Scanned pages/files
Request | Server response | Status |
http://optizip.it/ | 200 OK Content-Length: 13491 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By Xavier_C ...[9002 bytes skipped]... <tr> <td><table width="100%" border="0" cellspacing="10" cellpadding="0"> <tr> <td width="120" rowspan="2" valign="top"><a href="index.php?idp=newsread&idn=62"><img src="uploadimg/tb_1387739980.jpg" class="border_news" /></a></td> <td height="10"><span class="titolo_news">Hacked By Xavier_C<br /> </span><span class="data_news">30-08-2013</span></td> </tr> <tr> <td class="testo_news" valign="top">Good Day Admin, your site has been Hacked!!<p><a href="index.php?idp=newsread&idn=62"><img src="images/news/freccia.gif" alt="" width="16" height="16" border="0" /></a></p></td> < ...[7535 bytes skipped]... | ||
http://optizip.it/Scripts/AC_RunActiveContent.js | 200 OK Content-Length: 8028 Content-Type: application/x-javascript | clean |
http://optizip.it/Scripts/jquery.js | 200 OK Content-Length: 85924 Content-Type: application/x-javascript | clean |
http://optizip.it/Scripts/jquery.carouFredSel.js | 200 OK Content-Length: 32323 Content-Type: application/x-javascript | clean |
http://optizip.it/index.php | 200 OK Content-Length: 13509 Content-Type: text/html | clean |
http://optizip.it/index.php?idp=newsarch | 200 OK Content-Length: 12818 Content-Type: text/html | clean |
http://optizip.it/index.php?idp=prodotti | 200 OK Content-Length: 12750 Content-Type: text/html | clean |
http://optizip.it/index.php?idp=cert | 200 OK Content-Length: 9994 Content-Type: text/html | clean |
http://optizip.it/index.php?idp=schede | 200 OK Content-Length: 9180 Content-Type: text/html | clean |
http://optizip.it/index.php?idp=azienda | 200 OK Content-Length: 10105 Content-Type: text/html | clean |
http://optizip.it/index.php?idp=mondo | 200 OK Content-Length: 11277 Content-Type: text/html | clean |
http://optizip.it/index.php?idp=gruppo | 200 OK Content-Length: 10343 Content-Type: text/html | clean |
http://optizip.it/test404page.js | 404 Not Found Content-Length: 287 Content-Type: text/html | clean |
http://optizip.it/doc/china_puller.pdf | 200 OK Content-Length: 300670 Content-Type: application/pdf | clean |
http://optizip.it/index.php?idp=azienda&step=storia&anno=2007 | 200 OK Content-Length: 12160 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: optizip.it
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 14 Jun 2014 05:19:07 GMT
Pragma: no-cache
Server: Apache/2.2.3 (CentOS)
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=bb6f36agmdlv59pbaget1e2d81; path=/
X-Powered-By: PHP/5.2.17
X-Powered-By: PleskLin
GET / HTTP/1.1
Host: optizip.it
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 14 Jun 2014 05:19:07 GMT
Pragma: no-cache
Server: Apache/2.2.3 (CentOS)
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=bb6f36agmdlv59pbaget1e2d81; path=/
X-Powered-By: PHP/5.2.17
X-Powered-By: PleskLin
Second query (visit from search engine):
GET / HTTP/1.1
Host: optizip.it
Referer: http://www.google.com/search?q=optizip.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: optizip.it
Referer: http://www.google.com/search?q=optizip.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=optizip.it
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://optizip.it/
Result: optizip.it is not infected or malware details are not published yet.
Result: optizip.it is not infected or malware details are not published yet.