Malware Scanner report for birmingham365.org

Malicious/Suspicious/Total urls checked: 4/0/32

4 pages have malicious code. See details below

Blacklists: OK

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/9

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Scanned pages/files

Request	Server response	Status
http://birmingham365.org/	HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 10 May 2014 22:13:46 GMT Location: http://www.birmingham365.org/ Server: Apache/2 Vary: Accept-Encoding Content-Length: 237 Content-Type: text/html; charset=iso-8859-1	clean
http://www.birmingham365.org/	200 OK Content-Length: 72592 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) document.write("<a href='/search/results/keyword/1/events/date/up/none/none/none/" + day0 +"/" + day7 +"/none/none/none/none'>7</a>"); document.write("<a href='/search/results/keyword/1/events/date/up/none/none/none/" + day0 +"/" + day14 +"/none/none/none/none'>14</a>"); document.write("<a href='/search/results/keyword/1/events/date/up/none/none/none/" + day0 +"/" + day30 +"/none/none/none/none'>30</a>"); Antivirus reports: Kaspersky HEUR:Trojan.Script.Generic Microsoft Trojan:JS/IframeRef.J
http://www.birmingham365.org/js/jquery-1.7.1.min.js	200 OK Content-Length: 93868 Content-Type: application/javascript	clean
http://birmingham365.org/js/jquery-ui-1.8.18.custom.min.js	HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 10 May 2014 22:13:51 GMT Location: http://www.birmingham365.org/js/jquery-ui-1.8.18.custom.min.js Server: Apache/2 Vary: Accept-Encoding Content-Length: 270 Content-Type: text/html; charset=iso-8859-1	clean
http://www.birmingham365.org/js/jquery-ui-1.8.18.custom.min.js	200 OK Content-Length: 103600 Content-Type: application/javascript	clean
http://birmingham365.org/js/scripts.js	HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 10 May 2014 22:13:53 GMT Location: http://www.birmingham365.org/js/scripts.js Server: Apache/2 Vary: Accept-Encoding Content-Length: 250 Content-Type: text/html; charset=iso-8859-1	clean
http://www.birmingham365.org/js/scripts.js	200 OK Content-Length: 17576 Content-Type: application/javascript	clean
http://birmingham365.org/js/common.js	HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 10 May 2014 22:13:54 GMT Location: http://www.birmingham365.org/js/common.js Server: Apache/2 Vary: Accept-Encoding Content-Length: 249 Content-Type: text/html; charset=iso-8859-1	clean
http://www.birmingham365.org/js/common.js	200 OK Content-Length: 22222 Content-Type: application/javascript	clean
http://birmingham365.org/js/fancybox/fancybox/jquery.fancybox-1.3.4.pack.js	HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 10 May 2014 22:13:55 GMT Location: http://www.birmingham365.org/js/fancybox/fancybox/jquery.fancybox-1.3.4.pack.js Server: Apache/2 Vary: Accept-Encoding Content-Length: 287 Content-Type: text/html; charset=iso-8859-1	clean
http://www.birmingham365.org/js/fancybox/fancybox/jquery.fancybox-1.3.4.pack.js	200 OK Content-Length: 15624 Content-Type: application/javascript	clean
http://birmingham365.org/site/spotlight_box/spotlight.js	HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 10 May 2014 22:13:56 GMT Location: http://www.birmingham365.org/site/spotlight_box/spotlight.js Server: Apache/2 Vary: Accept-Encoding Content-Length: 268 Content-Type: text/html; charset=iso-8859-1	clean
http://www.birmingham365.org/site/spotlight_box/spotlight.js	200 OK Content-Length: 13088 Content-Type: application/javascript	clean
http://birmingham365.org/js/jquery.semantictabs.js	HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 10 May 2014 22:13:57 GMT Location: http://www.birmingham365.org/js/jquery.semantictabs.js Server: Apache/2 Vary: Accept-Encoding Content-Length: 262 Content-Type: text/html; charset=iso-8859-1	clean
http://www.birmingham365.org/js/jquery.semantictabs.js	200 OK Content-Length: 3458 Content-Type: application/javascript	clean
http://birmingham365.org/js/jquery.qtip.min.js	HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 10 May 2014 22:13:58 GMT Location: http://www.birmingham365.org/js/jquery.qtip.min.js Server: Apache/2 Vary: Accept-Encoding Content-Length: 258 Content-Type: text/html; charset=iso-8859-1 X-Pad: avoid browser bug	clean
http://www.birmingham365.org/js/jquery.qtip.min.js	200 OK Content-Length: 40069 Content-Type: application/javascript	clean
http://birmingham365.org/js/jquery.corner.src.js	HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 10 May 2014 22:14:00 GMT Location: http://www.birmingham365.org/js/jquery.corner.src.js Server: Apache/2 Vary: Accept-Encoding Content-Length: 260 Content-Type: text/html; charset=iso-8859-1	clean
http://www.birmingham365.org/js/jquery.corner.src.js	200 OK Content-Length: 40833 Content-Type: application/javascript	clean
http://birmingham365.org/js/roundedno.js	HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 10 May 2014 22:14:01 GMT Location: http://www.birmingham365.org/js/roundedno.js Server: Apache/2 Vary: Accept-Encoding Content-Length: 252 Content-Type: text/html; charset=iso-8859-1	clean
http://www.birmingham365.org/js/roundedno.js	200 OK Content-Length: 21 Content-Type: application/javascript	clean
