Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=berluscones.oknotizie.virgilio.it
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://berluscones.oknotizie.virgilio.it/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://berluscones.oknotizie.virgilio.it/ | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://berluscones.oknotizie.virgilio.it/test404page.js | 200 OK Content-Length: 11322 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: oknotizie.virgilio.it ...[1101 bytes skipped]... lt;/script> <script type="text/javascript" src="/javascript/clicktip.js?ver=22"></script> <script type="text/javascript" src="/javascript/notlogged.js?ver=22"></script> <script type="text/javascript" src="/javascript/secret.php?s=1402093280|81bb5ce2620a7e809c211cf035243e7a"></script> <title>Utente sconosciuto</title> <script type="text/javascript" src="http://oknotizie.virgilio.it/javascript/news.js?ver=22"></script> </head> <div id="notify-container"></div> <body bgcolor="#ffffff"> <div id="container"> <!-- inizio header alice --> <div id="headeralice"> <iframe src="http://partner-common.alice.it/notizie/common/VIRGILIO/header2008/ifr_header_fld_nosrc.html" frameborder="0" scrolling="no" noresize="" marginwidth="0" marginheight="0" height="58" width="100%"></iframe&g ...[11636 bytes skipped]... | ||
http://berluscones.oknotizie.virgilio.it/javascript/jquery-1.6.4.min.js?ver=22 | 200 OK Content-Length: 91670 Content-Type: application/javascript | clean |
http://berluscones.oknotizie.virgilio.it/javascript/nook.js?ver=22 | 200 OK Content-Length: 2558 Content-Type: application/javascript | suspicious |
Page code contains blacklisted domain: oknotizie.virgilio.it ...[626 bytes skipped]... br/>var lastDivClick=false; function clickSel(div){ if(lastDivClick){ var e = document.getElementById(lastDivClick); if (e) e.className='newsTitle'; } document.getElementById(div).className='newsTitleSel'; lastDivClick=div; var now = new Date; t = now.getTime(); now.setTime(t+(3600*2)); setCookie("lastDivClick",div,now,'/'); setCookie("lastDivClick",div,now,'/',"oknotizie.virgilio.it"); setCookie("lastDivClick",div,now,'/',".oknotizie.virgilio.it"); return false; } function lastCLick(){ var div=getCookie('lastDivClick'); if(document.getElementById(div)){ clickSel(div); } } function eventMouse(e,div){ if(e.which==2){ clickSel(div); } } /* Copyright(C) 2006 Salvatore Sanfilippo antirez at gmail dot com * Copyright(C) 2006 Merzia s.r.l. * All Rights Reserved */ funct ...[1378 bytes skipped]... | ||
http://berluscones.oknotizie.virgilio.it/javascript/cookie.js?ver=22 | 200 OK Content-Length: 2126 Content-Type: application/javascript | clean |
http://berluscones.oknotizie.virgilio.it/javascript/login.js?ver=22 | 200 OK Content-Length: 1645 Content-Type: application/javascript | clean |
http://berluscones.oknotizie.virgilio.it/javascript/form.js?ver=22 | 200 OK Content-Length: 2177 Content-Type: application/javascript | clean |
http://berluscones.oknotizie.virgilio.it/javascript/ajax.js?ver=22 | 200 OK Content-Length: 3678 Content-Type: application/javascript | clean |
http://berluscones.oknotizie.virgilio.it/javascript/rs.js?ver=22 | 200 OK Content-Length: 956 Content-Type: application/javascript | clean |
http://berluscones.oknotizie.virgilio.it/javascript/clicktip.js?ver=22 | 200 OK Content-Length: 4259 Content-Type: application/javascript | clean |
http://berluscones.oknotizie.virgilio.it/javascript/notlogged.js?ver=22 | 200 OK Content-Length: 1755 Content-Type: application/javascript | clean |
http://berluscones.oknotizie.virgilio.it/javascript/secret.php?s=1402093280|81bb5ce2620a7e809c211cf035243e7a | 200 OK Content-Length: 49 Content-Type: application/javascript | clean |
http://oknotizie.virgilio.it/javascript/news.js?ver=22 | 200 OK Content-Length: 8579 Content-Type: application/javascript | clean |
http://berluscones.oknotizie.virgilio.it/javascript/webabacus-tag.js | 200 OK Content-Length: 34225 Content-Type: application/javascript | clean |
http://berluscones.oknotizie.virgilio.it//secure-it.imrworldwide.com/v53.js/ | 200 OK Content-Length: 11334 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: oknotizie.virgilio.it ...[1101 bytes skipped]... lt;/script> <script type="text/javascript" src="/javascript/clicktip.js?ver=22"></script> <script type="text/javascript" src="/javascript/notlogged.js?ver=22"></script> <script type="text/javascript" src="/javascript/secret.php?s=1402093283|bd7c5ff783bef2fd43195f3443132bd0"></script> <title>Utente sconosciuto</title> <script type="text/javascript" src="http://oknotizie.virgilio.it/javascript/news.js?ver=22"></script> </head> <div id="notify-container"></div> <body bgcolor="#ffffff"> <div id="container"> <!-- inizio header alice --> <div id="headeralice"> <iframe src="http://partner-common.alice.it/notizie/common/VIRGILIO/header2008/ifr_header_fld_nosrc.html" frameborder="0" scrolling="no" noresize="" marginwidth="0" marginheight="0" height="58" width="100%"></iframe&g ...[11648 bytes skipped]... |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: berluscones.oknotizie.virgilio.it
Result:
HTTP/1.1 500 timeout
Content-Type: text/plain
GET / HTTP/1.1
Host: berluscones.oknotizie.virgilio.it
Result:
HTTP/1.1 500 timeout
Content-Type: text/plain
Second query (visit from search engine):
GET / HTTP/1.1
Host: berluscones.oknotizie.virgilio.it
Referer: http://www.google.com/search?q=berluscones.oknotizie.virgilio.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: berluscones.oknotizie.virgilio.it
Referer: http://www.google.com/search?q=berluscones.oknotizie.virgilio.it
Result:
The result is similar to the first query. There are no suspicious redirects found.