Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=6simonianrugs.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: youjizz-tube8.com
Result:
GET / HTTP/1.1
Host: youjizz-tube8.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: youjizz-tube8.com
Referer: http://www.google.com/search?q=youjizz-tube8.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: youjizz-tube8.com
Referer: http://www.google.com/search?q=youjizz-tube8.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://6simonianrugs.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 28 Dec 2014 14:09:23 GMT Location: http://www.simonianrugs.com Server: Sun-ONE-Web-Server/6.1 Content-Length: 122 Content-Type: text/html | malicious |
http://www.simonianrugs.com/ | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=900 Connection: close Date: Sun, 28 Dec 2014 14:09:23 GMT Age: 1 Location: http://rugcleanersanmateo.com Server: Microsoft-IIS/7.5 Content-Length: 0 Content-Type: text/html X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET | malicious |
http://rugcleanersanmateo.com/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection: close Date: Sun, 28 Dec 2014 14:09:26 GMT Pragma: no-cache Location: http://www.rugcleanersanmateo.com/ Server: Apache mod_fcgid/2.3.10-dev Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: PHPSESSID=5a57f7d57c53e02f434fdd108f7fba8c; path=/ X-Pingback: http://www.rugcleanersanmateo.com/xmlrpc.php X-Powered-By: PHP/5.4.35 | clean |
http://www.rugcleanersanmateo.com/ | 200 OK Content-Length: 36183 Content-Type: text/html | clean |
http://www.rugcleanersanmateo.com/wp-content/themes/CherryFramework/js/jquery-1.7.2.min.js?ver=1.7.2 | 200 OK Content-Length: 94840 Content-Type: application/javascript | clean |
http://www.rugcleanersanmateo.com/wp-content/plugins/wp-e-commerce/wpsc-core/js/wp-e-commerce.js?ver=3.8.14.4.aa9c5c4f95 | 200 OK Content-Length: 52752 Content-Type: application/javascript | clean |
http://www.rugcleanersanmateo.com/wp-content/plugins/wp-e-commerce/wpsc-admin/js/jquery.livequery.js?ver=1.0.3 | 200 OK Content-Length: 6714 Content-Type: application/javascript | clean |
http://www.rugcleanersanmateo.com/wp-content/plugins/wp-e-commerce/wpsc-core/js/user.js?ver=3.8.14.4aa9c5c4f95 | 200 OK Content-Length: 14438 Content-Type: application/javascript | clean |
http://www.rugcleanersanmateo.com/wp-content/plugins/wp-e-commerce/wpsc-core/js/thickbox.js?ver=Instinct_e-commerce | 200 OK Content-Length: 14444 Content-Type: application/javascript | clean |
http://www.rugcleanersanmateo.com/wp-content/plugins/gallery-plugin/fancybox/jquery.mousewheel-3.0.4.pack.js?ver=4.0.1 | 200 OK Content-Length: 1279 Content-Type: application/javascript | clean |
http://www.rugcleanersanmateo.com/wp-content/plugins/gallery-plugin/fancybox/jquery.fancybox-1.3.4.pack.js?ver=4.0.1 | 200 OK Content-Length: 15624 Content-Type: application/javascript | clean |
http://www.rugcleanersanmateo.com/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.plugins.min.js?ver=4.0.1 | 200 OK Content-Length: 17331 Content-Type: application/javascript | clean |
http://www.rugcleanersanmateo.com/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=4.0.1 | 200 OK Content-Length: 56235 Content-Type: application/javascript | clean |
http://www.rugcleanersanmateo.com/wp-content/plugins/wp-testimonial-widget/js/jquery.cycle.all.js?ver=4.0.1 | 200 OK Content-Length: 52496 Content-Type: application/javascript | clean |
http://www.rugcleanersanmateo.com/wp-includes/js/swfobject.js?ver=2.2-20120417 | 200 OK Content-Length: 10231 Content-Type: application/javascript | clean |
http://www.rugcleanersanmateo.com/wp-content/themes/CherryFramework/js/modernizr.js?ver=2.0.6 | 200 OK Content-Length: 12314 Content-Type: application/javascript | clean |
http://www.rugcleanersanmateo.com/wp-content/themes/CherryFramework/js/jquery.elastislide.js?ver=1.0 | 200 OK Content-Length: 6252 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(j,c,l){c.fn.touchwipe=function(a){var b={min_move_x:20,min_move_y:20,wipeLeft:function(){},wipeRight:function(){},wipeUp:function(){},wipeDown:function(){},preventDefaultEvents:!0};a&&c.extend(b,a);this.each(function(){function a(){this.removeEventListener("touchmove",c);d=null;k=!1}function c(h){b.preventDefaultEvents&&h.preventDefault();if(k){var f=d-h.touches[0].pageX;h=e-h.touches[0].pageY;Math.abs(f)>=b.min_move_x?(a(),0<f?b.wipeLeft():b.wipeRight()):Math.abs new c.elastislide(a,this))});return this}})(window,jQuery); Antivirus reports:
| ||
http://www.rugcleanersanmateo.com/wp-content/themes/CherryFramework/js/jflickrfeed.js?ver=1.0 | 200 OK Content-Length: 1083 Content-Type: application/javascript | clean |