Scanned pages/files
| Request | Server response | Status |
http://vanillalife.com/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Date: Sun, 08 Mar 2015 22:39:10 GMT Pragma: no-cache Location: http://www.vanillalife.com/ Server: Microsoft-IIS/7.5 Content-Length: 150 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Refresh: 0;url=http://www.vanillalife.com/ Set-Cookie: PHPSESSID=9gc5tihn556hvn3778d82b2ni6; path=/ X-Lois-Hosting: halcyon X-Pingback: http://www.vanillalife.com/xmlrpc.php X-Powered-By: PHP/5.5.14 X-Powered-By: ASP.NET | clean |
http://www.vanillalife.com/ | 200 OK Content-Length: 78536 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked by Islamic State ...[4838 bytes skipped]... title"); jQuery(this).attr('title',title); }) } // Supported file extensions var thumbnails = jQuery("a:has(img)").not(".nolightbox").filter( function() { return /\.(jpe?g|png|gif|bmp)$/i.test(jQuery(this).attr('href')) }); jQuery("a.fancybox").fancybox({ 'cyclic': false, 'autoScale': false, 'padding': </script><script>document.title = "Hacked by Islamic State";</script><html><head><style>body{background-color: black; color: transparent}</style></head><body><center><h1 style="color: red">Hacked by Islamic State</h1><img src="data:image/jpeg;base64,iVBORw0KGgoAAAANSUhEUgAAAkQAAAFFCAYAAAANVPJiAAAgAElEQVR4nOydeZwUxfn/Pz3Xzt677L3LwsJy34dBUBQRPAAVETFi1GC8Qcnvi+IRLxJjNPEiEr/eRmJExUSTeEWjSFQSEL4qKpfLci2wCCyw9+5c9fuD1KSmpqqnZ3ZhZp3n/XrVq2f6qHqqu7rq009VVxsAGAiCIAiCIJIYW7wN ...[75450 bytes skipped]... | ||
http://www.vanillalife.com/wp-includes/js/jquery/jquery.js?ver=1.11.1 | 200 OK Content-Length: 95807 Content-Type: application/x-javascript | clean |
http://www.vanillalife.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/x-javascript | clean |
http://www.vanillalife.com/wp-content/plugins/fancybox-for-wordpress/fancybox/jquery.fancybox.js?ver=1.3.4 | 200 OK Content-Length: 15667 Content-Type: application/x-javascript | clean |
http://www.vanillalife.com/wp-content/themes/thematiclois/library/scripts/superfish.js?ver=4.1 | 200 OK Content-Length: 2566 Content-Type: application/x-javascript | clean |
http://www.vanillalife.com/wp-content/themes/thematiclois/library/scripts/supersubs.js?ver=4.1 | 200 OK Content-Length: 893 Content-Type: application/x-javascript | clean |
http://www.vanillalife.com/wp-content/themes/thematiclois/js/menus.js?ver=4.1 | 200 OK Content-Length: 1263 Content-Type: application/x-javascript | clean |
http://www.vanillalife.com/wp-content/themes/vanillalife/vanilla.js | 200 OK Content-Length: 19598 Content-Type: application/x-javascript | clean |
http://www.vanillalife.com/wp-content/themes/thematiclois/js/useful.js | 200 OK Content-Length: 7933 Content-Type: application/x-javascript | clean |
http://www.vanillalife.com/wp-content/themes/thematiclois/js/lois.js | 200 OK Content-Length: 6636 Content-Type: application/x-javascript | clean |
http://www.vanillalife.com/wp-includes/js/comment-reply.min.js?ver=4.1 | 200 OK Content-Length: 757 Content-Type: application/x-javascript | clean |
http://www.vanillalife.com/wp-includes/js/hoverIntent.min.js?ver=r7 | 200 OK Content-Length: 1116 Content-Type: application/x-javascript | clean |
http://vanillalife.com/Clothing | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Date: Sun, 08 Mar 2015 22:39:15 GMT Pragma: no-cache Location: http://www.vanillalife.com/Clothing/ Server: Microsoft-IIS/7.5 Content-Length: 159 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Refresh: 0;url=http://www.vanillalife.com/Clothing/ Set-Cookie: PHPSESSID=urk1d5v9lt9eqf2c9o7r9kc8c3; path=/ X-Lois-Hosting: halcyon X-Pingback: http://www.vanillalife.com/xmlrpc.php X-Powered-By: PHP/5.5.14 X-Powered-By: ASP.NET | clean |
http://www.vanillalife.com/clothing/ | 200 OK Content-Length: 79934 Content-Type: text/html | clean |
http://www.vanillalife.com/login/ | 200 OK Content-Length: 96202 Content-Type: text/html | clean |
http://www.vanillalife.com/designers | HTTP/1.1 301 Moved Permanently Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Date: Sun, 08 Mar 2015 22:39:17 GMT Pragma: no-cache Location: http://www.vanillalife.com/designers/ Server: Microsoft-IIS/7.5 Content-Length: 160 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Refresh: 0;url=http://www.vanillalife.com/designers/ Set-Cookie: PHPSESSID=om4495vsqift2orst3lqmpgi26; path=/ X-Lois-Hosting: halcyon X-Pingback: http://www.vanillalife.com/xmlrpc.php X-Powered-By: PHP/5.5.14 X-Powered-By: ASP.NET | clean |
http://www.vanillalife.com/designers/ | 200 OK Content-Length: 76622 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: vanillalife.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Sun, 08 Mar 2015 22:39:10 GMT
Pragma: no-cache
Location: http://www.vanillalife.com/
Server: Microsoft-IIS/7.5
Content-Length: 150
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Refresh: 0;url=http://www.vanillalife.com/
Set-Cookie: PHPSESSID=9gc5tihn556hvn3778d82b2ni6; path=/
X-Lois-Hosting: halcyon
X-Pingback: http://www.vanillalife.com/xmlrpc.php
X-Powered-By: PHP/5.5.14
X-Powered-By: ASP.NET
...150 bytes of data.
GET / HTTP/1.1
Host: vanillalife.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Sun, 08 Mar 2015 22:39:10 GMT
Pragma: no-cache
Location: http://www.vanillalife.com/
Server: Microsoft-IIS/7.5
Content-Length: 150
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Refresh: 0;url=http://www.vanillalife.com/
Set-Cookie: PHPSESSID=9gc5tihn556hvn3778d82b2ni6; path=/
X-Lois-Hosting: halcyon
X-Pingback: http://www.vanillalife.com/xmlrpc.php
X-Powered-By: PHP/5.5.14
X-Powered-By: ASP.NET
...150 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: vanillalife.com
Referer: http://www.google.com/search?q=vanillalife.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: vanillalife.com
Referer: http://www.google.com/search?q=vanillalife.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=vanillalife.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://vanillalife.com/
Result: vanillalife.com is not infected or malware details are not published yet.
Result: vanillalife.com is not infected or malware details are not published yet.