New scan:

Malware Scanner report for isspiss.is

Malicious/Suspicious/Total urls checked
1/0/15
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
Found
Probably the website is defaced. The following signature was found:

-=: Hacked By le4derofh4cklD :=-  (14 websites defaced)

See details below

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://isspiss.is/
200 OK
Content-Length: 61605
Content-Type: text/html
suspicious
Malicious code - confirmed by antiviruses (see below)

window.scrollBy(0,0)
window.resizeTo(0,0)
window.moveTo(0,0)
setTimeout("move()", 1);
var mxm=100000
var mym=100000
var mx=100000
var my=100000
var sv=70
var status=1
var szx=0
var szy=0
var c=25
var n=0
var sm=10
var cycle=2
var done=2
function move()
{
if (status == 1)
{
mxm=mxm/1.01
mym=mym/1.01
mx=mx+mxm
my=my-mym
mxm=mxm+(500-mx)/5
mym=mym-(400-my)/5
window.moveTo(mx,my)
rmxm=Math
... 847 bytes are skipped ...
status=4}
}
}
}
if (status == 6)
{
document.title = "Cljck"
alert("Cljck")
cycle=2
status=4
done=1
}
if (status == 7)
{
c=c+4
document.bgColor=c*65536
document.fgColor=(255-c)*65536
if (c > 128)
{status=8}
}
if (status == 8)
{
window.moveTo(0,0)
sx=screen.availWidth
sy=screen.availHeight
window.resizeTo(sx,sy)
status=9
}
var timer=setTimeout("move()",0)
}</p>
<p>

Antivirus reports:

NANO-Antivirus
Trojan.Script.StartPage.fakt

Deface/Content modification. The following signature was found: -=: Hacked By le4derofh4cklD :=-

...[11422 bytes skipped]...
note{padding: 25px 0px 0px 0px;}
</style>
<p><![endif]--><br />
</head><br />
<body oncontextmenu="return false"></p>
<p><script language="JavaScript"></p>
<p>function tb5_makeArray(n){
this.length = n;
return this.length;
}</p>
<p>tb5_messages = new tb5_makeArray(2);
tb5_messages[0] = "-=: Hacked By le4derofh4cklD :=-";
tb5_messages[1] = "-=: Hacked By le4derofh4cklD :=-";
tb5_rptType = 'infinite';
tb5_rptNbr = 10;
tb5_speed = 50;
tb5_delay = 2000;
var tb5_counter=1;
var tb5_currMsg=0;
var tb5_stsmsg="";
function tb5_shuffle(arr){
var k;
for (i=0; i<arr.length; i++){
k = Math.round(Math.random() * (arr.length - i - 1)) + i;
temp = arr[i];arr[i]=arr[k];arr[k]=temp;
}
return arr;
}
tb5_arr = new tb5_makeArray(tb5
...[60968 bytes skipped]...


http://isspiss.is/wp-content/themes/i3theme-1-2/dbx.js
200 OK
Content-Length: 19088
Content-Type: application/javascript
clean
http://isspiss.is/wp-content/themes/i3theme-1-2/dbx-key.js
200 OK
Content-Length: 2619
Content-Type: application/javascript
clean
http://isspiss.is/?cat=20
200 OK
Content-Length: 34921
Content-Type: text/html
clean
http://isspiss.is/?cat=21
200 OK
Content-Length: 14468
Content-Type: text/html
clean
http://isspiss.is/?cat=23
200 OK
Content-Length: 30341
Content-Type: text/html
clean
http://isspiss.is/?cat=25
200 OK
Content-Length: 21777
Content-Type: text/html
clean
http://isspiss.is/?cat=7
200 OK
Content-Length: 75119
Content-Type: text/html
clean
http://isspiss.is/?cat=9
200 OK
Content-Length: 12982
Content-Type: text/html
clean
http://isspiss.is/?cat=15
200 OK
Content-Length: 11922
Content-Type: text/html
clean
http://isspiss.is/?cat=11
200 OK
Content-Length: 22165
Content-Type: text/html
clean
http://isspiss.is/wp-content/plugins/altpwa/lb-js/prototype.js
200 OK
Content-Length: 126132
Content-Type: application/javascript
clean
http://isspiss.is/wp-content/plugins/altpwa/lb-js/scriptaculous.js?load=effects,builder
200 OK
Content-Length: 2654
Content-Type: application/javascript
clean
http://isspiss.is/wp-content/plugins/altpwa/lb-js/lightbox.js
200 OK
Content-Length: 18984
Content-Type: application/javascript
clean
http://isspiss.is/?cat=12
200 OK
Content-Length: 14414
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: isspiss.is

Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 21 Sep 2014 21:09:26 GMT
Server: Apache/2.2.26 (FreeBSD) PHP/5.4.26 SVN/1.8.8 mod_ssl/2.2.26 OpenSSL/1.0.1f DAV/2
Content-Type: text/html; charset=UTF-8
X-Pingback: http://isspiss.is/xmlrpc.php
X-Powered-By: PHP/5.4.26
Second query (visit from search engine):
GET / HTTP/1.1
Host: isspiss.is
Referer: http://www.google.com/search?q=isspiss.is

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=isspiss.is

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://isspiss.is/

Result: isspiss.is is not infected or malware details are not published yet.