Scanned pages/files
| Request | Server response | Status |
http://beyars.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 21 Aug 2014 12:22:18 GMT Location: http://www.beyars.com/ Server: Apache/2.2.3 (Debian) PHP/5.2.0-8+etch13 Content-Length: 0 Content-Type: text/html; charset=iso-8859-1 X-Powered-By: PHP/5.2.0-8+etch13 | clean |
http://www.beyars.com/ | 200 OK Content-Length: 28533 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function alleausblenden() { Element.hide('stuecklarge-310228'); Element.hide('stuecklarge-154712'); Element.hide('stuecklarge-19789'); Element.hide('stuecklarge-309923'); Element.hide('stuecklarge-170547'); Element.hide('stuecklarge-19791'); Element.hide('stuecklarge-211116'); Element.hide('stuecklarge-303917'); Element.hide('stuecklarge-32222'); Element.hide('stuecklarge-619'); Element.hide('stuecklarge-251394'); Element.hide('stuecklarge-10741'); } Antivirus reports:
| ||
http://www.beyars.com/js/prototype.js | 200 OK Content-Length: 55149 Content-Type: application/x-javascript | clean |
http://beyars.com/js/scriptaculous.js?load=effects | 200 OK Content-Length: 2247 Content-Type: application/x-javascript | clean |
http://beyars.com/js/yui/yahoo-dom-event/yahoo-dom-event.js | 200 OK Content-Length: 31637 Content-Type: application/x-javascript | clean |
http://beyars.com/js/yui/animation/animation-min.js | 200 OK Content-Length: 13683 Content-Type: application/x-javascript | clean |
http://beyars.com/js/yui/connection/connection-min.js | 200 OK Content-Length: 11602 Content-Type: application/x-javascript | clean |
http://beyars.com/js/yui/datasource/datasource-min.js | 200 OK Content-Length: 29859 Content-Type: application/x-javascript | clean |
http://beyars.com/js/yui/autocomplete/autocomplete-min.js | 200 OK Content-Length: 30854 Content-Type: application/x-javascript | clean |
http://beyars.com/js/yui_functions.js | 200 OK Content-Length: 16064 Content-Type: application/x-javascript | clean |
http://www.google-analytics.com/urchin.js | 200 OK Content-Length: 22678 Content-Type: text/javascript | clean |
http://beyars.com/de_suchen-suchmethoden.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 21 Aug 2014 12:22:22 GMT Location: http://www.beyars.com/de_suchen-suchmethoden.html Server: Apache/2.2.3 (Debian) PHP/5.2.0-8+etch13 Content-Length: 0 Content-Type: text/html; charset=iso-8859-1 X-Powered-By: PHP/5.2.0-8+etch13 | clean |
http://www.beyars.com/de_suchen-suchmethoden.html | 200 OK Content-Length: 9595 Content-Type: text/html | clean |
http://www.beyars.com/js/yui/yahoo-dom-event/yahoo-dom-event.js | 200 OK Content-Length: 31637 Content-Type: application/x-javascript | clean |
http://beyars.com/mobile/kunstlexikon/lexikon.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 21 Aug 2014 12:22:23 GMT Location: http://www.beyars.com/mobile/kunstlexikon/lexikon.html Server: Apache/2.2.3 (Debian) PHP/5.2.0-8+etch13 Content-Length: 0 Content-Type: text/html; charset=ISO-8859-1 X-Powered-By: PHP/5.2.0-8+etch13 | clean |
http://www.beyars.com/mobile/kunstlexikon/lexikon.html | 200 OK Content-Length: 6244 Content-Type: text/html | clean |
http://www.beyars.com/mobile/kunstlexikon/../library/iui-0.13/iui/iui.js | 200 OK Content-Length: 9927 Content-Type: application/x-javascript | clean |
http://beyars.com/mobile/kunstlexikon/ | HTTP/1.1 302 Found Connection: close Date: Thu, 21 Aug 2014 12:22:23 GMT Location: http://www.beyars.com/mobile/kunstlexikon/lexikon_a_1.html Server: Apache/2.2.3 (Debian) PHP/5.2.0-8+etch13 Content-Length: 0 Content-Type: text/html; charset=ISO-8859-1 X-Powered-By: PHP/5.2.0-8+etch13 | clean |
http://www.beyars.com/mobile/kunstlexikon/lexikon_a_1.html | 200 OK Content-Length: 11375 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: beyars.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 21 Aug 2014 12:22:18 GMT
Location: http://www.beyars.com/
Server: Apache/2.2.3 (Debian) PHP/5.2.0-8+etch13
Content-Length: 0
Content-Type: text/html; charset=iso-8859-1
X-Powered-By: PHP/5.2.0-8+etch13
...0 bytes of data.
GET / HTTP/1.1
Host: beyars.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 21 Aug 2014 12:22:18 GMT
Location: http://www.beyars.com/
Server: Apache/2.2.3 (Debian) PHP/5.2.0-8+etch13
Content-Length: 0
Content-Type: text/html; charset=iso-8859-1
X-Powered-By: PHP/5.2.0-8+etch13
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: beyars.com
Referer: http://www.google.com/search?q=beyars.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: beyars.com
Referer: http://www.google.com/search?q=beyars.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=beyars.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://beyars.com/
Result: beyars.com is not infected or malware details are not published yet.
Result: beyars.com is not infected or malware details are not published yet.