Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=plainfielddesign.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ursavvy.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Fri, 26 Dec 2014 02:03:23 GMT
Pragma: no-cache
Age: 1
Server: Microsoft-IIS/7.5
Content-Length: 291
Content-Type: text/html; charset=utf-8
Expires: -1
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
...291 bytes of data.
GET / HTTP/1.1
Host: ursavvy.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Fri, 26 Dec 2014 02:03:23 GMT
Pragma: no-cache
Age: 1
Server: Microsoft-IIS/7.5
Content-Length: 291
Content-Type: text/html; charset=utf-8
Expires: -1
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
...291 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ursavvy.com
Referer: http://www.google.com/search?q=ursavvy.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ursavvy.com
Referer: http://www.google.com/search?q=ursavvy.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://plainfielddesign.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 27 Dec 2014 03:37:27 GMT Location: http://www.chaussureschristianlouboutin-fr.com Server: Apache Content-Length: 0 Content-Type: text/html; charset=utf-8 X-Powered-By: PHP/5.3.29 | clean |
http://www.chaussureschristianlouboutin-fr.com/ | 200 OK Content-Length: 30988 Content-Type: text/html | clean |
http://www.chaussureschristianlouboutin-fr.com/includes/templates/tw-chan/jscript/jscript_highslide-full.packed.js | 200 OK Content-Length: 47447 Content-Type: application/javascript | clean |
http://plainfielddesign.com/includes/templates/tw-chan/jscript/jscript_imagehover.js | HTTP/1.1 302 Found Connection: close Date: Sat, 27 Dec 2014 03:37:33 GMT Location: http://pills.ind.in/in.cgi?4¶meter=0510 Server: Apache Content-Length: 231 Content-Type: text/html; charset=iso-8859-1 | malicious |
http://pills.ind.in/in.cgi?4¶meter=0510 | 500 Can't connect to pills.ind.in:80 Content-Length: 187 Content-Type: text/plain | clean |
http://pills.ind.in/test404page.js | 500 Can't connect to pills.ind.in:80 Content-Length: 187 Content-Type: text/plain | clean |
http://plainfielddesign.com/includes/templates/tw-chan/jscript/jscript_lrscroll.js | HTTP/1.1 302 Found Connection: close Date: Sat, 27 Dec 2014 03:37:34 GMT Location: http://pills.ind.in/in.cgi?4¶meter=0510 Server: Apache Content-Length: 231 Content-Type: text/html; charset=iso-8859-1 | malicious |
http://plainfielddesign.com/includes/templates/tw-chan/jscript/jquery-1.7.2.min.js | HTTP/1.1 302 Found Connection: close Date: Sat, 27 Dec 2014 03:37:34 GMT Location: http://pills.ind.in/in.cgi?4¶meter=0510 Server: Apache Content-Length: 231 Content-Type: text/html; charset=iso-8859-1 | malicious |
http://plainfielddesign.com/includes/templates/tw-chan/jscript/manhuatoTop.1.0.js | HTTP/1.1 302 Found Connection: close Date: Sat, 27 Dec 2014 03:37:35 GMT Location: http://pills.ind.in/in.cgi?4¶meter=0510 Server: Apache Content-Length: 231 Content-Type: text/html; charset=iso-8859-1 | malicious |
https://js.realypay.com/index.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://js.users.51.la/16749006.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |