New scan:

Malware Scanner report for daytonaautohi.com

Malicious/Suspicious/Total urls checked
1/0/15
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
Found
Probably the website is defaced. The following signature was found:

Hacked By Brwa-yk  (5 websites defaced)

See details below

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://daytonaautohi.com/
200 OK
Content-Length: 14342
Content-Type: text/html
suspicious
Deface/Content modification. The following signature was found: Hacked By Brwa-yk

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<meta name='keywords' http-equiv='content-type' content='Hacked By Brwa-yk' />
<meta name='description' http-equiv='content-type' content='Hacked By Brwa-yk' />
<title>Hacked By Brwa-yk</title>
<link href="css/style.css" rel="stylesheet" type="text/css" />
<link href="public/css.css" rel="stylesheet" type="text/css" />
</head>
<body topmargin="0" bottommargin="0">
<div id="main" style="margin-top:-15px;">
<div id="apDi
...[17347 bytes skipped]...


http://www.statcounter.com/counter/counter.js
200 OK
Content-Length: 21400
Content-Type: application/x-javascript
clean
http://daytonaautohi.com/index.php
200 OK
Content-Length: 14342
Content-Type: text/html
clean
http://daytonaautohi.com/car.php
200 OK
Content-Length: 29049
Content-Type: text/html
clean
http://daytonaautohi.com/about.php?action=hr
200 OK
Content-Length: 5694
Content-Type: text/html
clean
http://daytonaautohi.com/about.php?action=contact
200 OK
Content-Length: 3998
Content-Type: text/html
clean
http://daytonaautohi.com/staff.php
200 OK
Content-Length: 5663
Content-Type: text/html
clean
http://daytonaautohi.com/service.php
200 OK
Content-Length: 10199
Content-Type: text/html
clean
http://daytonaautohi.com/loan.php
200 OK
Content-Length: 7533
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

<!--
function CarLoanCalculator()
{
form = document.myform
LoanAmount= form.LoanAmount.value

DownPayment= "0"
AnnualInterestRate = form.InterestRate.value/100
Years= form.NumberOfYears.value
MonthRate=AnnualInterestRate/12
NumPayments=Years*12
Prin=LoanAmount-DownPayment

MonthPayment=Math.floor((Prin*MonthRate)/(1-Math.pow((1+MonthRate),(-1*NumPayments)))*100)/100
form.MonthlyPayment.value=MonthPayment
}

Antivirus reports:

Emsisoft
Win32.Worm.Downadup.Gen (B)

http://daytonaautohi.com/about.php?action=server
200 OK
Content-Length: 9262
Content-Type: text/html
clean
http://daytonaautohi.com/test404page.js
404 Not Found
Content-Length: 2693
Content-Type: text/html
clean
http://daytonaautohi.com/car.php?leibie=34
200 OK
Content-Length: 6429
Content-Type: text/html
clean
http://daytonaautohi.com/car_show.php?id=248
200 OK
Content-Length: 9131
Content-Type: text/html
clean
http://daytonaautohi.com/Photos.php?id=248
200 OK
Content-Length: 3661
Content-Type: text/html
clean
http://daytonaautohi.com/js/FancyZoom.js
200 OK
Content-Length: 23027
Content-Type: application/javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: daytonaautohi.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 20 Jul 2015 14:47:18 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: daytonaautohi.com
Referer: http://www.google.com/search?q=daytonaautohi.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=daytonaautohi.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://daytonaautohi.com/

Result: daytonaautohi.com is not infected or malware details are not published yet.