Scanned pages/files
Request | Server response | Status |
http://funzug.com/ | 200 OK Content-Length: 35782 Content-Type: text/html | clean |
http://funzug.com/templates/ja_iolite/js/mootools.v1.11.js | 200 OK Content-Length: 172782 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var MooTools = { version: '1.11' }; function $defined(obj){ return (obj != undefined); }; function $type(obj){ if (!$defined(obj)) return false; if (obj.htmlElement) return 'element'; var type = typeof obj; if (type == 'object' && obj.nodeName){ switch(obj.nodeType){ case 1: return 'element'; case 3: return (/\S/).test(obj.nodeValue) ? 'textnode' : 'whitespace'; } } if (type == 'object' || type == 'function obj[i] = {}; var hide = (i != index) || (this.options.alwaysHide && (el.offsetHeight > 0)); this.fireEvent(hide ? 'onBackground' : 'onActive', [this.togglers[i], el]); for (var fx in this.effects) obj[i][fx] = hide ? 0 : el[this.effects[fx]]; }, this); return this.start(obj); }, showThisHideOpen: function(index){return this.display(index);} }); Fx.Accordion = Accordion; Antivirus reports:
| ||
http://www.funzug.com/mambots/content/plugin_jw_ajaxvote/js/ajaxvote.php | 200 OK Content-Length: 1972 Content-Type: text/css | clean |
http://www.funzug.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://funzug.com/templates/ja_iolite/js/ja.script.js | 200 OK Content-Length: 6019 Content-Type: application/javascript | clean |
http://funzug.com/templates/ja_iolite/js/ja.hiddenpanel.js | 200 OK Content-Length: 3252 Content-Type: application/javascript | clean |
http://funzug.com/templates/ja_iolite/ja_menus/ja_moomenu/ja.moomenu.js | 200 OK Content-Length: 4922 Content-Type: application/javascript | clean |
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en | 200 OK Content-Length: 2512 Content-Type: text/javascript | clean |
http://cdn.socialtwist.com/2009030912033/script.js | 200 OK Content-Length: 2404 Content-Type: application/x-javascript | clean |
http://i.po.st/static/script/post-widget.js | 200 OK Content-Length: 105405 Content-Type: application/x-javascript | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 21950 Content-Type: text/javascript | clean |
http://resources.infolinks.com/js/infolinks_main.js | 200 OK Content-Length: 2524 Content-Type: application/x-javascript | clean |
http://contextual.media.net/nmedianet.js?cid=8CUBI3C44 | 200 OK Content-Length: 53329 Content-Type: text/javascript | clean |
http://2leep.com/ticker2/373/custom/4/1/110/bottom/%23f7f7f7|black|Tahoma,Geneva,sans-serif|1.5em|0.04em|12px|500|8399 | 200 OK Content-Length: 4288 Content-Type: text/javascript | clean |
http://s7.addthis.com/js/152/addthis_widget.js | 200 OK Content-Length: 7469 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: funzug.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 16 Apr 2014 02:27:43 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Wed, 16 Apr 2014 02:27:44 GMT
Set-Cookie: 5f182008abcb5627b2a0015031fa2fe4=-; path=/
Set-Cookie: ja_iolite_tpl=ja_iolite; expires=Mon, 06-Apr-2015 02:27:44 GMT; path=/
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: funzug.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 16 Apr 2014 02:27:43 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Wed, 16 Apr 2014 02:27:44 GMT
Set-Cookie: 5f182008abcb5627b2a0015031fa2fe4=-; path=/
Set-Cookie: ja_iolite_tpl=ja_iolite; expires=Mon, 06-Apr-2015 02:27:44 GMT; path=/
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: funzug.com
Referer: http://www.google.com/search?q=funzug.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: funzug.com
Referer: http://www.google.com/search?q=funzug.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=funzug.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://funzug.com/
Result: funzug.com is not infected or malware details are not published yet.
Result: funzug.com is not infected or malware details are not published yet.