Scanned pages/files
Request | Server response | Status |
http://luralash.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 16 Sep 2014 03:33:29 GMT Location: http://www.latisse.com Server: Apache-Coyote/1.1 Content-Length: 0 | clean |
http://www.latisse.com/ | 200 OK Content-Length: 79560 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var axel = Math.random() + ""; var a = axel * 10000000000000; document.write('<iframe src="http://fls.doubleclick.net/activityi;src=1092360;type=latiss11;cat=homepage;ord=1;num=' + a + '?" width="1" height="1" frameborder="0" style="display:none"></iframe>'); Antivirus reports:
| ||
http://www.latisse.com/js/jquery-1.6.1.js | 200 OK Content-Length: 300808 Content-Type: application/x-javascript | clean |
http://luralash.com/js/initOmniVariables.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 16 Sep 2014 03:33:32 GMT Location: http://www.latisse.com Server: Apache-Coyote/1.1 Content-Length: 0 | clean |
http://www.latisse.com/test404page.js | 404 Not Found Content-Length: 103 Content-Type: text/html | clean |
http://luralash.com/js/jquery.cookie.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 16 Sep 2014 03:33:32 GMT Location: http://www.latisse.com Server: Apache-Coyote/1.1 Content-Length: 0 | clean |
http://luralash.com/js/jquery.autocomplete.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 16 Sep 2014 03:33:33 GMT Location: http://www.latisse.com Server: Apache-Coyote/1.1 Content-Length: 0 | clean |
http://luralash.com/js/jquery.json.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 16 Sep 2014 03:33:33 GMT Location: http://www.latisse.com Server: Apache-Coyote/1.1 Content-Length: 0 | clean |
http://luralash.com/js/default.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 16 Sep 2014 03:33:33 GMT Location: http://www.latisse.com Server: Apache-Coyote/1.1 Content-Length: 0 | clean |
http://luralash.com/js/TJK_ToggleDL.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 16 Sep 2014 03:33:34 GMT Location: http://www.latisse.com Server: Apache-Coyote/1.1 Content-Length: 0 | clean |
http://luralash.com/js/shareForm.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 16 Sep 2014 03:33:34 GMT Location: http://www.latisse.com Server: Apache-Coyote/1.1 Content-Length: 0 | clean |
http://luralash.com/js/sessvars.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 16 Sep 2014 03:33:34 GMT Location: http://www.latisse.com Server: Apache-Coyote/1.1 Content-Length: 0 | clean |
http://luralash.com/js/default_animate.js?revision=1.1 | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 16 Sep 2014 03:33:34 GMT Location: http://www.latisse.com Server: Apache-Coyote/1.1 Content-Length: 0 | clean |
http://luralash.com/js/pngFix.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 16 Sep 2014 03:33:35 GMT Location: http://www.latisse.com Server: Apache-Coyote/1.1 Content-Length: 0 | clean |
https://webassets.allergan.com/scripts/tabs/tabs.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
https://webassets.allergan.com/scripts/jquery.colorbox.min.js | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://luralash.com/../js/shareform.js | 400 Bad Request Content-Length: 0 | clean |
http://luralash.com/WebResource.axd?d=1TtQzk_fP-zgm4PqKnO02Rb8J_4U5XnvO-2DU2QrgSthH6G08nS5BYU2JLtf66VZzg4NyMmKEerIZ5ZiIOj_vc5v35Q1&t=635294806417495136 | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 16 Sep 2014 03:33:45 GMT Location: http://www.latisse.com Server: Apache-Coyote/1.1 Content-Length: 0 | clean |
http://luralash.com/WebResource.axd?d=jLEmHt7KDMw7l2UYLIfQ07OlkAKJhjHvxRYJrNPIthRcAn0NDx6PGnUxD4j8KoaxuGzmbZs5i3oRZIU6oMs53LskwA41&t=635294806417495136 | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 16 Sep 2014 03:33:45 GMT Location: http://www.latisse.com Server: Apache-Coyote/1.1 Content-Length: 0 | clean |
http://luralash.com/js/s_code.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 16 Sep 2014 03:33:46 GMT Location: http://www.latisse.com Server: Apache-Coyote/1.1 Content-Length: 0 | clean |
http://luralash.com/js/copyOmniVariables.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 16 Sep 2014 03:33:46 GMT Location: http://www.latisse.com Server: Apache-Coyote/1.1 Content-Length: 0 | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: luralash.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 16 Sep 2014 03:33:29 GMT
Location: http://www.latisse.com
Server: Apache-Coyote/1.1
Content-Length: 0
...0 bytes of data.
GET / HTTP/1.1
Host: luralash.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 16 Sep 2014 03:33:29 GMT
Location: http://www.latisse.com
Server: Apache-Coyote/1.1
Content-Length: 0
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: luralash.com
Referer: http://www.google.com/search?q=luralash.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: luralash.com
Referer: http://www.google.com/search?q=luralash.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=luralash.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://luralash.com/
Result: luralash.com is not infected or malware details are not published yet.
Result: luralash.com is not infected or malware details are not published yet.