Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=jethro-tull.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.jethro-tull.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 09 Jan 2015 20:21:23 GMT Location: http://jethrotull.com/ Server: Apache/2.2.23 (Unix) mod_ssl/2.2.23 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 Content-Length: 390 Content-Type: text/html; charset=iso-8859-1 | clean |
http://jethrotull.com/ | 200 OK Content-Length: 74806 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var axel = Math.random() + ""; var a = axel * 10000000000000; document.write('<iframe src="http://4222252.fls.doubleclick.net/activityi;src=4222252;type=homep381;cat=jethr0;ord=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>'); Antivirus reports:
Hidden iFrame found. size: 1x1 style: hidden src: http://4222252.fls.doubleclick.net/activityi;src=4222252;type=homep381;cat=jethr0;ord=1? <iframe src="http://4222252.fls.doubleclick.net/activityi;src=4222252;type=homep381;cat=jethr0;ord=1?" width="1" height="1" frameborder="0" style="display:none"> Hidden iFrame found. size: 1x1 style: hidden src: http://4222252.fls.doubleclick.net/activityi;src=4222252;type=homep381;cat=jethr0;ord= <iframe src="http://4222252.fls.doubleclick.net/activityi;src=4222252;type=homep381;cat=jethr0;ord=' + a + '?" width="1" height="1" frameborder="0" style="display:none"> | ||
http://jethrotull.com//ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Fri, 09 Jan 2015 20:21:24 GMT Pragma: no-cache Location: http://jethrotull.com/ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js/ Server: Apache/2.2.23 (Unix) mod_ssl/2.2.23 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Powered-By: PHP/5.3.17 | clean |
http://jethrotull.com/ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js/ | 404 Not Found Content-Length: 46178 Content-Type: text/html | clean |
http://jethrotull.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://jethrotull.com/wp-content/plugins/gigpress/scripts/gigpress.js?ver=4.1 | 200 OK Content-Length: 476 Content-Type: application/javascript | clean |
http://jethrotull.com/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.plugins.min.js?ver=4.1 | 200 OK Content-Length: 17128 Content-Type: application/javascript | clean |
http://jethrotull.com/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=4.1 | 200 OK Content-Length: 56013 Content-Type: application/javascript | clean |
http://widget.live365.com/widget/js/widget.js | 200 OK Content-Length: 21112 Content-Type: text/javascript | clean |
http://jethrotull.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.50.0-2014.02.05 | 200 OK Content-Length: 16305 Content-Type: application/javascript | clean |
http://jethrotull.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.8.1 | 200 OK Content-Length: 9630 Content-Type: application/javascript | clean |
http://jethrotull.com/wp-content/themes/flexform/includes/page-builder/assets/js_composer_front.js?ver=4.1 | 200 OK Content-Length: 11708 Content-Type: application/javascript | clean |
http://jethrotull.com/wp-content/themes/flexform/includes/plugins/love-it-pro/includes/js/love-it.js | 200 OK Content-Length: 1030 Content-Type: application/javascript | clean |
http://jethrotull.com/wp-content/themes/flexform/includes/plugins/love-it-pro/includes/js/jquery.cookie.js | 200 OK Content-Length: 1535 Content-Type: application/javascript | clean |
http://jethrotull.com/wp-content/themes/flexform/js/bootstrap.min.js | 200 OK Content-Length: 31596 Content-Type: application/javascript | clean |
http://jethrotull.com/wp-content/themes/flexform/js/jquery.hoverIntent.min.js | 200 OK Content-Length: 1464 Content-Type: application/javascript | clean |
http://jethrotull.com/wp-content/themes/flexform/js/jquery.easing.1.3.js | 200 OK Content-Length: 8301 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: jethro-tull.com
Result:
GET / HTTP/1.1
Host: jethro-tull.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: jethro-tull.com
Referer: http://www.google.com/search?q=jethro-tull.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: jethro-tull.com
Referer: http://www.google.com/search?q=jethro-tull.com
Result:
The result is similar to the first query. There are no suspicious redirects found.