Scanned pages/files
Request | Server response | Status |
http://iame.it/ | 200 OK Content-Length: 16867 Content-Type: text/html | clean |
http://iame.it/media/system/js/caption.js | 200 OK Content-Length: 2150 Content-Type: application/x-javascript | clean |
http://iame.it/plugins/content/avreloaded/silverlight.js | 200 OK Content-Length: 8520 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(!window.Silverlight)window.Silverlight={};Silverlight._silverlightCount=0;Silverlight.ua=null;Silverlight.available=false;Silverlight.fwlinkRoot="http://go.microsoft.com/fwlink/?LinkID=";Silverlight.detectUserAgent=function(){var a=window.navigator.userAgent;Silverlight.ua={OS:"Unsupported",Browser:"Unsupported"};if(a.indexOf("Windows NT")>=0)Silverlight.ua.OS="Windows";else if(a.indexOf("PPC Mac OS X")>=0)Silverlight.ua.OS="MacPPC";else if(a.indexOf("Intel Mac OS X")>=0)Silverlight. <!-- . --> Antivirus reports:
| ||
http://iame.it/plugins/content/avreloaded/wmvplayer.js | 200 OK Content-Length: 16903 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(typeof jeroenwijering=="undefined"){var jeroenwijering=new Object();jeroenwijering.utils=new Object()}jeroenwijering.Player=function(B,C,A){this.configuration={backgroundcolor:"ffffff",file:"video.wmv",height:"260",image:"",backcolor:"FFFFFF",frontcolor:"000000",lightcolor:"000000",screencolor:"000000",width:"320",logo:"",overstretch:"false",showicons:"true",shownavigation:"true",showstop:"false",showdigits:"true",usefullscreen:"true",usemute:"false",autostart:"false",bufferlength:"3",duratio <!-- . --> Antivirus reports:
| ||
http://iame.it/plugins/content/avreloaded/swfobject.js | 200 OK Content-Length: 12681 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var swfobject=function(){var UNDEF="undefined",OBJECT="object",SHOCKWAVE_FLASH="Shockwave Flash",SHOCKWAVE_FLASH_AX="ShockwaveFlash.ShockwaveFlash",FLASH_MIME_TYPE="application/x-shockwave-flash",EXPRESS_INSTALL_ID="SWFObjectExprInst",win=window,doc=document,nav=navigator,domLoadFnArr=[],regObjArr=[],timer=null,storedAltContent=null,storedAltContentId=null,isDomLoaded=false,isExpressInstallActive=false;var ua=function(){var w3cdom=typeof doc.getElementById!=UNDEF&&typeof doc.getElementsB <!-- . --> Antivirus reports:
| ||
http://iame.it/plugins/content/avreloaded/avreloaded.js | 200 OK Content-Length: 2786 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(typeof (allvideos)=="undefined"){var allvideos=new Object();allvideos.APIs=new Array()}function getUpdate(D,C,B,A){if(A=="null"){return }allvideos.APIs.each(function(E){if(E._pid==A){E._plCB(D,C,B)}})}allvideos.API=function(B){var A=null;allvideos.APIs.each(function(C){if(C._pid==B){A=C}});if(A!=null){return A}this._pid=B;this._player=null;this._item=null;this._load=null;this._width=null;this._height=null;this._state=null;this._elapsed=null;this._remaining=null;this._volume=null;this._plCB=fu <!-- . --> Antivirus reports:
| ||
http://iame.it/modules/mod_roknewsflash/tmpl/js/roknewsflash.js | 200 OK Content-Length: 2311 Content-Type: application/x-javascript | clean |
http://iame.it/templates/iame/js/ja.moomenu.js | 200 OK Content-Length: 4698 Content-Type: application/x-javascript | clean |
http://iame.it/it.html | 200 OK Content-Length: 16637 Content-Type: text/html | clean |
http://iame.it/en.html | 200 OK Content-Length: 16978 Content-Type: text/html | clean |
http://iame.it/fr.html | 200 OK Content-Length: 17701 Content-Type: text/html | clean |
http://iame.it/fr/produits/iame-karting-.html | 200 OK Content-Length: 14576 Content-Type: text/html | clean |
http://iame.it/it/prodotti/iame-karting.html | 200 OK Content-Length: 14675 Content-Type: text/html | clean |
http://iame.it/en/products/iame-karting-.html | 200 OK Content-Length: 14913 Content-Type: text/html | clean |
http://iame.it/en/products/ | 404 Component not found Content-Length: 1429 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: iame.it
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 26 Aug 2014 20:19:20 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 26 Aug 2014 20:19:21 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 3129d6c75c1803dcdf1df02b4f5ef89f=4mcglhilqi8s6nrtl5e4adqqm1; path=/
Set-Cookie: lang=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
Set-Cookie: jfcookie=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
Set-Cookie: jfcookie[lang]=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
X-Powered-By: TMX-194.19
GET / HTTP/1.1
Host: iame.it
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 26 Aug 2014 20:19:20 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 26 Aug 2014 20:19:21 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 3129d6c75c1803dcdf1df02b4f5ef89f=4mcglhilqi8s6nrtl5e4adqqm1; path=/
Set-Cookie: lang=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
Set-Cookie: jfcookie=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
Set-Cookie: jfcookie[lang]=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
X-Powered-By: TMX-194.19
Second query (visit from search engine):
GET / HTTP/1.1
Host: iame.it
Referer: http://www.google.com/search?q=iame.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: iame.it
Referer: http://www.google.com/search?q=iame.it
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=iame.it
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://iame.it/
Result: iame.it is not infected or malware details are not published yet.
Result: iame.it is not infected or malware details are not published yet.