Scanned pages/files
| Request | Server response | Status |
http://focusonline.it/ | 200 OK Content-Length: 7374 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED BY LULZSEC SABAH ...[7316 bytes skipped]... <!-- SONDAGGI --> </div><!-- CHIUSURA COLONNA DX EXTRA --> <!-- CONTENT --> <div id="content"> <!-- Evidenza --> <div class="text_title">In Evidenza</div> <div id="newsEvidenza"> <span class="titolo">17/5/2013<br/><a href="prt_news.asp?id=70">HACKED BY LULZSEC SABAH</a></span> <br/> <hr/></div> <br/><br/> <!-- Fine Evidenza --> </div><!-- CHIUSURA CONTENT --> </div><!-- CHIUSURA CONTAINER --> <div id="address"> <div id="address_row"> <div id="address_row_sx"> <b>FOCUS - Formazione e Capitale Umano per lo Sviluppo</b><br/>e- ...[990 bytes skipped]... | ||
http://focusonline.it/includes/js/incJs.js | 200 OK Content-Length: 23533 Content-Type: application/x-javascript | clean |
http://focusonline.it/includes/js/inCheck.js | 200 OK Content-Length: 18823 Content-Type: application/x-javascript | clean |
http://focusonline.it/prt_home.asp | 200 OK Content-Length: 7374 Content-Type: text/html | clean |
http://focusonline.it/prt_mappaSito.asp | 200 OK Content-Length: 7516 Content-Type: text/html | clean |
http://focusonline.it/prt_download.asp | 200 OK Content-Length: 10227 Content-Type: text/html | clean |
http://focusonline.it/prt_page.asp?idSez=55 | 200 OK Content-Length: 10069 Content-Type: text/html | clean |
http://focusonline.it/prt_actionsPage.asp?idAct=1&idSt=1 | 500 Internal Server Error Content-Length: 1219 Content-Type: text/html | clean |
http://focusonline.it/test404page.js | 404 Not Found Content-Length: 1311 Content-Type: text/html | clean |
http://focusonline.it/prt_actionsPage.asp?idAct=1&idSt=2 | 500 Internal Server Error Content-Length: 1219 Content-Type: text/html | clean |
http://focusonline.it/prt_actionsPage.asp?idAct=1&idSt=3 | 500 Internal Server Error Content-Length: 1219 Content-Type: text/html | clean |
http://focusonline.it/prt_actionsPage.asp?idAct=1&idSt=4 | 500 Internal Server Error Content-Length: 1219 Content-Type: text/html | clean |
http://focusonline.it/prt_actionsPage.asp?idAct=1&idSt=5 | 500 Internal Server Error Content-Length: 1219 Content-Type: text/html | clean |
http://focusonline.it/prt_newsArchivio.asp?idStep=1 | 200 OK Content-Length: 8373 Content-Type: text/html | clean |
http://focusonline.it/prt_news.asp?id=70 | 200 OK Content-Length: 8158 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: focusonline.it
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Fri, 16 May 2014 21:08:30 GMT
Server: Microsoft-IIS/7.5
Content-Length: 7374
Content-Type: text/html
Set-Cookie: ASPSESSIONIDQCBSABCC=JMNPDNDDMAOJJDPBPEGKJBEL; path=/
X-Powered-By: ASP.NET
...7374 bytes of data.
GET / HTTP/1.1
Host: focusonline.it
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Fri, 16 May 2014 21:08:30 GMT
Server: Microsoft-IIS/7.5
Content-Length: 7374
Content-Type: text/html
Set-Cookie: ASPSESSIONIDQCBSABCC=JMNPDNDDMAOJJDPBPEGKJBEL; path=/
X-Powered-By: ASP.NET
...7374 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: focusonline.it
Referer: http://www.google.com/search?q=focusonline.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: focusonline.it
Referer: http://www.google.com/search?q=focusonline.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=focusonline.it
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://focusonline.it/
Result: focusonline.it is not infected or malware details are not published yet.
Result: focusonline.it is not infected or malware details are not published yet.