http://birmingham365.org/user/login	HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 10 May 2014 22:14:02 GMT Location: http://www.birmingham365.org/user/login Server: Apache/2 Vary: Accept-Encoding Content-Length: 247 Content-Type: text/html; charset=iso-8859-1	clean
http://www.birmingham365.org/user/login	200 OK Content-Length: 61047 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) document.write("<a href='/search/results/keyword/1/events/date/up/none/none/none/" + day0 +"/" + day7 +"/none/none/none/none'>7</a>"); document.write("<a href='/search/results/keyword/1/events/date/up/none/none/none/" + day0 +"/" + day14 +"/none/none/none/none'>14</a>"); document.write("<a href='/search/results/keyword/1/events/date/up/none/none/none/" + day0 +"/" + day30 +"/none/none/none/none'>30</a>"); Antivirus reports: Kaspersky HEUR:Trojan.Script.Generic Microsoft Trojan:JS/IframeRef.J
http://platform.twitter.com/widgets.js	200 OK Content-Length: 98240 Content-Type: application/javascript	clean
http://birmingham365.org//connect.facebook.net/en_US/all.js/	HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 10 May 2014 22:14:04 GMT Location: http://www.birmingham365.org/connect.facebook.net/en_US/all.js/ Server: Apache/2 Vary: Accept-Encoding Content-Length: 271 Content-Type: text/html; charset=iso-8859-1	clean
http://www.birmingham365.org/connect.facebook.net/en_us/all.js/	HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 10 May 2014 22:14:05 GMT Location: http://www.birmingham365.org/ Server: Apache/2 Vary: Accept-Encoding Content-Length: 116 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.3.3-7+squeeze14	clean
http://www.birmingham365.org/test404page.js	HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 10 May 2014 22:14:05 GMT Location: http://www.birmingham365.org/ Server: Apache/2 Vary: Accept-Encoding Content-Length: 116 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.3.3-7+squeeze14	clean
http://birmingham365.org/index.php/user/login	HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 10 May 2014 22:14:06 GMT Location: http://www.birmingham365.org/index.php/user/login Server: Apache/2 Vary: Accept-Encoding Content-Length: 257 Content-Type: text/html; charset=iso-8859-1 X-Pad: avoid browser bug	clean
http://www.birmingham365.org/index.php/user/login	200 OK Content-Length: 61059 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) document.write("<a href='/search/results/keyword/1/events/date/up/none/none/none/" + day0 +"/" + day7 +"/none/none/none/none'>7</a>"); document.write("<a href='/search/results/keyword/1/events/date/up/none/none/none/" + day0 +"/" + day14 +"/none/none/none/none'>14</a>"); document.write("<a href='/search/results/keyword/1/events/date/up/none/none/none/" + day0 +"/" + day30 +"/none/none/none/none'>30</a>"); Antivirus reports: Kaspersky HEUR:Trojan.Script.Generic Microsoft Trojan:JS/IframeRef.J
http://www.birmingham365.org//connect.facebook.net/en_US/all.js/	HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 10 May 2014 22:14:08 GMT Location: http://www.birmingham365.org/ Server: Apache/2 Vary: Accept-Encoding Content-Length: 116 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.3.3-7+squeeze14	clean
http://birmingham365.org/categories/index/9/1365/PLACES_MUSEUMS_+_ATTRACTIONS	HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 10 May 2014 22:14:08 GMT Location: http://www.birmingham365.org/categories/index/9/1365/PLACES_MUSEUMS_+_ATTRACTIONS Server: Apache/2 Vary: Accept-Encoding Content-Length: 289 Content-Type: text/html; charset=iso-8859-1	clean
http://www.birmingham365.org/categories/index/9/1365/places_museums_+_attractions	200 OK Content-Length: 208673 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) document.write("<a href='/search/results/keyword/1/events/date/up/none/none/none/" + day0 +"/" + day7 +"/none/none/none/none'>7</a>"); document.write("<a href='/search/results/keyword/1/events/date/up/none/none/none/" + day0 +"/" + day14 +"/none/none/none/none'>14</a>"); document.write("<a href='/search/results/keyword/1/events/date/up/none/none/none/" + day0 +"/" + day30 +"/none/none/none/none'>30</a>"); Antivirus reports: Kaspersky HEUR:Trojan.Script.Generic Microsoft Trojan:JS/IframeRef.J

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: birmingham365.org

Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 10 May 2014 22:13:46 GMT
Location: http://www.birmingham365.org/
Server: Apache/2
Vary: Accept-Encoding
Content-Length: 237
Content-Type: text/html; charset=iso-8859-1

...237 bytes of data.

Second query (visit from search engine):
GET / HTTP/1.1
Host: birmingham365.org
Referer: http://www.google.com/search?q=birmingham365.org

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=birmingham365.org

Result: This site is not currently listed as suspicious.

Query: http://yandex.com/infected?l10n=en&url=http://birmingham365.org/

Result: birmingham365.org is not infected or malware details are not published yet.

Recently found suspicious websites

Malware Scanner report for birmingham365.org

Malware & Hack Repair

Website Hack Insurance

Scanned pages/files

Malicious Redirects

Safe Browsing / Blacklists

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools