Scanned pages/files
| Request | Server response | Status |
http://recreatieloket.com/ | 200 OK Content-Length: 22743 Content-Type: text/html | clean |
http://3aedgd33d41c2.prerollads.nl/watch/javascript/mootools-release-1.11.js | 200 OK Content-Length: 53108 Content-Type: application/javascript | clean |
http://3aedgd33d41c2.prerollads.nl/watch/javascript/swfobject.js | 200 OK Content-Length: 9208 Content-Type: application/javascript | clean |
http://3aedgd33d41c2.prerollads.nl/watch/javascript/videobox.js | 200 OK Content-Length: 5292 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var Videobox = { init: function (options) { this.options = Object.extend({ resizeDuration: 400, initialWidth: 250, initialHeight: 250, defaultWidth: 425, defaultHeight: 350, z_index: 999, animateCaption: true }, options || {}); this.anchors = []; $A($$('a')).each(function(el){ if(el.rel && el.href && el.rel.test('^vidbox', 'i')) { el.addEvent('click', function (e) { e = new Event(e); this.fx.overlay.start(0); this.center.style.display = this.bottomContainer.style.display = 'none'; this.center.innerHTML = ''; return false; }, enable: function(disable) { this.bottomContainer.style.display = (disable) ? 'none' : 'inline'; }, disable: function() { this.enable(true); } }; window.addEvent('domready', Videobox.init.bind(Videobox)); Antivirus reports:
| ||
http://3aedgd33d41c2.prerollads.nl/sifr/sifr.js | 200 OK Content-Length: 10402 Content-Type: application/javascript | clean |
http://3aedgd33d41c2.prerollads.nl/javascript/detect.js | 200 OK Content-Length: 94 Content-Type: application/x-javascript | clean |
http://3aedgd33d41c2.prerollads.nl/watch/javascript/pngfix.js | 200 OK Content-Length: 2286 Content-Type: application/javascript | clean |
http://recreatieloket.com/?genre=omasex&pi=recreatieloket | 200 OK Content-Length: 21820 Content-Type: text/html | clean |
http://recreatieloket.com/?genre=anaal&pi=recreatieloket | 200 OK Content-Length: 24010 Content-Type: text/html | clean |
http://recreatieloket.com/?genre=Don+en+Ad&pi=recreatieloket | 200 OK Content-Length: 22804 Content-Type: text/html | clean |
http://recreatieloket.com/?genre=alcohol+en+drugs&pi=recreatieloket | 200 OK Content-Length: 21329 Content-Type: text/html | clean |
http://recreatieloket.com/?genre=biseksueel&pi=recreatieloket | 200 OK Content-Length: 22285 Content-Type: text/html | clean |
http://recreatieloket.com/?genre=pornosterren&pi=recreatieloket | 200 OK Content-Length: 12688 Content-Type: text/html | clean |
http://recreatieloket.com/?genre=castings&pi=recreatieloket | 200 OK Content-Length: 20794 Content-Type: text/html | clean |
http://recreatieloket.com/?genre=bukkake&pi=recreatieloket | 200 OK Content-Length: 22019 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: recreatieloket.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 21 Apr 2014 20:07:02 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
X-Powered-By: PHP/5.3.24
GET / HTTP/1.1
Host: recreatieloket.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 21 Apr 2014 20:07:02 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
X-Powered-By: PHP/5.3.24
Second query (visit from search engine):
GET / HTTP/1.1
Host: recreatieloket.com
Referer: http://www.google.com/search?q=recreatieloket.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: recreatieloket.com
Referer: http://www.google.com/search?q=recreatieloket.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=recreatieloket.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://recreatieloket.com/
Result: recreatieloket.com is not infected or malware details are not published yet.
Result: recreatieloket.com is not infected or malware details are not published yet.