New scan:

Malware Scanner report for thegrandparentplace.com

Malicious/Suspicious/Total urls checked
0/0/12
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
Found
Probably the website is defaced. The following signature was found:

Hacked By ./FaaChan11  (18 websites defaced)

See details below

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://thegrandparentplace.com/
200 OK
Content-Length: 10698
Content-Type: text/html
suspicious
Deface/Content modification. The following signature was found: Hacked By ./FaaChan11

<HTML>
<script src="http://sites.google.com/site/amatullah83/js-indahnyaberbagi/bintang.hijau.js" type="text/javascript"></script>
<style type="text/css"> body{cursor: url("http://i186.photobucket.com/albums/x100/amoebios_4m/nexuiz_default_cursor_1c.png"), auto;} </style></a>
<html><head><title>Hacked By ./FaaChan11</title>
<script language="JavaScript">
var numraindrops="150";
var speed="10";
var rainsize="2";
var wind="left";
var genxgallery="";

function tb5_makeArray(n){ this.length = n; return this.length;
}
tb5_messages = new tb5_makeArray(2);
tb5_messages[0] = " [+] Hacked by ./FaaChan11 [+] ";
tb5_messages[1] = " [+] Indonesia Cyber Attacker [+] ";
tb5_rpt
...[12240 bytes skipped]...


