Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=agriturismo-agrisole.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://agriturismo-agrisole.com/ | 200 OK Content-Length: 67022 Content-Type: text/html | clean |
http://agriturismo-agrisole.com/ClickShowHideMenu.js | 200 OK Content-Length: 6517 Content-Type: application/javascript | clean |
http://agriturismo-agrisole.com/js/prototype.js | 200 OK Content-Length: 47603 Content-Type: application/javascript | clean |
http://agriturismo-agrisole.com/js/scriptaculous.js?load=effects | 200 OK Content-Length: 2152 Content-Type: application/javascript | clean |
http://agriturismo-agrisole.com/lytebox.js | 200 OK Content-Length: 39381 Content-Type: application/javascript | clean |
http://agriturismo-agrisole.com/ts_files/scroll.js | 200 OK Content-Length: 641 Content-Type: application/javascript | clean |
http://detect.deviceatlas.com/redirect.js?m=http://www.agriturismo-agrisole.mobi&t=false&smart=off | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 09 Oct 2014 23:00:47 GMT Location: http://detect-deviceatlas-com.appspot.com/redirect.js?m=http://www.agriturismo-agrisole.mobi&t=false&smart=off Server: nginx/1.4.4 Content-Length: 184 Content-Type: text/html | clean |
http://detect-deviceatlas-com.appspot.com/redirect.js?m=http://www.agriturismo-agrisole.mobi&t=false&smart=off | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://detect-deviceatlas-com.appspot.com/test404page.js | 404 Not Found Content-Length: 52 Content-Type: text/plain | clean |
http://codicepro.shinystat.com/cgi-bin/getcod.cgi?USER=agrisole&P=1&ICO=404 | 200 OK Content-Length: 4190 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function cCk(nm,vl,mn){var ex=cdm="";var _sscdom="";if (_sscdom && _sscdom!="") { cdm=" domain="+_sscdom; if (mn) {document.cookie=nm+"=; expires=Thu, 01-Jan-70 00:00:01 GMT; path=/;";}}if (mn) {var d=new Date();d.setTime(d.getTime()+(mn*6*1000)); ex="; expires="+d.toGMTString();} document.cookie=nm+"="+vl+ex+"; path=/;"+cdm+"";} function rCk(nm){var nEQ=nm+"=";var ca=document.cookie.split(';');for(var i=0;i<ca.length;i++){var c=ca[i]; while(c.charAt(0)==' ') c=c.subst if (ssqS_.indexOf("NODW=yes")>-1){var ig_=new Image(1,1);ig_.src=ssqS_+"&RM="+Math.round(Math.random()*2147483647);ig_.onload=function(){_ssvoid();}} else{document.write("<a href=\"http://s1.shinystat.com/cgi-bin/shinystatv.cgi?USER="+us_+"&NH=1\" Target=\"_new\"><img src=\""+ssqS_+"\" border=\"0\"/></a>"); } Antivirus reports:
| ||
http://static.ak.fbcdn.net/connect.php/js/FB.Share | 200 OK Content-Length: 165813 Content-Type: application/x-javascript | clean |
http://agriturismo-agrisole.com/A2EB891D63C8/avg_ls_dom.js | HTTP/1.1 302 Found Connection: close Date: Thu, 09 Oct 2014 23:00:36 GMT Location: http://www.agriturismo-agrisole.com/index.html Server: Apache Content-Length: 230 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.agriturismo-agrisole.com/index.html | 200 OK Content-Length: 67022 Content-Type: text/html | clean |
http://www.agriturismo-agrisole.com/ClickShowHideMenu.js | 200 OK Content-Length: 6517 Content-Type: application/javascript | clean |
http://agriturismo-agrisole.com/A2EB891D63C8/js/prototype.js | HTTP/1.1 302 Found Connection: close Date: Thu, 09 Oct 2014 23:00:37 GMT Location: http://www.agriturismo-agrisole.com/index.html Server: Apache Content-Length: 230 Content-Type: text/html; charset=iso-8859-1 | clean |
http://agriturismo-agrisole.com/A2EB891D63C8/js/scriptaculous.js?load=effects | HTTP/1.1 302 Found Connection: close Date: Thu, 09 Oct 2014 23:00:38 GMT Location: http://www.agriturismo-agrisole.com/index.html Server: Apache Content-Length: 230 Content-Type: text/html; charset=iso-8859-1 | clean |
http://agriturismo-agrisole.com/A2EB891D63C8/lytebox.js | HTTP/1.1 302 Found Connection: close Date: Thu, 09 Oct 2014 23:00:38 GMT Location: http://www.agriturismo-agrisole.com/index.html Server: Apache Content-Length: 230 Content-Type: text/html; charset=iso-8859-1 | clean |
http://agriturismo-agrisole.com/A2EB891D63C8/ts_files/scroll.js | HTTP/1.1 302 Found Connection: close Date: Thu, 09 Oct 2014 23:00:38 GMT Location: http://www.agriturismo-agrisole.com/index.html Server: Apache Content-Length: 230 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.jscache.com/wejs?wtype=selfserveprop&uniq=464&locationId=3439713&lang=it&rating=true&nreviews=0&writereviewlink=true&popIdx=true&iswide=false&border=true | 200 OK Content-Length: 214 Content-Type: application/x-javascript | clean |
http://www.jscache.com/wejs?wtype=selfserveprop&uniq=831&locationId=3373573&lang=it&rating=true&nreviews=0&writereviewlink=true&popIdx=true&iswide=false&border=true | 200 OK Content-Length: 214 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: agriturismo-agrisole.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 09 Oct 2014 23:00:31 GMT
Accept-Ranges: bytes
Server: Apache
Content-Language: it
Content-Length: 67022
Content-Type: text/html
Last-Modified: Tue, 07 Oct 2014 19:53:58 GMT
...67022 bytes of data.
GET / HTTP/1.1
Host: agriturismo-agrisole.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 09 Oct 2014 23:00:31 GMT
Accept-Ranges: bytes
Server: Apache
Content-Language: it
Content-Length: 67022
Content-Type: text/html
Last-Modified: Tue, 07 Oct 2014 19:53:58 GMT
...67022 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: agriturismo-agrisole.com
Referer: http://www.google.com/search?q=agriturismo-agrisole.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: agriturismo-agrisole.com
Referer: http://www.google.com/search?q=agriturismo-agrisole.com
Result:
The result is similar to the first query. There are no suspicious redirects found.