What Is FMMods.com?

FMMods (fmmods.com) is a blog that offers direct links to apps (APK) files. It also covers tutorials. As of February 2023, the site fmmods.com gets an estimated 9.1 million monthly views according to SimilarWab. The Wayback Machine estimates that fmmods.com was founded on August 5, 2018.

Links and Profiles

Website: https://fmmods.com/

Is FMMods.com Safe?

I ran malware tests to find out if fmmods.com is safe and legit. Here are the results:

I checked the site fmmods.com on the online malware scanner Sucuri and it returned with a scan 403 Forbidden site issue. You can see the same here: Sucuri scan for the site fmmods.com.

FMMods.com Sucuri results

Sucuri says the site fmmods.com is a medium security risk because the scan failed due to a 403 Forbidden message which is suspicious. The scan failed on the following URLs:

  • https://fmmods.com/
  • http://fmmods.com/

There are also missing security headers:

  • Missing security header for ClickJacking Protection. Alternatively, you can use Content-Security-Policy: frame-ancestors 'none'. Affected pages:
    https://fmmods.com/404javascript.js
  • Missing security header to prevent Content Type sniffing.
  • Missing Strict-Transport-Security security header.
  • Missing Content-Security-Policy directive. We recommend to add the following CSP directives (you can use default-src if all values are the same): script-src, object-src, base-uri, frame-src

However, these hardening improvements don’t impact the Sucuri grade.

On a positive note, I can see that the site fmmods.com is already using a website firewall and that it isn’t blacklisted by any of Sucuri’s associated security vendors.

To check this further I ran a parasite scan with Unmask Parasites on the site fmmods.com and it says the page is suspicious. You can see the same here: Unmask Parasites scan for the site fmmods.com.

Unmask Parasites sites 2 suspicious inline scripts found:

Long suspicious script:

(function(){var js = "window['__CF$cv$params']={r:'76b7e2b16b1bcf8b',m:'GfUlUwzGp0XRlsBqQb61U.xvVBeV3PhedV3wbVugJOw-16686...

Long suspicous script:

(function(){var js = "window['__CF$cv$params']={r:'7ab45f0dc87f2258',m:'Wv4IBgVREzVhxuIPxPVesv1GeTnHVNUVxVMHuO0gv7M-16793...

To try to confirm that the site is clean, I checked the domain fmmods.com on VirusTotal and 1 out of 84 security vendors has flagged the domain as malicious. You can see the same here: VirusTotal scan for the site fmmods.com.

FMMods.com VirusTotal results

In conclusion, the site fmmods.com is a medium security risk according to Sucuri because the scan failed with a 403 Forbidden error at the root level of the domain which is suspicious. Unmask Parasites found 2 suspicious inline scripts. And 1 security vendor associated with VirusTotal has flagged the domain as malicious. Overall, the site fmmods.com is a medium security risk due to the suspicions by Sucuri and Unmask Parasites and flag by VirusTotal.

References

1. SimilarWeb –

2. Wayback Machine –