Scanned pages/files
Request | Server response | Status |
http://corstyrene.it/ | 200 OK Content-Length: 51727 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: !--Hacked by -- <!--Hacked by -->
<!doctype html> <html xml:lang="it-it" lang="it-it" > <head> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <base href="http://corstyrene.it/" /> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <meta name="generator" content="Joomla! - Open Source Content Management" /> <title>Home</t ...[59103 bytes skipped]... | ||
http://corstyrene.it/media/jui/js/jquery.min.js | 200 OK Content-Length: 93107 Content-Type: text/javascript | clean |
http://corstyrene.it/media/jui/js/jquery-noconflict.js | 200 OK Content-Length: 21 Content-Type: text/javascript | clean |
http://corstyrene.it/media/jui/js/jquery-migrate.min.js | 200 OK Content-Length: 7199 Content-Type: text/javascript | clean |
http://corstyrene.it/media/system/js/tabs-state.js | 200 OK Content-Length: 1829 Content-Type: text/javascript | clean |
http://corstyrene.it/media/system/js/caption.js | 200 OK Content-Length: 501 Content-Type: text/javascript | clean |
http://corstyrene.it/media/system/js/mootools-core.js | 200 OK Content-Length: 83893 Content-Type: text/javascript | clean |
http://corstyrene.it/media/system/js/core.js | 200 OK Content-Length: 3821 Content-Type: text/javascript | clean |
http://corstyrene.it/media/system/js/mootools-more.js | 200 OK Content-Length: 236825 Content-Type: text/javascript | clean |
http://corstyrene.it/libraries/gantry/js/browser-engines.js | 200 OK Content-Length: 1186 Content-Type: text/javascript | clean |
http://corstyrene.it/templates/gantry/js/html5shim.js | 200 OK Content-Length: 2394 Content-Type: text/javascript | clean |
http://corstyrene.it/templates/gantry/js/rokmediaqueries.js | 200 OK Content-Length: 4673 Content-Type: text/javascript | clean |
http://corstyrene.it/media/system/js/modal.js | 200 OK Content-Length: 9732 Content-Type: text/javascript | clean |
http://corstyrene.it/modules/mod_slideshowck/assets/jquery.easing.1.3.js | 200 OK Content-Length: 8097 Content-Type: text/javascript | clean |
http://corstyrene.it/modules/mod_slideshowck/assets/jquery.mobile.customized.min.js | 200 OK Content-Length: 17519 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: corstyrene.it
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 26 Dec 2015 06:17:31 GMT
Pragma: no-cache
Server: Apache/2.2.17 (Fedora)
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sat, 26 Dec 2015 06:17:32 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: a9533977e94b5a3e3a8a1052adcacee3=ali0mh0q8lgoc4qkr02uat5vt7; path=/; HttpOnly
X-Powered-By: PHP/5.3.6
GET / HTTP/1.1
Host: corstyrene.it
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 26 Dec 2015 06:17:31 GMT
Pragma: no-cache
Server: Apache/2.2.17 (Fedora)
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sat, 26 Dec 2015 06:17:32 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: a9533977e94b5a3e3a8a1052adcacee3=ali0mh0q8lgoc4qkr02uat5vt7; path=/; HttpOnly
X-Powered-By: PHP/5.3.6
Second query (visit from search engine):
GET / HTTP/1.1
Host: corstyrene.it
Referer: http://www.google.com/search?q=corstyrene.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: corstyrene.it
Referer: http://www.google.com/search?q=corstyrene.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=corstyrene.it
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://corstyrene.it/
Result: corstyrene.it is not infected or malware details are not published yet.
Result: corstyrene.it is not infected or malware details are not published yet.