Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gadgets.gunaxin.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://gadgets.gunaxin.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://gadgets.gunaxin.com/ | 200 OK Content-Length: 48206 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: links.gunaxin.com var news_url='http://links.gunaxin.com/category/gadgets/';var navigator_name=navigator.userAgent.toLowerCase();var isChrome=(navigator_name.indexOf('chrome')!=-1);function click_window(){var results=document.cookie.match('(^|;)?gunaxin.com=([^;]*)(;|$)');if(!results)popup_news()}window.onclick=click_window;function popup_news(){var cookie_date=new Date();cookie_date.setTime(cookie_date.getTime()+1209600000);document.cookie='gunaxin.com=yes;domain=gunaxin.com;expires='+cookie_date.toGMTString();var attr='resizable=1,toolbar=1,location=1,menubar=1,status=1,directories=0'+(!isChrome?',scrollbars=1':'');var popup=window.open(news_url,'',attr);isChrome?window.blur():popup.blur();window.focus()} Malicious iFrame found. size: 110x600 src: http://links.gunaxin.com/lite/gadgets.php This URL is marked by Yandex as suspicious <iframe src="http://links.gunaxin.com/lite/gadgets.php" scrolling=no width="110" height="600" frameborder=0 padding="0" margin="0"> | ||
http://gadgets.gunaxin.com//ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Wed, 08 Oct 2014 18:59:29 GMT Pragma: no-cache Location: http://gadgets.gunaxin.com/ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js/ Server: nginx Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT | clean |
http://gadgets.gunaxin.com/ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js/ | 404 Not Found Content-Length: 27431 Content-Type: text/html | malicious |
Page code contains blacklisted domain: cdn.gunaxin.com ...[3932 bytes skipped]... gt; <div style="display: none;"> <img src="//pixel.quantserve.com/pixel/p-f1g0D1JZ8NYX6.gif" height="1" width="1" alt="Quantcast"/> </div> </noscript> </body> </html> <!-- Performance optimized by W3 Total Cache. Learn more: http://www.w3-edge.com/wordpress-plugins/ Page Caching using disk: enhanced Content Delivery Network via cdn.gunaxin.com Served from: gadgets.gunaxin.com @ 2014-10-08 14:59:30 by W3 Total Cache --> Malicious iFrame found. size: 110x600 src: http://links.gunaxin.com/lite/gadgets.php This URL is marked by Yandex as suspicious <iframe src="http://links.gunaxin.com/lite/gadgets.php" scrolling=no width="110" height="600" frameborder=0 padding="0" margin="0"> | ||
http://cdn.gunaxin.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/x-javascript | clean |
http://gadgets.gunaxin.com/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=4.0.6 | 200 OK Content-Length: 2455 Content-Type: application/x-javascript | clean |
http://gadgets.gunaxin.com/wp-content/plugins/taqyeem/js/tie.js?ver=4.0 | 200 OK Content-Length: 2276 Content-Type: application/x-javascript | clean |
http://gadgets.gunaxin.com/wp-content/plugins/fanciest-author-box/js/ts-fab.min.js?ver=1.4.1 | 200 OK Content-Length: 503 Content-Type: application/x-javascript | clean |
http://gadgets.gunaxin.com/wp-content/plugins/nextgen-gallery/js/jquery.cycle.all.min.js?ver=2.9995 | 200 OK Content-Length: 26590 Content-Type: application/x-javascript | clean |
http://gadgets.gunaxin.com/wp-content/plugins/nextgen-gallery/js/ngg.slideshow.min.js?ver=1.06 | 200 OK Content-Length: 1791 Content-Type: application/x-javascript | clean |
http://cdn.gunaxin.com/wp-includes/js/jquery/jquery.color.min.js?ver=2.1.1 | 200 OK Content-Length: 9295 Content-Type: application/x-javascript | clean |
http://gadgets.gunaxin.com/wp-content/plugins/ultimate-social-deux/public/assets/js/script-ck.js?ver=3.1.5 | 200 OK Content-Length: 49021 Content-Type: application/x-javascript | clean |
http://gadgets.gunaxin.com/wp-content/plugins/featured-content-gallery/scripts/mootools.v1.11.js | 200 OK Content-Length: 34840 Content-Type: application/x-javascript | clean |
http://gadgets.gunaxin.com/wp-content/plugins/featured-content-gallery/scripts/jd.gallery.js.php | 200 OK Content-Length: 26871 Content-Type: text/html | clean |
http://gadgets.gunaxin.com/test404page.js | 404 Not Found Content-Length: 564 Content-Type: text/html | clean |
http://gadgets.gunaxin.com/wp-content/plugins/featured-content-gallery/scripts/jd.gallery.transitions.js | 200 OK Content-Length: 2182 Content-Type: application/x-javascript | clean |
http://gadgets.gunaxin.com/wp-content/plugins/wptouch-pro-3/include/js/desktop-switch.js | 200 OK Content-Length: 1235 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: gadgets.gunaxin.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Cache-Control: max-age=3600, public, must-revalidate, proxy-revalidate
Connection: close
Date: Wed, 08 Oct 2014 18:59:28 GMT
Pragma: public
Accept-Ranges: bytes
Server: nginx
Vary: Accept-Encoding
Vary: Accept-Encoding, Cookie
Content-Length: 48206
Content-Type: text/html
Expires: Wed, 08 Oct 2014 18:13:07 GMT
Last-Modified: Wed, 08 Oct 2014 17:13:07 GMT
X-Powered-By: W3 Total Cache
...48206 bytes of data.
GET / HTTP/1.1
Host: gadgets.gunaxin.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Cache-Control: max-age=3600, public, must-revalidate, proxy-revalidate
Connection: close
Date: Wed, 08 Oct 2014 18:59:28 GMT
Pragma: public
Accept-Ranges: bytes
Server: nginx
Vary: Accept-Encoding
Vary: Accept-Encoding, Cookie
Content-Length: 48206
Content-Type: text/html
Expires: Wed, 08 Oct 2014 18:13:07 GMT
Last-Modified: Wed, 08 Oct 2014 17:13:07 GMT
X-Powered-By: W3 Total Cache
...48206 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: gadgets.gunaxin.com
Referer: http://www.google.com/search?q=gadgets.gunaxin.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: gadgets.gunaxin.com
Referer: http://www.google.com/search?q=gadgets.gunaxin.com
Result:
The result is similar to the first query. There are no suspicious redirects found.