Scanned pages/files
Request | Server response | Status |
http://portalia.it/ | 200 OK Content-Length: 4411 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HaCkeD BY Mr.xamd ...[241 bytes skipped]... ickNS(e){if(document.layers||(document.getElementById&&!document.all)){if(e.which==2||e.which==3){(message);return false;}}} if(document.layers) {document.captureEvents(Event.MOUSEDOWN);document.onmousedown=clickNS;} else{document.onmouseup=clickNS;document.oncontextmenu=clickIE;} document.oncontextmenu=new Function("return false")</script> <title>HaCkeD BY Mr.xamd</title> <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1"> <meta name="generator" content="Web Page Maker (unregistered version)"> </head> <body <body onbeforeprint="onbeforeprint()" onafterprint="onafterprint()" onselectstart="return false" oncontextmenu="return false"> <body Text="#FFFFFF" bgColor="#000000"> <script language="JavaScript" type="text/javascript"&g ...[3817 bytes skipped]... | ||
http://portalia.it/test404page.js | 404 Not Found Content-Length: 1769 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: portalia.it
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=0, no-cache
Connection: close
Date: Wed, 15 Jul 2015 10:43:09 GMT
Server: nginx/1.7.9
Vary: Accept-Encoding
Content-Type: text/html; charset=ISO-8859-1
Host-Header: 192fc2e7e50945beb8231a492d6a8024
X-Page-Speed: 1.9.32.3-4448
X-Proxy-Cache: MISS
GET / HTTP/1.1
Host: portalia.it
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=0, no-cache
Connection: close
Date: Wed, 15 Jul 2015 10:43:09 GMT
Server: nginx/1.7.9
Vary: Accept-Encoding
Content-Type: text/html; charset=ISO-8859-1
Host-Header: 192fc2e7e50945beb8231a492d6a8024
X-Page-Speed: 1.9.32.3-4448
X-Proxy-Cache: MISS
Second query (visit from search engine):
GET / HTTP/1.1
Host: portalia.it
Referer: http://www.google.com/search?q=portalia.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: portalia.it
Referer: http://www.google.com/search?q=portalia.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=portalia.it
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://portalia.it/
Result: portalia.it is not infected or malware details are not published yet.
Result: portalia.it is not infected or malware details are not published yet.