Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=speed.blau-gelb-gg.de
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://speed.blau-gelb-gg.de/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: speed.blau-gelb-gg.de
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Fri, 30 May 2014 15:50:13 GMT
Pragma: no-cache
Server: Apache/2.2.3 (Debian) PHP/5.2.0-8+etch11 mod_ssl/2.2.3 OpenSSL/0.9.8c mod_perl/2.0.2 Perl/v5.8.8
Content-Type: text/html; charset=UTF-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Fri, 30 May 2014 15:50:13 GMT
Set-Cookie: e503c8aa28f8e361746b0b9cdff8ac87=-; path=/
X-Powered-By: PHP/5.2.0-8+etch11
GET / HTTP/1.1
Host: speed.blau-gelb-gg.de
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Fri, 30 May 2014 15:50:13 GMT
Pragma: no-cache
Server: Apache/2.2.3 (Debian) PHP/5.2.0-8+etch11 mod_ssl/2.2.3 OpenSSL/0.9.8c mod_perl/2.0.2 Perl/v5.8.8
Content-Type: text/html; charset=UTF-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Fri, 30 May 2014 15:50:13 GMT
Set-Cookie: e503c8aa28f8e361746b0b9cdff8ac87=-; path=/
X-Powered-By: PHP/5.2.0-8+etch11
Second query (visit from search engine):
GET / HTTP/1.1
Host: speed.blau-gelb-gg.de
Referer: http://www.google.com/search?q=speed.blau-gelb-gg.de
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: speed.blau-gelb-gg.de
Referer: http://www.google.com/search?q=speed.blau-gelb-gg.de
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://speed.blau-gelb-gg.de/ | 200 OK Content-Length: 21823 Content-Type: text/html | clean |
https://verein.ing-diba.de/b/vertical/9917/deinverein.js | 200 OK Content-Length: 2171 Content-Type: text/html | clean |
https://verein.ing-diba.de/sport/64521/blau-gelb-gross-gerau-speedskating | 200 OK Content-Length: 32711 Content-Type: text/html | clean |
https://verein.ing-diba.de/assets/javascripts/common.min.js | 200 OK Content-Length: 263158 Content-Type: application/javascript | clean |
https://verein.ing-diba.de/assets/javascripts/blueprint.min.js | 200 OK Content-Length: 53502 Content-Type: application/javascript | clean |
https://verein.ing-diba.de/assets/javascripts/socialMediaTrackingAsync.js | 200 OK Content-Length: 1397 Content-Type: application/javascript | clean |
https://verein.ing-diba.de/club/signup | 200 OK Content-Length: 41773 Content-Type: text/html | clean |
https://verein.ing-diba.de/js/plupload.min.js | 200 OK Content-Length: 10501 Content-Type: application/javascript | clean |
https://verein.ing-diba.de/js/plupload.html4.min.js | 200 OK Content-Length: 4571 Content-Type: application/javascript | clean |
https://verein.ing-diba.de/js/Uploader.js | 200 OK Content-Length: 5333 Content-Type: application/javascript | clean |
https://verein.ing-diba.de/min/g=nf4 | 200 OK Content-Length: 56792 Content-Type: application/x-javascript | clean |
https://verein.ing-diba.de/club/presentation/search | 200 OK Content-Length: 38084 Content-Type: text/html | clean |
https://verein.ing-diba.de/club/presentation/ | HTTP/1.1 302 Found Connection: close Date: Fri, 30 May 2014 15:50:20 GMT Location: /index Server: nginx Content-Language: de-DE Content-Length: 0 Content-Type: text/html Imagetoolbar: no Set-Cookie: XSERVERID=B; path=/ X-SID: web02 X-UA-Compatible: IE=100 | clean |
https://verein.ing-diba.de/index | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 30 May 2014 15:50:20 GMT Location: https://www.ing-diba.de/ueber-uns/aktionen/ Server: nginx Content-Language: de-DE Content-Length: 0 Content-Type: text/html Imagetoolbar: no Set-Cookie: XSERVERID=B; path=/ X-SID: web02 X-UA-Compatible: IE=100 | clean |
https://www.ing-diba.de/ueber-uns/aktionen/ | 200 OK Content-Length: 26329 Content-Type: text/html | clean |
https://www.ing-diba.de/assets/javascripts/common.js | 200 OK Content-Length: 263297 Content-Type: text/javascript | clean |
https://verein.ing-diba.de/assets/javascripts/blueprint.js | 200 OK Content-Length: 73488 Content-Type: application/javascript | clean |