New scan:

Malware Scanner report for getreadyvalencia.com

Malicious/Suspicious/Total urls checked
0/2/2
2 pages have suspicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
Found
Probably the website is defaced. The following signature was found:

Hacked By H3X KH4N  (78 websites defaced)

See details below

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://getreadyvalencia.com/
200 OK
Content-Length: 15286
Content-Type: text/html
suspicious
Suspicious code. Script contains iFrame.

<!-- Fuck You Mother Fucker -->
<!--
document.write(unescape('%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%74%69%74%6C%65%3E%48%61%63%6B%65%64%20%42%79%20%48%33%58%20%4B%48%34%4E%3C%2F%74%69%74%6C%65%3E%0A%0A%3C%6C%69%6E%6B%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%73%31%2E%64%69%72%65%63%74%75%70%6C%6F%61%64%2E%6E%65%74%2F%69%6D%61%67%65%73%2F%31%33%30%38%33%31%2F%32%78%6C%77%6E%6F%38%6D%2E%70%6E%67%22%20%72%65%6C%3D%22%69%63%6F%
...[3565 bytes skipped]...

Decoded script:

...[3425 bytes skipped]...
99;position:fixed;right:-250px;top:40%;}.facebookbox div{border:none;position:relative;display:block;}.facebookbox span{bottom:12px;font:8px"lucida grande",tahoma,verdana,arial,sans-serif;position:absolute;right:6px;text-align:right;z-index:99999;}.facebookbox span a{color:#808080;text-decoration:none;}.facebookbox span a:hover{text-decoration:underline;}</style></head><body bgcolor="Black"><div class="facebookbox"><iframe scrolling="no" frameborder="0" style="border: medium none; overflow: hidden; height: 270px; width: 245px;background:#fff;" src="http://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/803204749768691&colorscheme=light&show_faces=true&connections=9&stream=false&header=false&height=270"></iframe></div>
<embed src="http://www.youtube.com/v/RZB22Z7dNJM&autoplay=1" type="application/x-shockwave-flash" wmode="transparent" wi
...[1274 bytes skipped]...

Deface/Content modification. The following signature was found: Hacked By H3X KH4N


<html>
<head>
<title>Hacked By H3X KH4N</title>
<meta content="H3X KH4N Was Here" name="description"/>
<meta content="H3X KH4N" name="keywords"/>
<meta content="Cyb3r Gangst3r J i H" name="Abstract"/>
</head>
<Script Language='Javascript'>
<!-- Fuck You Mother Fucker -->
<!--
document.write(unescape('%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%74%69%74%6C%65%3E%48%61%63%6B%65%64%20%42%79%
...[14915 bytes skipped]...


http://getreadyvalencia.com/test404page.js
200 OK
Content-Length: 15286
Content-Type: text/html
suspicious
Suspicious code. Script contains iFrame.

<!-- Fuck You Mother Fucker -->
<!--
document.write(unescape('%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%74%69%74%6C%65%3E%48%61%63%6B%65%64%20%42%79%20%48%33%58%20%4B%48%34%4E%3C%2F%74%69%74%6C%65%3E%0A%0A%3C%6C%69%6E%6B%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%73%31%2E%64%69%72%65%63%74%75%70%6C%6F%61%64%2E%6E%65%74%2F%69%6D%61%67%65%73%2F%31%33%30%38%33%31%2F%32%78%6C%77%6E%6F%38%6D%2E%70%6E%67%22%20%72%65%6C%3D%22%69%63%6F%
...[3565 bytes skipped]...

Decoded script:

...[3425 bytes skipped]...
99;position:fixed;right:-250px;top:40%;}.facebookbox div{border:none;position:relative;display:block;}.facebookbox span{bottom:12px;font:8px"lucida grande",tahoma,verdana,arial,sans-serif;position:absolute;right:6px;text-align:right;z-index:99999;}.facebookbox span a{color:#808080;text-decoration:none;}.facebookbox span a:hover{text-decoration:underline;}</style></head><body bgcolor="Black"><div class="facebookbox"><iframe scrolling="no" frameborder="0" style="border: medium none; overflow: hidden; height: 270px; width: 245px;background:#fff;" src="http://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/803204749768691&colorscheme=light&show_faces=true&connections=9&stream=false&header=false&height=270"></iframe></div>
<embed src="http://www.youtube.com/v/RZB22Z7dNJM&autoplay=1" type="application/x-shockwave-flash" wmode="transparent" wi
...[1274 bytes skipped]...


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: getreadyvalencia.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 08 Dec 2015 03:15:29 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 15286
Content-Type: text/html
Last-Modified: Wed, 24 Jun 2015 19:02:15 GMT

...15286 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: getreadyvalencia.com
Referer: http://www.google.com/search?q=getreadyvalencia.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=getreadyvalencia.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://getreadyvalencia.com/

Result: getreadyvalencia.com is not infected or malware details are not published yet.