Flagged: Up(nil): unknown_html ARIN US arin-contact at google.com 173.194.112.234 to 173.194.70.132 blogspot dot com htxp://indian-real-estate-info.blogspot.com/
Most scanners cannot find a thing: http://urlquery.net/report.php?id=1404741260270 &
http://sitecheck.sucuri.net/results/indian-real-estate-info.blogspot.com/ &
http://zulu.zscaler.com/submission/show/22dedc3c9f9e7691857fdac20fc683f6-1404741561
site is Ghosted.
Probably nothing there

<HTML>
<HEAD>
<TITLE>Moved Temporarily</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000">
<H1>Moved Temporarily</H1>
The document has moved <A HREF="htxp://indian-real-estate-info.blogspot.nl/">here</A>.
</BODY>
</HTML>

See: http://www.webutations.info/go/review/indian-real-estate-info.blogspot.nl
Netcraft risk 7 out of 10:
http://toolbar.netcraft.com/site_report?url=http://indian-real-estate-info.blogspot.nl

pol

SE redirection was cleansed from site: http://killmalware.com/gulfoilspill.com/#
Seems site is still infestedL http://sitecheck.sucuri.net/results/www.gulfoilspill.com/
Website malware: https://www.virustotal.com/nl/url/7982b78503ca221f64dda9b92d0ad218ef26bc502c5f74eafb924229d95f9469/analysis/1404905444/
Server redirect:
Code: 301, http://privacy-your.ru/ghost/index.php
Redirect to external server!
Site vulnerable because of outdated CMS:
Web application version:
WordPress version: WordPress 3.6.1
Wordpress version from source: 3.6.1
Wordpress Version 3.6.1 based on: htxp://www.gulfoilspill.com//wp-admin/js/common.js
WordPress theme: htxp://www.gulfoilspill.com/wp-content/themes/typebased/
Wordpress internal path: /homepages/33/d166452742/htdocs/gos/wp-content/themes/typebased/index.php
WordPress version outdated: Upgrade required.
Outdated WordPress Found: WordPress Under 3.9.1

polonus

Suspicious: http://quttera.com/detailed_report/ilmir2000.pochtamt.ru
See: https://www.virustotal.com/nl/url/0b84c3c5f5d37fc1b9e69250e01187fec99cb834eabc35fc6d9015b5416ca70f/analysis/1405090153/
Detected potentially suspicious initialization of function pointer to JavaScript method document.write __tmpvar66556936 = document.write;
Trojans detected:
Object: htxp://ilmir2000.pochtamt.ru/
SHA1: f2bb1297256c79ddb7d814601bde89d660ee68af
Name: TrojWare.JS.Agent.JN
Found to be malicious: http://zulu.zscaler.com/submission/show/ee13a8a399e56c783797337a1b500532-1405090182
iFrame check:Suspicious

Not detected here: https://www.virustotal.com/nl/url/bb19db8ee759ff8bc5ca64fb8f8c655f4c482bb11458377cb255a813b69aa8a5/analysis/
nor here: http://zulu.zscaler.com/submission/show/6bb9f2ffd2b7687d60a3d015922244f9-1405183788
On Comodo’s this is given: Suspicious code detected:
Object: htxp://platform.linkedin.com/js/nonSecureAnonymousFramework?v=0.0.2000-RC8.36912-1414&
SHA1: 0391fb31b30d026f39ca9a426a917784aa5ff926
Name: Suspicious-WI.
Trojans detected:
Object: htxp://pildesopticalnyc.com/
SHA1: 72b3bf7dd943de9528103820ae8e8a103aa1d9e5
Name: TrojWare.JS.TrojanClicker.FbLiker.A
Server redirect Code: 0, Content cannot be read!
Our recommended scanner has all the details: htxp://sitecheck.sucuri.net/results/pildesopticalnyc.com
Known javascript malware. Details: http://labs.sucuri.net/db/malware/spam-seo-injected13?v3

</div><script type='text/javascript'>if(document.getElementById('HiddenDiv') != null){document.getElementById('HiddenDiv').style.visibility = 'hidden';document.getElementById('HiddenDiv').style.display = 'none';}</script>

→ http://labs.sucuri.net/db/malware/spam-seo-injected13?v3
Also detected here: http://killmalware.com/pildesopticalnyc.com/ 4 malicious pages. avast! detects as AvastJS:Clickjack-AI [Trj],
so we are being protected.
Badness history: http://support.clean-mx.de/clean-mx/viruses.php?sort=firstseen%20desc&review=50.63.221.1

pol