Is the following site infested?

[skandaloes]

Hey folks,

today I had a strange behavior on the following page.

Spoiler

hxxp://www.expertenseite.de/42777-vorlage-webdesign-angebot-gesucht.html

The site is apparently linked to phishing sites, i will be forwarded to the following page.

Spoiler

'hxxp://gewinner1.microsoft.com-gluckliche-gewinner-heute.online/Deutschland/l1-v639-de-l1/Danke.html?isp=Deutsche%20Telekom%20AG&model=Desktop&voluumdata=vid..00000003-acb1-4987-8000-000000000000__vpid..0fc4f800-ea9d-11e5-894f-f6000ed9fac2__caid..ef3df6c8-348d-4954-a5b8-5900461f42e7__rt..D__lid..d74d836b-12c9-40d8-8f92-86a86fdfadfd__oid1..56dae6b7-904b-458d-98d4-f6496e19398e__var1..5624d6ff017706d5663ee77c__var2..n%2Fa__var3..wifi__var4..windows__var5..DE__rd..__aid..__sid..&sourceid=5624d6ff017706d5663ee77c&match=n/a&carrier=wifi&mob_pf=windows&country=DE&cpc=0.0153#b

Now I wonder if the affected side is contaminated and my computer could have captured something?

Emsisoft and adguard have nothing displayed.

Thanks for your help and answers!

 

[Ink]

I got redirected to another site, but definitely would not visit the sites.

 

[skandaloes]

Unfortunately, I was already on the page.

 

[Rishi]

Scan report for http://www.expertenseite.de/42777-vorlage-webdesign-angebot-gesucht.html at 2016-03-15 15:34:45 UTC - VirusTotal

says it's clean but :

Ublock origin :

Eset :

WOT has nothing to say. Greyed.

So the website can lead to potentially unwanted content/ Ad and tracking etc. It should be marked unsafe for "redirections"

 

[skandaloes]

Thank you for the reply.
Can I be sure that I not be afraid of an infection?

 

[Rishi]

Thank you for the reply.
Can I be sure that I not be afraid of an infection?

There is no way to tell due to the redirections.You can do system scans using your security and also use online scanners like ESET, Bitdefender. If you are really not sure you can also clear out the browser cache.And you might also want to use a sandboxed browser in future for such cases.

 

[skandaloes]

Ok, well EAM and Hitman find nothing except some tracking cookies.
Which sandboxed browser can you recommend, to time I use only the normal chrome browser.

 

[Rishi]

Use sandboxie free version it is enough to protect the browser

 

[Ink]

Thank you for the reply.
Can I be sure that I not be afraid of an infection?

If you are using the latest version of your web browser with no vulnerable plugins, then I assume your PC is safe. Make sure you haven't entered any credential details to these sites, or downloaded any software. As a precaution, you could perform a quick scan with your Antivirus or on-demand scanners.

You can download the free version of Sandboxie here, it's simple and easy to set-up.
Sandboxie - Sandbox software for application isolation and secure Web browsing

If you have any questions regarding Sandboxie, post them here, Sandboxie (Invincea)

 

[skandaloes]

I use the latest version of chrome only whith adguard at this time.
When the page loads, I have these immediately closed and i dont entered details or downloaded any software.

Than i want look a littlebit closer to sandboxie.

also i replaced adguard by ublock, in the hope that this makes those pages.

 

[Crystal_Lake_Camper]

google chrome blocked the redirect!

 

[skandaloes]

Are you sure for me unfortunately not.

 

[Crystal_Lake_Camper]

Are you sure for me unfortunately not.

I tried again , the page I was directed to the first time did get blocked by chrome. the other tries I got redirected to different sites not blocked by norton , wot , adguard premium......very , very strange ( you get redirected to a different site each time you try )

 

[LabZero]

It is a bit difficult to make a solid valutation based on the elements that we have.
Sometimes these redirections load "drive by" attacks on Javascript-based malicious code executed when the page loads in the user's browser. Normally, the code uses other scripts to get more malicious components, which, in their turn, attempt to exploit the flaws of the browser or the operating system.
As already suggested, it is useful to clear the cache and run multiple antimalware scans repeated after a few days and use Sandboxie for future reference.
Update the browser and OS if necessary.

 

[skandaloes]

Also thank you for the answer.
I deleted yesterday the browser cache already and and have several scans (Hitman Pro, EAM) performed and nothing was found.

I hope, if something had been downloaded, would EAM noticed this?!