Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=delftkralen.nl
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.delftkralen.nl/ | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 26 May 2014 05:26:06 GMT Pragma: no-cache Location: cataloog.php Server: Apache/2 Vary: Accept-Encoding,User-Agent Content-Length: 3955 Content-Type: text/html Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=2223a77cacbc7850bad0a9ceb59511d9; path=/ X-Powered-By: safe_http | clean |
http://www.delftkralen.nl/cataloog.php | 200 OK Content-Length: 40208 Content-Type: text/html | clean |
http://www.delftkralen.nl/includes/popImage.js | 200 OK Content-Length: 3743 Content-Type: application/javascript | suspicious |
http://www.delftkralen.nl/cataloog.html | 200 OK Content-Length: 40085 Content-Type: text/html | clean |
http://www.delftkralen.nl/infos-5_Contact_ons.html | 200 OK Content-Length: 28369 Content-Type: text/html | clean |
http://www.delftkralen.nl/zoeken.php?action=search&AdSearch=on | 200 OK Content-Length: 32942 Content-Type: text/html | clean |
http://www.delftkralen.nl/mijn_account.php | 200 OK Content-Length: 37713 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function check_form2() { var error = 0; var error_message = ""; var addCart = document.form2.addCart.value; if(document.form2.elements['addCart'].type != "hidden") { if(addCart == '') { error_message = error_message + "Niet geldig - 'Geef een naam'.\n"; error = 1; } } if(error == 1) { alert(error_message); return false; } else { return true; } } function check_form3() { var error3 = 0; var error_message3 = ""; var account = document.form3.account.value; if(document.form3.elements['account'].type != "hidden") { if(account == '') { error_message3 = error_message3 + "Niet geldig - 'Klant nummer'.\n"; error3 = 1; } } if(error3 == 1) { alert(error_message3); return false; } else { return true; } } Antivirus reports:
| ||
http://www.delftkralen.nl/caddie.php | 200 OK Content-Length: 24824 Content-Type: text/html | clean |
http://www.delftkralen.nl/categories-1_Acryl.html | 200 OK Content-Length: 31985 Content-Type: text/html | clean |
http://www.delftkralen.nl/list.php?path=0 | 500 Server closed connection without sending any data back Content-Length: 105 Content-Type: text/plain | clean |
http://www.delftkralen.nl/test404page.js | 404 Not Found Content-Length: 401 Content-Type: text/html | clean |
http://www.delftkralen.nl/categories.php?path=1&num=2&action=n | 200 OK Content-Length: 31925 Content-Type: text/html | clean |
http://www.delftkralen.nl/list-3_Acryl.html | 200 OK Content-Length: 51810 Content-Type: text/html | clean |
http://www.delftkralen.nl/categories.php?path=1&num=2&action=e | 200 OK Content-Length: 32039 Content-Type: text/html | clean |
http://www.delftkralen.nl/list-47_Cabochon.html | 200 OK Content-Length: 27423 Content-Type: text/html | clean |
http://www.delftkralen.nl/list.php?path=47 | 200 OK Content-Length: 27418 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: delftkralen.nl
Result:
GET / HTTP/1.1
Host: delftkralen.nl
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: delftkralen.nl
Referer: http://www.google.com/search?q=delftkralen.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: delftkralen.nl
Referer: http://www.google.com/search?q=delftkralen.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.