New scan:

Malware Scanner report for cafebalsamar.com

Malicious/Suspicious/Total urls checked
0/0/10
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
Found
Probably the website is defaced. The following signature was found:

Hacked By D3C0D3D D3M0N  (33 websites defaced)

See details below

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://cafebalsamar.com/
200 OK
Content-Length: 14184
Content-Type: text/html
suspicious
Deface/Content modification. The following signature was found: Hacked By D3C0D3D D3M0N

<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<link
href="http://i.imgur.com/kjda9Iz.jpg" rel="icon">
<title>Hacked By D3C0D3D D3M0N</title>
<meta name="Generator" content="Hacked By D3C0D3D D3M0N">
<meta name="Author" content="Hacked By D3C0D3D D3M0N">
<meta name="Keywords" content="D3C0D3D D3M0N">
<meta name="Description" content="D3C0D3D D3M0N">
<link rel="SHORTCUT ICON" href="http://i.imgur.com/MBLiHL0.jpg">
<SCRIPT language='JavaScript'>alert("Hacked By D3C0D3D D3M0N") ;</SCRIPT
...[15711 bytes skipped]...


http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
200 OK
Content-Length: 72174
Content-Type: text/javascript
clean
http://jqueryrotate.googlecode.com/svn/trunk/jQueryRotate.js
401 Authorization Required
Content-Length: 401
Content-Type: text/html
clean
http://jqueryrotate.googlecode.com/test404page.js
404 Not Found
Content-Length: 1575
Content-Type: text/html
clean
http://jqueryrotate.googlecode.com//www.google.com/
404 Not Found
Content-Length: 1561
Content-Type: text/html
clean
http://www.zigu.wen.ru/js/rotate3D.js
404 Not Found
Content-Length: 1556
Content-Type: text/html
clean
http://js.buzzcity.net/bcads.js
200 OK
Content-Length: 14685
Content-Type: application/x-javascript
clean
http://otowebsite.googlecode.com/files/Getar.js.txt
200 OK
Content-Length: 739
Content-Type: text/plain
clean
http://goo.gl/ijGD6
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: close
Date: Mon, 12 Oct 2015 19:00:30 GMT
Pragma: no-cache
Accept-Ranges: none
Location: http://peterjepimarsblog.googlecode.com/files/mousegetar.js
Server: GSE
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
clean
http://peterjepimarsblog.googlecode.com/files/mousegetar.js
200 OK
Content-Length: 6974
Content-Type: text/plain
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: cafebalsamar.com

Result:
HTTP/1.1 200 OK
Date: Mon, 12 Oct 2015 19:00:25 GMT
Accept-Ranges: bytes
ETag: "ff5384e9364bd01:0"
Server: Microsoft-IIS/7.5
Content-Length: 14184
Content-Type: text/html
Last-Modified: Wed, 18 Feb 2015 04:54:01 GMT
X-Powered-By: ASP.NET

...14184 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: cafebalsamar.com
Referer: http://www.google.com/search?q=cafebalsamar.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=cafebalsamar.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://cafebalsamar.com/

Result: cafebalsamar.com is not infected or malware details are not published yet.