Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=new.plumdragoness.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://new.plumdragoness.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://new.plumdragoness.com/ | 200 OK Content-Length: 53667 Content-Type: text/html | clean |
http://new.plumdragoness.com/wp-content/themes/Cion/js/jquery.js | 200 OK Content-Length: 56281 Content-Type: application/javascript | clean |
http://new.plumdragoness.com/wp-content/themes/Cion/js/idtabs.js | 200 OK Content-Length: 3498 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('(7($){$.F.q=7(){4 s={"b":B,"3":L,"5":B};o(4 i=0;i<t.8;++i){4 n={},a=t[i];M(m a){f"I":$.w(n,a);l;f"v":f"u":n.b=a;l;f"C":n["3"]=a;l;f"7":n.5=a;l};$.w(s,n)}4 j=2; Antivirus reports:
| ||
http://new.plumdragoness.com/wp-content/themes/Cion/js/slider.js | 200 OK Content-Length: 2894 Content-Type: application/javascript | clean |
http://new.plumdragoness.com/wp-content/themes/Cion/js/superfish.js | 200 OK Content-Length: 6035 Content-Type: application/javascript | clean |
http://new.plumdragoness.com/wp-content/themes/Cion/js/hoverIntent.js | 200 OK Content-Length: 5463 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function($){
$.fn.hoverIntent = function(f,g) { var cfg = { sensitivity: 7, interval: 100, timeout: 0 }; cfg = $.extend(cfg, g ? { over: f, out: g } : f ); var cX, cY, pX, pY; var track = function(ev) { cX = ev.pageX; cY = ev.pageY; }; var compare = function(ev,ob) { ob.hoverIntent_t = clearTimeout(ob.hoverIntent_t); if ( ( Math.abs(pX-cX) + Ma Antivirus reports:
| ||
http://new.plumdragoness.com/?page_id=5 | 200 OK Content-Length: 17872 Content-Type: text/html | clean |
http://new.plumdragoness.com/?page_id=221 | 200 OK Content-Length: 12850 Content-Type: text/html | clean |
http://new.plumdragoness.com/?page_id=219 | 200 OK Content-Length: 14297 Content-Type: text/html | clean |
http://new.plumdragoness.com/?page_id=220 | 200 OK Content-Length: 14373 Content-Type: text/html | clean |
http://new.plumdragoness.com/?page_id=160 | 200 OK Content-Length: 20079 Content-Type: text/html | clean |
http://new.plumdragoness.com/?page_id=7 | 200 OK Content-Length: 15231 Content-Type: text/html | clean |
http://new.plumdragoness.com/?page_id=258 | 200 OK Content-Length: 15935 Content-Type: text/html | clean |
http://new.plumdragoness.com/?page_id=226 | 200 OK Content-Length: 25722 Content-Type: text/html | clean |
http://new.plumdragoness.com/?page_id=213 | 200 OK Content-Length: 20015 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: new.plumdragoness.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 14 Jun 2014 08:10:58 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 53667
Content-Type: text/html; charset=UTF-8
X-Pingback: http://new.plumdragoness.com/xmlrpc.php
...53667 bytes of data.
GET / HTTP/1.1
Host: new.plumdragoness.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 14 Jun 2014 08:10:58 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 53667
Content-Type: text/html; charset=UTF-8
X-Pingback: http://new.plumdragoness.com/xmlrpc.php
...53667 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: new.plumdragoness.com
Referer: http://www.google.com/search?q=new.plumdragoness.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: new.plumdragoness.com
Referer: http://www.google.com/search?q=new.plumdragoness.com
Result:
The result is similar to the first query. There are no suspicious redirects found.