clean |
http://www.187.it/sites/all/themes/pti-bo/../../../default/files/themes/pti-bo/js/jquery.cookie.js?V | HTTP/1.1 302 Found Connection: close Date: Wed, 24 Sep 2014 11:26:17 GMT Location: http://www.telecomitalia.it/?ref=1 Server: Apache Content-Length: 218 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: cookie_www.187.alice.it=2871373066.36895.0000; path=/ | clean |
http://www.187.it/sites/all/themes/pti-bo/../../../default/files/themes/pti-bo/js/check.js?V | HTTP/1.1 302 Found Connection: close Date: Wed, 24 Sep 2014 11:26:17 GMT Location: http://www.telecomitalia.it/?ref=1 Server: Apache Content-Length: 218 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: cookie_www.187.alice.it=2821041418.36895.0000; path=/ | clean |
http://www.187.it/sites/all/themes/pti-bo/../../../default/files/themes/pti-bo/js/jquery.easing.js?V | HTTP/1.1 302 Found Connection: close Date: Wed, 24 Sep 2014 11:26:17 GMT Location: http://www.telecomitalia.it/?ref=1 Server: Apache Content-Length: 218 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: cookie_www.187.alice.it=2821041418.36895.0000; path=/ | clean |
http://www.187.it/sites/all/themes/pti-bo/../../../default/files/themes/pti-bo/js/global.js?V | HTTP/1.1 302 Found Connection: close Date: Wed, 24 Sep 2014 11:26:17 GMT Location: http://www.telecomitalia.it/?ref=1 Server: Apache Content-Length: 218 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: cookie_www.187.alice.it=2821041418.36895.0000; path=/ | clean |
http://www.187.it/sites/all/themes/pti-bo/../../../default/files/themes/pti-bo/js/it.js?V | HTTP/1.1 302 Found Connection: close Date: Wed, 24 Sep 2014 11:26:17 GMT Location: http://www.telecomitalia.it/?ref=1 Server: Apache Content-Length: 218 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: cookie_www.187.alice.it=2871373066.36895.0000; path=/ | clean |
http://www.187.it/sites/all/themes/pti-bo/../../../default/files/themes/pti-bo/js/preferiti.js?V | HTTP/1.1 302 Found Connection: close Date: Wed, 24 Sep 2014 11:26:18 GMT Location: http://www.telecomitalia.it/?ref=1 Server: Apache Content-Length: 218 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: cookie_www.187.alice.it=2871373066.36895.0000; path=/ | clean |
http://www.187.it/sites/all/modules/custom/ti_stats/js/ga_ext_track.js | HTTP/1.1 302 Found Connection: close Date: Wed, 24 Sep 2014 11:26:18 GMT Location: http://www.telecomitalia.it/?ref=1 Server: Apache Content-Length: 218 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: cookie_www.187.alice.it=2821041418.36895.0000; path=/ | clean |
http://img.metaffiliation.com/u/19/p34869.js?zone=accueil | 200 OK Content-Length: 12673 Content-Type: text/javascript | clean |
http://www.187.it/sites/all/modules/custom/ti_stats/js/cookies.js | HTTP/1.1 302 Found Connection: close Date: Wed, 24 Sep 2014 11:26:18 GMT Location: http://www.telecomitalia.it/?ref=1 Server: Apache Content-Length: 218 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: cookie_www.187.alice.it=2821041418.36895.0000; path=/ | clean |
http://www.187.it/sites/default/files/themes/ti_bo/js/callgeoisp.js | HTTP/1.1 302 Found Connection: close Date: Wed, 24 Sep 2014 11:26:18 GMT Location: http://www.telecomitalia.it/?ref=1 Server: Apache Content-Length: 218 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: cookie_www.187.alice.it=2821041418.36895.0000; path=/ | clean |
http://www.187.it/sites/default/files/themes/pti-bo/js/s_code.js?ts=0 | HTTP/1.1 302 Found Connection: close Date: Wed, 24 Sep 2014 11:26:19 GMT Location: http://www.telecomitalia.it/?ref=1 Server: Apache Content-Length: 218 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: cookie_www.187.alice.it=2821041418.36895.0000; path=/ | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 187.it
Result:
GET / HTTP/1.1
Host: 187.it
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: 187.it
Referer: http://www.google.com/search?q=187.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 187.it
Referer: http://www.google.com/search?q=187.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=187.it
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://187.it/
Result: 187.it is not infected or malware details are not published yet.
Result: 187.it is not infected or malware details are not published yet.