http://sites.google.com/site/amatullah83/js-indahnyaberbagi/bintang.hijau.js
HTTP/1.1 302 Moved Temporarily
Cache-Control: private, max-age=0
Connection: close
Date: Tue, 23 Sep 2014 16:12:35 GMT
Location: https://sites.google.com/site/amatullah83/js-indahnyaberbagi/bintang.hijau.js
Server: GSE
Content-Type: text/html; charset=UTF-8
Expires: Tue, 23 Sep 2014 16:12:35 GMT
Alternate-Protocol: 80:quic,p=0.002
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
clean
https://sites.google.com/site/amatullah83/js-indahnyaberbagi/bintang.hijau.js
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: close
Date: Tue, 23 Sep 2014 16:12:35 GMT
Pragma: no-cache
ETag: "1263019567512"
Location: https://sites.google.com/site/amatullah83/js-indahnyaberbagi/bintang.hijau.js?attredirects=0
Server: GSE
Content-Type: text/html; charset=UTF-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Last-Modified: Sat, 09 Jan 2010 06:46:07 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Robots-Tag: noarchive
X-XSS-Protection: 1; mode=block
clean
https://sites.google.com/site/amatullah83/js-indahnyaberbagi/bintang.hijau.js?attredirects=0
HTTP/1.1 302 Moved Temporarily
Cache-Control: private, max-age=0
Connection: close
Date: Tue, 23 Sep 2014 16:12:35 GMT
Location: https://16a4b2f4-a-62cb3a1a-s-sites.googlegroups.com/site/amatullah83/js-indahnyaberbagi/bintang.hijau.js?attachauth=ANoY7cpJ5WuO1CFdMU_iRcfiMWO7oRIkrCZnYGGCfhtsRF0wVuYC5hQ_FLZmarltXVk58yH_DWADC8FHwW-6cHqLAJ-6kqq10NNWR4Ls8FzivjV723lh58OdkKkmwSRkvJaa9WziVMaWeDEONEEBlovs9HMzYp5nmdy95Y9X5dhxc8ERPW8bKuYxVu-EtKX-wNbfC6I5FCYRGTWimlY8TYjHzHAd1FUpmXfs-vKpCp33yaNFxwCnGio%3D&attredirects=0
Server: GSE
Content-Type: text/html; charset=UTF-8
Expires: Tue, 23 Sep 2014 16:12:35 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
clean
https://16a4b2f4-a-62cb3a1a-s-sites.googlegroups.com/site/amatullah83/js-indahnyaberbagi/bintang.hijau.js?attachauth=anoy7cpj5wuo1cfdmu_ircfimwo7orikrcznyggcfhtsrf0wvuyc5hq_flzmarltxvk58yh_dwadc8fhww-6chqlaj-6kqq10nnwr4ls8fzivjv723lh58odkkkmwsrkvjaa9wzivmawedeoneeblovs9hmzyp5nmdy95y9x5dhxc8erpw8bkuyxvu-etkx-wnbfc6i5fcyrgtwimly8tyjhzhad1fupmxfs-vkpcp33yanfxwcngio%3d&attredirects=0
HTTP/1.1 302 Moved Temporarily
Cache-Control: private, max-age=0
Connection: close
Date: Tue, 23 Sep 2014 16:12:36 GMT
Location: https://www.google.com/a/UniversalLogin?service=jotspot&passive=1209600&continue=https://16a4b2f4-a-62cb3a1a-s-sites.googlegroups.com/site/amatullah83/js-indahnyaberbagi/bintang.hijau.js?attachauth%3Danoy7cpj5wuo1cfdmu_ircfimwo7orikrcznyggcfhtsrf0wvuyc5hq_flzmarltxvk58yh_dwadc8fhww-6chqlaj-6kqq10nnwr4ls8fzivjv723lh58odkkkmwsrkvjaa9wzivmawedeoneeblovs9hmzyp5nmdy95y9x5dhxc8erpw8bkuyxvu-etkx-wnbfc6i5fcyrgtwimly8tyjhzhad1fupmxfs-vkpcp33yanfxwcngio%253D%26attredirects%3D0&followup=https://16a4b2f4-a-62cb3a1a-s-sites.googlegroups.com/site/amatullah83/js-indahnyaberbagi/bintang.hijau.js?attachauth%3Danoy7cpj5wuo1cfdmu_ircfimwo7orikrcznyggcfhtsrf0wvuyc5hq_flzmarltxvk58yh_dwadc8fhww-6chqlaj-6kqq10nnwr4ls8fzivjv723lh58odkkkmwsrkvjaa9wzivmawedeoneeblovs9hmzyp5nmdy95y9x5dhxc8erpw8bkuyxvu-etkx-wnbfc6i5fcyrgtwimly8tyjhzhad1fupmxfs-vkpcp33yanfxwcngio%253D%26attredirects%3D0
Server: GSE
Content-Type: text/html; charset=UTF-8
Expires: Tue, 23 Sep 2014 16:12:36 GMT
Alternate-Protocol: 443:quic,p=0.002
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
clean
https://www.google.com/a/universallogin?service=jotspot&passive=1209600&continue=https://16a4b2f4-a-62cb3a1a-s-sites.googlegroups.com/site/amatullah83/js-indahnyaberbagi/bintang.hijau.js?attachauth%3danoy7cpj5wuo1cfdmu_ircfimwo7orikrcznyggcfhtsrf0wvuyc5hq_flzmarltxvk58yh_dwadc8fhww-6chqlaj-6kqq10nnwr4ls8fzivjv723lh58odkkkmwsrkvjaa9wzivmawedeoneeblovs9hmzyp5nmdy95y9x5dhxc8erpw8bkuyxvu-etkx-wnbfc6i5 <span>...471 symbols skipped</span>
HTTP/1.1 301 Moved Permanently
Cache-Control: private, max-age=0
Connection: close
Date: Tue, 23 Sep 2014 16:12:36 GMT
Location: /a/cpanel/universallogin?service=jotspot&passive=1209600&continue=https%3A%2F%2F16a4b2f4-a-62cb3a1a-s-sites.googlegroups.com%2Fsite%2Famatullah83%2Fjs-indahnyaberbagi%2Fbintang.hijau.js%3Fattachauth%3Danoy7cpj5wuo1cfdmu_ircfimwo7orikrcznyggcfhtsrf0wvuyc5hq_flzmarltxvk58yh_dwadc8fhww-6chqlaj-6kqq10nnwr4ls8fzivjv723lh58odkkkmwsrkvjaa9wzivmawedeoneeblovs9hmzyp5nmdy95y9x5dhxc8erpw8bkuyxvu-etkx-wnbfc6i5fcyrgtwimly8tyjhzhad1fupmxfs-vkpcp33yanfxwcngio%253d%26attredirects%3D0&followup=https%3A%2F%2F16a4b2f4-a-62cb3a1a-s-sites.googlegroups.com%2Fsite%2Famatullah83%2Fjs-indahnyaberbagi%2Fbintang.hijau.js%3Fattachauth%3Danoy7cpj5wuo1cfdmu_ircfimwo7orikrcznyggcfhtsrf0wvuyc5hq_flzmarltxvk58yh_dwadc8fhww-6chqlaj-6kqq10nnwr4ls8fzivjv723lh58odkkkmwsrkvjaa9wzivmawedeoneeblovs9hmzyp5nmdy95y9x5dhxc8erpw8bkuyxvu-etkx-wnbfc6i5fcyrgtwimly8tyjhzhad1fupmxfs-vkpcp33yanfxwcngio%253d%26attredirects%3D0
Server: GSE
Content-Length: 1082
Content-Type: text/html; charset=UTF-8
Expires: Tue, 23 Sep 2014 16:12:36 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
clean
https://www.google.com/a/cpanel/universallogin?service=jotspot&passive=1209600&continue=https%3a%2f%2f16a4b2f4-a-62cb3a1a-s-sites.googlegroups.com%2fsite%2famatullah83%2fjs-indahnyaberbagi%2fbintang.hijau.js%3fattachauth%3danoy7cpj5wuo1cfdmu_ircfimwo7orikrcznyggcfhtsrf0wvuyc5hq_flzmarltxvk58yh_dwadc8fhww-6chqlaj-6kqq10nnwr4ls8fzivjv723lh58odkkkmwsrkvjaa9wzivmawedeoneeblovs9hmzyp5nmdy95y9x5dhxc8erp <span>...510 symbols skipped</span>
404 Not Found
Content-Length: 141
Content-Type: text/html
clean
http://www.google.com/test404page.js
404 Not Found
Content-Length: 1439
Content-Type: text/html
clean
http://www.google.com//www.google.com/
404 Not Found
Content-Length: 1440
Content-Type: text/html
clean
http://hbhost.googlecode.com/files/snow.js
404 Not Found
Content-Length: 1438
Content-Type: text/html
clean
http://hbhost.googlecode.com//www.google.com/
404 Not Found
Content-Length: 1425
Content-Type: text/html
clean
http://thegrandparentplace.com//www.google.com/
404 Not Found
Content-Length: 530
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: thegrandparentplace.com

Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Tue, 23 Sep 2014 16:12:33 GMT
Pragma: no-cache
Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/0.9.8e-fips-rhel5 DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 105d8da8714d9f6e20fa3b4d2292eb8a=deebc30769fd642c50c06121c4fdb8b7; path=/
X-Powered-By: PHP/5.3.10
Second query (visit from search engine):
GET / HTTP/1.1
Host: thegrandparentplace.com
Referer: http://www.google.com/search?q=thegrandparentplace.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=thegrandparentplace.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://thegrandparentplace.com/

Result: thegrandparentplace.com is not infected or malware details are not published yet.