Scanned pages/files
Request | Server response | Status |
http://mariaantoniettavini.it/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 20 Nov 2015 12:39:31 GMT Accept-Ranges: bytes Location: http://www.mariaantoniettavini.it/ Server: LiteSpeed Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://www.mariaantoniettavini.it/xmlrpc.php | clean |
http://www.mariaantoniettavini.it/ | 200 OK Content-Length: 33147 Content-Type: text/html | clean |
http://www.mariaantoniettavini.it/wp-includes/js/jquery/jquery.js?ver=1.11.2 | 200 OK Content-Length: 95952 Content-Type: application/javascript | clean |
http://www.mariaantoniettavini.it/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://www.mariaantoniettavini.it/wp-content/plugins/cookie-notice/js/front.js?ver=1.2.33 | 200 OK Content-Length: 2597 Content-Type: application/javascript | clean |
http://www.mariaantoniettavini.it/wp-content/plugins/photo-gallery/js/bwg_frontend.js?ver=1.2.70 | 200 OK Content-Length: 6299 Content-Type: application/javascript | clean |
http://www.mariaantoniettavini.it/wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=1.2.70 | 200 OK Content-Length: 10215 Content-Type: application/javascript | clean |
http://www.mariaantoniettavini.it/wp-content/plugins/photo-gallery/js/jquery.mobile.js?ver=1.2.70 | 200 OK Content-Length: 6419 Content-Type: application/javascript | clean |
http://www.mariaantoniettavini.it/wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=1.2.70 | 200 OK Content-Length: 25171 Content-Type: application/javascript | clean |
http://www.mariaantoniettavini.it/wp-content/plugins/photo-gallery/js/jquery.fullscreen-0.4.1.js?ver=0.4.1 | 200 OK Content-Length: 7583 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ;(function($) { function defined(a) { return typeof a !== 'undefined'; } function extend(child, parent, prototype) { var F = function() {}; F.prototype = parent.prototype; child.prototype = new F(); child.prototype.constructor = child; parent.prototype.constructor = parent; child._super = parent.prototype; if (prototype) { $.extend(child.prototype, prototype); } } var SUBST = [ ['', ''], element: function() { return this.__isFullScreen ? this._fullScreenElement : null; } });$.fullscreen = IS_NATIVELY_SUPPORTED ? new FullScreenNative() : new FullScreenFallback(); $.fn.fullscreen = function(options) { var elem = this[0]; options = $.extend({ toggleClass: null, }, options); options.styles = { }; if (elem) { $.fullscreen.open(elem, options); } return this; }; })(jQuery); Antivirus reports:
| ||
http://www.mariaantoniettavini.it/wp-content/plugins/photo-gallery/js/bwg_gallery_box.js?ver=1.2.70 | 200 OK Content-Length: 7477 Content-Type: application/javascript | clean |
http://www.mariaantoniettavini.it/wp-content/plugins/woocommerce-dropdown-cart/js/main.js?ver=4.2.5 | 200 OK Content-Length: 1092 Content-Type: application/javascript | clean |
http://cdn.jsdelivr.net/wp/wp-slimstat/trunk/wp-slimstat.min.js | 200 OK Content-Length: 10450 Content-Type: application/javascript | clean |
http://www.mariaantoniettavini.it/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20 | 200 OK Content-Length: 15248 Content-Type: application/javascript | clean |
http://www.mariaantoniettavini.it/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.3 | 200 OK Content-Length: 11585 Content-Type: application/javascript | clean |
http://mariaantoniettavini.it//www.mariaantoniettavini.it/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=2.4.10/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Fri, 20 Nov 2015 12:39:36 GMT Pragma: no-cache Accept-Ranges: bytes Location: http://www.mariaantoniettavini.it/www.mariaantoniettavini.it/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=2.4.10/ Server: LiteSpeed Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Pingback: http://www.mariaantoniettavini.it/xmlrpc.php | clean |
http://www.mariaantoniettavini.it/www.mariaantoniettavini.it/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=2.4.10/ | 404 Not Found Content-Length: 11577 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Ayyıldız Tim Intenational Force | Sessizce Nöbetteyiz! <!DOCTYPE html>
<html lang="tr"> <head> <meta name="apple-mobile-web-app-capable" content="yes"> <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no"> <meta charset="utf-8"> <!-- PAGE TITLE --> <title>Hacked By Ayyıldız Tim Intenational Force | Sessizce Nöbetteyiz!</title> <!-- GOOGLE FONTS --> <link href='http://fonts.googleapis.com/css?family=Lato:300,400,700|Raleway:300,400,500|Open+Sans:300,400,600,700,800' rel='stylesheet' type='text/css'> <!-- STYLESHEETS --> <link href="http://ayt-wgt.hostingsiteforfree.com/assets/css/bootstrap.min.css" rel=" ...[12777 bytes skipped]... |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: mariaantoniettavini.it
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 20 Nov 2015 12:39:31 GMT
Accept-Ranges: bytes
Location: http://www.mariaantoniettavini.it/
Server: LiteSpeed
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.mariaantoniettavini.it/xmlrpc.php
...0 bytes of data.
GET / HTTP/1.1
Host: mariaantoniettavini.it
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 20 Nov 2015 12:39:31 GMT
Accept-Ranges: bytes
Location: http://www.mariaantoniettavini.it/
Server: LiteSpeed
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.mariaantoniettavini.it/xmlrpc.php
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: mariaantoniettavini.it
Referer: http://www.google.com/search?q=mariaantoniettavini.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: mariaantoniettavini.it
Referer: http://www.google.com/search?q=mariaantoniettavini.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=mariaantoniettavini.it
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://mariaantoniettavini.it/
Result: mariaantoniettavini.it is not infected or malware details are not published yet.
Result: mariaantoniettavini.it is not infected or malware details are not published yet.