Scanned pages/files
Request | Server response | Status |
http://caldofreddosdf.it/ | 200 OK Content-Length: 17345 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Zino-DZ ...[9411 bytes skipped]... , {}, {url: "http://caldofreddosdf.it/index.php?option=com_content&view=article&id=25:d&Itemid=1", title: "hack zinodz", description: ""}); </script> <!-- END: ValAddThis Plugin --> <!--// BY ZINO-DZ // --> </script><script src="https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js" type="text/javascript">// <![CDATA[ <title>Hacked By Zino-DZ</title> <link rel="shortcut icon" href="http://im33.gulfup.com/7ekcx.png" mce_href="http://im33.gulfup.com/7ekcx.png"> <p align="center"> <link href="http://fonts.googleapis.com/css?family=Share+Tech+Mono" mce_href="http://fonts.googleapis.com/css?family=Share+Tech+Mono" rel='stylesheet' type='text/css'> <link href="http://fonts.googleapis.com/css?family=Geo" mce_href="http://fonts.googleapis.com/css?family=Geo" rel='styleshee ...[11259 bytes skipped]... | ||
http://caldofreddosdf.it/media/system/js/modal.js | 200 OK Content-Length: 10588 Content-Type: application/javascript | clean |
http://caldofreddosdf.it//ajax.googleapis.com/ajax/libs/jquery/1.8/jquery.min.js/ | 200 OK Content-Length: 17345 Content-Type: text/html | clean |
http://caldofreddosdf.it/media/k2/assets/js/k2.noconflict.js | 200 OK Content-Length: 347 Content-Type: application/javascript | clean |
http://caldofreddosdf.it/components/com_k2/js/k2.js | 200 OK Content-Length: 6820 Content-Type: application/javascript | clean |
http://caldofreddosdf.it/media/system/js/caption.js | 200 OK Content-Length: 1963 Content-Type: application/javascript | clean |
http://caldofreddosdf.it/administrator/components/com_fgallery/js/swfobject.js | 200 OK Content-Length: 10223 Content-Type: application/javascript | clean |
http://caldofreddosdf.it/components/com_fgallery/views/gallery/js/swfhelper.js | 200 OK Content-Length: 559 Content-Type: application/javascript | clean |
http://s7.addthis.com/js/250/addthis_widget.js | 200 OK Content-Length: 6827 Content-Type: text/javascript | clean |
http://caldofreddosdf.it/modules/mod_briaskISS/mod_briaskISS.js | 200 OK Content-Length: 3518 Content-Type: application/javascript | clean |
http://caldofreddosdf.it/modules/mod_jw_ucd/mod_jw_ucd/ajaxfader/ajaxfader.js | 200 OK Content-Length: 4635 Content-Type: application/javascript | clean |
https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js | 200 OK Content-Length: 91342 Content-Type: text/javascript | clean |
http://caldofreddosdf.it/index.php | 200 OK Content-Length: 17345 Content-Type: text/html | clean |
http://caldofreddosdf.it/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: caldofreddosdf.it
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Sat, 17 May 2014 00:46:41 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sat, 17 May 2014 00:46:41 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: bc715d273a76331e3315931162aaf73e=1nha6gub16csie36i71ftgfo27; path=/
X-Powered-By: PHP/5.3.13
GET / HTTP/1.1
Host: caldofreddosdf.it
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Sat, 17 May 2014 00:46:41 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sat, 17 May 2014 00:46:41 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: bc715d273a76331e3315931162aaf73e=1nha6gub16csie36i71ftgfo27; path=/
X-Powered-By: PHP/5.3.13
Second query (visit from search engine):
GET / HTTP/1.1
Host: caldofreddosdf.it
Referer: http://www.google.com/search?q=caldofreddosdf.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: caldofreddosdf.it
Referer: http://www.google.com/search?q=caldofreddosdf.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=caldofreddosdf.it
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://caldofreddosdf.it/
Result: caldofreddosdf.it is not infected or malware details are not published yet.
Result: caldofreddosdf.it is not infected or malware details are not published yet.