Scanned pages/files
| Request | Server response | Status |
http://www.brandflakesforbreakfast.com/ | 200 OK Content-Length: 81484 Content-Type: text/html | clean |
https://s3.amazonaws.com/brandflakes/jquery-1.3.2.js | 200 OK Content-Length: 57254 Content-Type: application/x-javascript | clean |
https://s3.amazonaws.com/brandflakes/jquery.cookie.js | 200 OK Content-Length: 4246 Content-Type: application/x-javascript | clean |
https://s3.amazonaws.com/brandflakes/menu.js | 200 OK Content-Length: 2350 Content-Type: application/x-javascript | clean |
http://www.smlinux.com/js/bffb.js | 200 OK Content-Length: 1638 Content-Type: application/javascript | clean |
https://apis.google.com/js/plusone.js | 200 OK Content-Length: 12388 Content-Type: application/javascript | clean |
http://w.sharethis.com/button/sharethis.js | 200 OK Content-Length: 87491 Content-Type: application/x-javascript | clean |
http://platform.twitter.com/widgets.js | 200 OK Content-Length: 100805 Content-Type: application/javascript | clean |
http://www.blogger.com/feeds/11191851/posts/default?alt=json-in-script&callback=listLabels | HTTP/1.1 302 Moved Temporarily Cache-Control: private, max-age=0 Connection: close Date: Fri, 22 Aug 2014 00:05:39 GMT Location: https://www.blogger.com/feeds/11191851/posts/default?alt=json-in-script&callback=listLabels Server: GSE Content-Type: text/html; charset=UTF-8 Expires: Fri, 22 Aug 2014 00:05:39 GMT Alternate-Protocol: 80:quic P3P: CP="This is not a P3P policy! See http://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info." X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
https://www.blogger.com/feeds/11191851/posts/default?alt=json-in-script&callback=listlabels | 200 OK Content-Length: 106534 Content-Type: text/javascript | clean |
http://adage.com/power150/badge-generate.php?id=47 | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 22 Aug 2014 00:05:41 GMT Location: /article/power-150-blog/powering-power-150/237986/ Server: Apache Vary: Accept-Encoding,User-Agent Content-Length: 0 Content-Type: text/html; charset=UTF-8 Set-Cookie: HMAC=8270B2E433602AE306168E5C0201F84EAF0A5918; path=/ Set-Cookie: HMAC=205A2B69B2D0FE0C306AD1E702C61263C24434F6; path=/ Status: 301 Moved Permanently X-Instart-Request-ID: 10680348366904461537:SEN01-NPPRY08:1408665941:164 | clean |
http://adage.com/article/power-150-blog/powering-power-150/237986/ | 200 OK Content-Length: 102765 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){var a=document,b=a.createElement("script"),a=a.getElementsByTagName("script")[0];b.type="text/javascript";b.async=!0;b.src="http://s.moatads.com/adagecontent38Ni09a/moatcontent.js";a.parentNode.insertBefore(b,a)})(); Antivirus reports:
| ||
http://adage.com//cdn.optimizely.com/js/925388773.js/ | 404 Not Found Content-Length: 68177 Content-Type: text/html | clean |
http://gaia.adage.com/assets/js/libs/modernizr.js?1407991151 | 200 OK Content-Length: 13500 Content-Type: application/x-javascript | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js | 200 OK Content-Length: 93068 Content-Type: text/javascript | clean |
http://apis.google.com/js/plusone.js | 200 OK Content-Length: 12387 Content-Type: application/javascript | clean |
http://gaia.adage.com/scripts/s_crainsc.js?1407991065 | 200 OK Content-Length: 85737 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: brandflakesforbreakfast.com
Result:
GET / HTTP/1.1
Host: brandflakesforbreakfast.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: brandflakesforbreakfast.com
Referer: http://www.google.com/search?q=brandflakesforbreakfast.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: brandflakesforbreakfast.com
Referer: http://www.google.com/search?q=brandflakesforbreakfast.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=brandflakesforbreakfast.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://brandflakesforbreakfast.com/
Result: brandflakesforbreakfast.com is not infected or malware details are not published yet.
Result: brandflakesforbreakfast.com is not infected or malware details are not published yet.