Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: plansky.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 03 Mar 2015 20:31:43 GMT
Accept-Ranges: bytes
Server: nginx/1.0.15
Vary: Accept-Encoding
Content-Length: 53793
Content-Type: text/html
Last-Modified: Fri, 24 Oct 2014 13:03:19 GMT
...53793 bytes of data.
GET / HTTP/1.1
Host: plansky.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 03 Mar 2015 20:31:43 GMT
Accept-Ranges: bytes
Server: nginx/1.0.15
Vary: Accept-Encoding
Content-Length: 53793
Content-Type: text/html
Last-Modified: Fri, 24 Oct 2014 13:03:19 GMT
...53793 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: plansky.net
Referer: http://www.google.com/search?q=plansky.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: plansky.net
Referer: http://www.google.com/search?q=plansky.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://plansky.net/ | 200 OK Content-Length: 53793 Content-Type: text/html | clean |
http://plansky.net/2014/quyu_0317/486.html | 200 OK Content-Length: 100586 Content-Type: text/html | clean |
http://plansky.net/statics/js/jquery.min.js | 200 OK Content-Length: 92555 Content-Type: application/x-javascript | clean |
http://plansky.net/statics/js/jquery.sgallery.js | 200 OK Content-Length: 5384 Content-Type: application/x-javascript | clean |
http://plansky.net/statics/js/search_common.js | 200 OK Content-Length: 248 Content-Type: application/x-javascript | clean |
http://plansky.net/statics/js/MSClass.js | 200 OK Content-Length: 16532 Content-Type: application/x-javascript | clean |
http://www.plansky.net/caches/poster_js/21.js | 200 OK Content-Length: 2962 Content-Type: application/x-javascript | clean |
http://www.plansky.net/index.php?m=mood&c=index&a=init&id=21-486-1 | HTTP/1.1 200 OK Connection: close Date: Tue, 03 Mar 2015 20:31:58 GMT Server: nginx/1.0.15 Vary: Accept-Encoding Content-Type: text/html X-Powered-By: PHP/5.2.17p1 | clean |
http://omgoqmbh.tk?/?n9s0yxfhtml&ab=&mb= | HTTP/1.1 203 Non-Authoritative Information Cache-Control: no-cache Connection: close Date: Tue, 03 Mar 2015 20:26:45 GMT Pragma: no-cache Server: nginx/1.6.2 Vary: Accept-Encoding Content-Length: 643 Content-Type: text/html;charset=UTF-8 Expires: Thu, 01 Jan 1970 00:00:00 GMT Set-Cookie: JSESSIONID=F79AE0A8D5BDB5B3F27E0E0C67E071FE; Path=/; HttpOnly X-Server: e3442be69852 | clean |
http://domain.dot.tk/p/?d=omgoqmbh.tk&i=78.158.11.226&c=370&ro=0&ref=unknown&_=1425414405924 | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 03 Mar 2015 20:26:46 GMT Location: http://sp3.yousee.com/?dm=OMGOQMBH.TK&acc=c769628d-4248-4e14-d7d6-d4e06559f7f3&_=1425414406 Server: Apache/1.3.41 (Unix) mod_perl/1.30 Content-Length: 0 Content-Type: text/html; charset=ISO-8859-1 | clean |
http://sp3.yousee.com/?dm=omgoqmbh.tk&acc=c769628d-4248-4e14-d7d6-d4e06559f7f3&_=1425414406 | 200 OK Content-Length: 12772 Content-Type: text/html | clean |
http://www.google.com/adsense/domains/caf.js | 200 OK Content-Length: 210463 Content-Type: text/javascript | clean |
http://www.plansky.net/js/parking_caf_281_1409192.js | 404 Not Found Content-Length: 571 Content-Type: text/html | clean |
http://www.plansky.net/test404page.js | 404 Not Found Content-Length: 571 Content-Type: text/html | clean |
http://cpro.baidustatic.com/cpro/ui/c.js | 200 OK Content-Length: 84003 Content-Type: application/x-javascript | clean |
http://www.plansky.net/api.php?op=count&id=486&modelid=1 | 200 OK Content-Length: 399 Content-Type: text/html | clean |
http://plansky.net/2013/quyu_1203/464.html | 200 OK Content-Length: 20515 Content-Type: text/html | clean |
http://www.plansky.net/index.php?m=mood&c=index&a=init&id=21-464-1 | HTTP/1.1 200 OK Connection: close Date: Tue, 03 Mar 2015 20:32:10 GMT Server: nginx/1.0.15 Vary: Accept-Encoding Content-Type: text/html X-Powered-By: PHP/5.2.17p1 | clean |
http://www.plansky.net/api.php?op=count&id=464&modelid=1 | 200 OK Content-Length: 399 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=plansky.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://plansky.net/
Result: plansky.net is not infected or malware details are not published yet.
Result: plansky.net is not infected or malware details are not published yet.