Scanned pages/files
Request | Server response | Status |
http://plushandmore.com/ | 200 OK Content-Length: 283 Content-Type: text/html | clean |
http://plushandmore.com/.ftpquota | 200 OK Content-Length: 6 Content-Type: text/plain | clean |
http://plushandmore.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://plushandmore.com/cgi-bin/ | 403 Forbidden Content-Length: 329 Content-Type: text/html | clean |
http://plushandmore.com/x.htm | 200 OK Content-Length: 822 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By LastTouch <html>
<head> <title>Hacked By LastTouch</title> <link REL="SHORTCUT ICON" HREF="https://cdn1.iconfinder.com/data/icons/finalflags/128/Indonesia-Flag.png"> <body bgcolor="white" oncontextmenu="return false;" onkeydown="return false;" onmousedown="return false;"> <center> <img src="https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRHrKLw1W5v_pTTuAc9NzdBsn4kS9GYkAuNJZ3Di9uj_8N5Yjceaw" ><br><br> & ...[529 bytes skipped]... |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: plushandmore.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 12 Oct 2014 22:29:23 GMT
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Content-Length: 283
Content-Type: text/html;charset=ISO-8859-1
...283 bytes of data.
GET / HTTP/1.1
Host: plushandmore.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 12 Oct 2014 22:29:23 GMT
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Content-Length: 283
Content-Type: text/html;charset=ISO-8859-1
...283 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: plushandmore.com
Referer: http://www.google.com/search?q=plushandmore.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: plushandmore.com
Referer: http://www.google.com/search?q=plushandmore.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=plushandmore.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://plushandmore.com/
Result: plushandmore.com is not infected or malware details are not published yet.
Result: plushandmore.com is not infected or malware details are not published yet.