Scanned pages/files
| Request | Server response | Status |
http://bladibella.com/ | 200 OK Content-Length: 68648 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Virus OS ...[40324 bytes skipped]... <p><span style="font-size: medium; font-family: georgia, 'times new roman', times, serif;"><img height="130" src="http://img5.ilmessaggero.it/MsgrNews/PANORAMA/20150324_hacker.jpg" style="margin-left: 6px; margin-right: 6px; border: 2px solid black; float: left;" width="200" />Un cerchio nero con artigli che spuntano (simbolo di </span><span style="font-size: 0.9em;"><strong>Hacked By Virus OS</strong></span>) </p><p><span style="font-size: medium; font-family: georgia, 'times new roman', times, serif;">e sotto, in arancione, la scritta "Hello world, I'm here to send my messagge. Islam is not terrorism, and stop killing the muslims in the whole world" ("Ciao mondo, sono qui per mandare il mio messaggio. L'Islam non è terrorismo, e smettete di uccidere i musulmani in tutto il mondo").</span><span ...[43263 bytes skipped]... | ||
http://bladibella.com/include/xoops.js | 200 OK Content-Length: 7236 Content-Type: application/javascript | clean |
http://bladibella.com/class/textsanitizer/image/image.js | 200 OK Content-Length: 902 Content-Type: application/javascript | clean |
http://bladibella.com/menu/js/jquery-1.4.2.min.js | 200 OK Content-Length: 72174 Content-Type: application/javascript | clean |
http://bladibella.com/menu/js/jquery.easing-sooper.js | 200 OK Content-Length: 2269 Content-Type: application/javascript | clean |
http://bladibella.com/menu/js/jquery.sooperfish.js | 200 OK Content-Length: 2341 Content-Type: application/javascript | clean |
http://bladibella.com//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/ | 404 Not Found Content-Length: 12839 Content-Type: text/html | clean |
http://code.jquery.com/jquery-1.9.1.js | 200 OK Content-Length: 268381 Content-Type: application/x-javascript | clean |
http://suspended.hostgator.com/js/simple-expand.min.js | 200 OK Content-Length: 2782 Content-Type: text/javascript | clean |
http://bladibella.com/test404page.js | 404 Not Found Content-Length: 12839 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: bladibella.com
Result:
HTTP/1.1 200 OK
Cache-Control: private, no-cache
Connection: close
Date: Tue, 24 Mar 2015 13:19:18 GMT
Pragma: no-cache
Server: nginx/1.6.2
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie: PHPSESSID=7f6223c8e71b3bdfbe59d2c4e144b11e; path=/
GET / HTTP/1.1
Host: bladibella.com
Result:
HTTP/1.1 200 OK
Cache-Control: private, no-cache
Connection: close
Date: Tue, 24 Mar 2015 13:19:18 GMT
Pragma: no-cache
Server: nginx/1.6.2
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie: PHPSESSID=7f6223c8e71b3bdfbe59d2c4e144b11e; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: bladibella.com
Referer: http://www.google.com/search?q=bladibella.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: bladibella.com
Referer: http://www.google.com/search?q=bladibella.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bladibella.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bladibella.com/
Result: bladibella.com is not infected or malware details are not published yet.
Result: bladibella.com is not infected or malware details are not published yet.