New scan:

Malware Scanner report for huyhm.com

Malicious/Suspicious/Total urls checked
4/0/19
4 pages have malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
Found
Probably the website is defaced. The following signature was found:

HACKED BY GIDEONSNAZZY DA NET_TERROR  (54 websites defaced)

See details below

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://huyhm.com/
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 17 Apr 2015 07:29:21 GMT
Location: http://www.huyhm.com/
Server: Apache
Content-Length: 229
Content-Type: text/html; charset=iso-8859-1
clean
http://www.huyhm.com/
200 OK
Content-Length: 2018
Content-Type: text/html
suspicious
Deface/Content modification. The following signature was found: HACKED BY GIDEONSNAZZY DA NET_TERROR

<html>
<head>
<title>HACKED BY GIDEONSNAZZY DA NET_TERROR</title>
</head>
<body bgcolor="black">
<center><font color="red" face="Segoe UI"><b><h1> H4ck3d By ***N3t_T3rr0r***<br>ADMINS PLEASE 4GIVE ME.....NO FILE WAS COMPROMISED</center><font></b></h1>
<center><img src="http://3.bp.blogspot.com/-PlP3Qe7iX1c/US4rMjJG_2I/AAAAAAAAAHY/wTHNzUyx26c/s320/Website+Hacking.jpg"></center&
...[2046 bytes skipped]...


http://stats.hosting24.com/count.php
200 OK
Content-Length: 1251
Content-Type: application/javascript
clean
http://huyhm.com/test404page.js
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 17 Apr 2015 07:29:23 GMT
Location: http://www.huyhm.com/test404page.js
Server: Apache
Content-Length: 243
Content-Type: text/html; charset=iso-8859-1
clean
http://www.huyhm.com/test404page.js
HTTP/1.1 302 Found
Connection: close
Date: Fri, 17 Apr 2015 07:29:24 GMT
Location: http://www.godaddy.com/error.php
Server: Apache
Content-Length: 216
Content-Type: text/html; charset=iso-8859-1
clean
http://www.godaddy.com/error.php
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Date: Fri, 17 Apr 2015 07:29:24 GMT
Pragma: no-cache
Location: https://www.godaddy.com/error.php
Server: Microsoft-IIS/7.5
Content-Length: 150
Expires: 0
P3P: policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR OUR IND"
clean
https://www.godaddy.com/error.php
404 Not Found
Content-Length: 201734
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var _gaDataLayer = _gaDataLayer || [];
_gaDataLayer.push({ 'shopperId': '' });
_gaDataLayer.push({ 'privateLabelId': '1' });
_gaDataLayer.push({ 'isc': '' });
_gaDataLayer.push({ 'server': 'M1PWCORPWEB138' });
_gaDataLayer.push({ 'segmentId': '0' });
var _gaq = _gaq || [];
_gaq.push(['_setDomainName', 'godaddy.com']);

Antivirus reports:

Emsisoft
Win32.Parite.B (B)

https://www.godaddy.com//img1.wsimg.com/ux/1.3.1-brand/js/uxcore.en.min.js/
404 Not Found
Content-Length: 205230
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var _gaDataLayer = _gaDataLayer || [];
_gaDataLayer.push({ 'shopperId': '' });
_gaDataLayer.push({ 'privateLabelId': '1' });
_gaDataLayer.push({ 'isc': '' });
_gaDataLayer.push({ 'server': 'M1PWCORPWEB136' });
_gaDataLayer.push({ 'segmentId': '0' });
var _gaq = _gaq || [];
_gaq.push(['_setDomainName', 'godaddy.com']);

Antivirus reports:

Emsisoft
Win32.Parite.B (B)

https://www.godaddy.com//img1.wsimg.com/ux/eldorado/1.4.10/js/salesheader.min.js/
404 Not Found
Content-Length: 205742
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var _gaDataLayer = _gaDataLayer || [];
_gaDataLayer.push({ 'shopperId': '' });
_gaDataLayer.push({ 'privateLabelId': '1' });
_gaDataLayer.push({ 'isc': '' });
_gaDataLayer.push({ 'server': 'M1PWCORPWEB138' });
_gaDataLayer.push({ 'segmentId': '0' });
var _gaq = _gaq || [];
_gaq.push(['_setDomainName', 'godaddy.com']);

Antivirus reports:

Emsisoft
Win32.Parite.B (B)

https://img1.wsimg.com/fos/hp/rebrand/js/bigtext.min.js
200 OK
Content-Length: 4163
Content-Type: application/x-javascript
clean
https://img1.wsimg.com/starfield/fos.share/v1.3/fos.share-20140505.min.js
200 OK
Content-Length: 17878
Content-Type: application/x-javascript
clean
https://www.godaddy.com/es
200 OK
Content-Length: 116507
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var _gaDataLayer = _gaDataLayer || [];
_gaDataLayer.push({ 'shopperId': '' });
_gaDataLayer.push({ 'privateLabelId': '1' });
_gaDataLayer.push({ 'isc': '' });
_gaDataLayer.push({ 'server': 'M1PWCORPWEB136' });
_gaDataLayer.push({ 'segmentId': '0' });
var _gaq = _gaq || [];
_gaq.push(['_setDomainName', 'godaddy.com']);

Antivirus reports:

Emsisoft
Win32.Parite.B (B)

https://img1.wsimg.com/shared/js/1.8.0/global.20120918.min.js
200 OK
Content-Length: 92807
Content-Type: application/x-javascript
clean
https://img1.wsimg.com//pc/js/1/gd_cds_2014v1_js_20150121.min.js/
404 Not Found
Content-Length: 1245
Content-Type: text/html
clean
http://img1.wsimg.com/test404page.js
404 Not Found
Content-Length: 1245
Content-Type: text/html
clean
https://img1.wsimg.com/fos/script/sales17.min.js
200 OK
Content-Length: 18367
Content-Type: application/x-javascript
clean
https://img1.wsimg.com/fos/hp/rebrand/js/homepage_script_20140410.min.js
200 OK
Content-Length: 9477
Content-Type: application/x-javascript
clean
https://img1.wsimg.com/fos/script/atlantis_jquery14.min.js
200 OK
Content-Length: 57553
Content-Type: application/x-javascript
clean
https://img1.wsimg.com/shared/js/jquery.plugins.min.20111019.js
200 OK
Content-Length: 41309
Content-Type: application/x-javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: huyhm.com

Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 17 Apr 2015 07:29:21 GMT
Location: http://www.huyhm.com/
Server: Apache
Content-Length: 229
Content-Type: text/html; charset=iso-8859-1

...229 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: huyhm.com
Referer: http://www.google.com/search?q=huyhm.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=huyhm.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://huyhm.com/

Result: huyhm.com is not infected or malware details are not published yet.