Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://www.plustax.pl/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: www.plustax.pl Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Fri, 13 Jun 2014 17:54:18 GMT Location: http://anorkplim.tfgjustsayin.net/b/ss/biskvillanova,biskglobal/1/H.20.3/s92090527969294?AQB=1&ndh=1&t=10/6/2012%2010:29:8%202%20-420&ce=ISO-8859-1&ns=biskeducation&pageName=/translate_c&g=http%3A%2F%2Fwww.plustax.pl%2F&cc=USD&c11=/translate_c:LeadSystem:%28No%20Data%20Entered%29&v16=barge&s=800x600&c=24&j=1.7&v=N&k=Y&bw=800&bh=344&p=Java%20Deployment%20Toolkit%206.0.210.7%3BShockwave%20Flash%3BAdobe%20Acrobat%3BWindows%20Media%20Player%20Plug-in%20Dynamic%20Link%20Library%3B2007%20Microsoft%20Office%20system%3BMicrosoft%u00AE%20DRM%3B&pe=lnk_o&pev1=http%3A%2F%2Fwww.plustax.pl%2F&pev2=Form%20Analysis&AQE=1 Server: Apache/2 Content-Length: 881 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: NoV=18; path=/; domain=www.plustax.pl; expires=Fri, 20-Jun-2014 23:20:18 GMT | suspicious |
URL: http://anorkplim.tfgjustsayin.net/b/ss/biskvillanova,biskglobal/1/H.20.3/s92090527969294?AQB=1&ndh=1&t=10/6/2012%2010:29:8%202%20-420&ce=ISO-8859-1&ns=biskeducation&pageName=/translate_c&g=http%3A%2F%2Fwww.plustax.pl%2F&cc=USD&c11=/translate_c:LeadSystem:%28No%20Data%20Entered%29&v16=barge&s=800x600&c=24&j=1.7&v=N&k=Y&bw=800&bh=344&p=Java%20Deployment%20Toolkit%206.0.210.7%3BShockwave%20Flash%3BAdobe%20Acrobat%3BWindows%20Media%20Player%20Plug-in%20Dynamic%20Link%20Library%3B2007%20Microsoft%20Office%20system%3BMicrosoft%u00AE%20DRM%3B&pe=lnk_o&pev1=http%3A%2F%2Fwww.plustax.pl%2F&pev2=Form%20Analysis&AQE=1 (imitation of visitor from search engine) GET /b/ss/biskvillanova,biskglobal/1/H.20.3/s92090527969294?AQB=1&ndh=1&t=10/6/2012%2010:29:8%202%20-420&ce=ISO-8859-1&ns=biskeducation&pageName=/translate_c&g=http%3A%2F%2Fwww.plustax.pl%2F&cc=USD&c11=/translate_c:LeadSystem:%28No%20Data%20Entered%29&v16=barge&s=800x600&c=24&j=1.7&v=N&k=Y&bw=800&bh=344&p=Java%20Deployment%20Toolkit%206.0.210.7%3BShockwave%20Flash%3BAdobe%20Acrobat%3BWindows%20Media%20Player%20Plug-in%20Dynamic%20Link%20Library%3B2007%20Microsoft%20Office%20system%3BMicrosoft%u00AE%20DRM%3B&pe=lnk_o&pev1=http%3A%2F%2Fwww.plustax.pl%2F&pev2=Form%20Analysis&AQE=1 HTTP/1.1 Host: anorkplim.tfgjustsayin.net Referer: http://www.google.com/search?q=redirect+check2 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 13 Jun 2014 17:54:18 GMT Location: http://www.google.com/ Server: nginx/1.1.4 Content-Length: 160 Content-Type: text/html | suspicious |
Scanned pages/files
Request | Server response | Status |
http://www.plustax.pl/ | 200 OK Content-Length: 9808 Content-Type: text/html | clean |
http://www.plustax.pl/js/prototype.js | 404 Not Found Content-Length: 2161 Content-Type: text/html | clean |
http://www.plustax.pl/test404page.js | 404 Not Found Content-Length: 2159 Content-Type: text/html | clean |
http://www.plustax.pl/js/scriptaculous.js?load=effects,builder | 200 OK Content-Length: 2933 Content-Type: application/javascript | clean |
http://www.plustax.pl/js/lightbox.js | 200 OK Content-Length: 18513 Content-Type: application/javascript | clean |
http://adstat.4u.pl/s.js?plustax | 200 OK Content-Length: 458 Content-Type: application/x-javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=plustax.pl
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://plustax.pl/
Result: plustax.pl is not infected or malware details are not published yet.
Result: plustax.pl is not infected or malware details are not published yet.