See: https://www.virustotal.com/nl/url/f4e08a99b0c6f3caf2a4e7a1a97172d0f551706cc3f35288531653e33adbcf68/analysis/1436732954/
PHISHING site: http://urlquery.net/report.php?id=1436733772218 → http://urlquery.net/report.php?id=1436699351783
See: http://whois.domaintools.com/pfrally.com
bad zone: Could not get name servers for ‘1r09.pfrally.com’. main domain: Error! Invalid domain name.
Badness history: https://cymon.io/domain/pfrally.com
Blocked by Bitdefender’s TrafficLight as part of a phishing attempt.
Website Netcraft Risk Status 1 red out of 10: http://toolbar.netcraft.com/site_report/?url=pFrAlly.com
WOT with 1 red: https://www.mywot.com/en/scorecard/pFrAlly.com Spam
session hijacking attack →
/home;jsessionid=25B5A46A20F3AA3EC7EBD6F351F417CE
/rule/readme;jsessionid=25B5A46A20F3AA3EC7EBD6F351F417CE
/age/readme ;jsessionid=25B5A46A20F3AA3EC7EBD6F351F417CE
/law/readme;jsessionid=25B5A46A20F3AA3EC7EBD6F351F417CE
/policy/readme;jsessionid=25B5A46A20F3AA3EC7EBD6F351F417CE
Read: http://stackoverflow.com/questions/4722151/what-is-the-vulnerability-of-having-jsessionid-on-first-request-only
/join/;jsessionid=25B5A46A20F3AA3EC7EBD6F351F417CE
Mal-link -j0ks.pfrally.com ja-JP language code. Link to -/freefiles/jucd7kyd/ → https://forum.avast.com/?topic=164129.0
See: http://websniffer.inetworktools.com/en/ws-o/pfrally.com/#formSearchTop
Detection ratio 2 http://safe-browsing.inetworktools.com/en/sb-o/pfrally.com/
BitDefender malware site & CRDF malicious site
polonus (volunteer website security analyst and website error-hunter)