Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=pompinare.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://pompinare.org/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://pompinare.org/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Sep 2014 04:52:27 GMT Location: http://www.pompinare.org/ Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.3.29 Content-Length: 233 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.pompinare.org/ | 200 OK Content-Length: 43614 Content-Type: text/html | clean |
http://www.pompinare.org/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 95807 Content-Type: application/javascript | clean |
http://www.pompinare.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://adserver.juicyads.com/js/jfc.js | 200 OK Content-Length: 1197 Content-Type: application/x-javascript | clean |
http://s1.slimtrade.com/s4736.js | 200 OK Content-Length: 5731 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: pompinare.org eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('e q=z I("3m 3i 3k (7)","3v (3)","3u (0)","1J.p (0)","3r (0)","2T (0)","2S 2X (0)");e w=z I("j://m.2Y.1G","j://m.3d.2Z/?4a=L","j://m.3X.p?Y=L.1h","j://m.1J.p?Y=L.1h","j://m.2O.1G","j://m.3Y.p","j://m.3Z.p");e O=z I("16,15,U","17,6,10","3,2 ...[3597 bytes skipped]... Decoded script: var stTrName=new Array("Amatoriale Porno Italia (7)","Pornoitalia (3)","NoiPorno (0)","spintissimo.com (0)","TuboPorno (0)","Videocasalinghi (0)","Tube8 Italiano (0)");var stTrUrl=new Array("http://www.videoitaliani.net","http://www.pornoitalia.it/?id=pompinare","http://www.noiporno.com?td=pompinare.org","http://www.spintissimo.com?td=pompinare.org","http://www.tuboporno.net","http://www.videocasalinghi.com","http://www.videoporno8.com");var stTrValues=new Array("16,15,53","17,6,10","3,2,6","8,7,5","1,4,3","2,11,0","1,5,0","1,3,0","1,2,0","1,8,0","1,1,0","3,3,0","2,2,0","1,5,0","33,30,39","27,17,9","20,8,1","18,31,29","14,27,31","10,15,2","5,39,46","4,40,1","4,17,5","3,5,0","3,6,1","2,6,4","2,6,0","2,13,8","1,6,0","1,7,0","109,288,32","6 ...[10587 bytes skipped]... | ||
http://adspaces.ero-advertising.com/adspace/267211.js | 200 OK Content-Length: 1563 Content-Type: application/javascript | clean |
http://www.hebdotop.it/cgi-bin/hebdotop_it.eur?id=17801 | 200 OK Content-Length: 251 Content-Type: text/html | clean |
http://www.hebdotop.it/ | 200 OK Content-Length: 22885 Content-Type: text/html | clean |
http://www.hebdotop.it/cgi-bin/nbinscr.pl | 200 OK Content-Length: 25 Content-Type: text/html | clean |
http://www.hebdotop.it/test404page.js | 404 Not Found Content-Length: 293 Content-Type: text/html | clean |
http://www.allosponsor.it/cgi-bin/iframe_sponsor_it.eur?num_site_aff=3&type=1&popinto=1 | 200 OK Content-Length: 5053 Content-Type: text/html | clean |
http://www.allosponsor.it/scripts/clic_popinto.php?num_site_aff=3&num_sponsor=5870 | 200 OK Content-Length: 117 Content-Type: text/html | clean |
http://www.allosponsor.it/ | 200 OK Content-Length: 17946 Content-Type: text/html | clean |
http://s11.histats.com/js9.js | 200 OK Content-Length: 7417 Content-Type: text/javascript | clean |
http://www.allosponsor.it/savoirplus_sponsors.php | 200 OK Content-Length: 12133 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: pompinare.org
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 18 Sep 2014 04:52:27 GMT
Location: http://www.pompinare.org/
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.3.29
Content-Length: 233
Content-Type: text/html; charset=iso-8859-1
...233 bytes of data.
GET / HTTP/1.1
Host: pompinare.org
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 18 Sep 2014 04:52:27 GMT
Location: http://www.pompinare.org/
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.3.29
Content-Length: 233
Content-Type: text/html; charset=iso-8859-1
...233 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: pompinare.org
Referer: http://www.google.com/search?q=pompinare.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: pompinare.org
Referer: http://www.google.com/search?q=pompinare.org
Result:
The result is similar to the first query. There are no suspicious redirects found.