New scan:

Malware Scanner report for manualidadesnavidenas.net

Malicious/Suspicious/Total urls checked
0/5/16
5 pages have suspicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/14
Deface / Content modification
Found
Probably the website is defaced. The following signature was found:

Hacked By H3X KH4N  (78 websites defaced)

See details below

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://manualidadesnavidenas.net/
200 OK
Content-Length: 132532
Content-Type: text/html
suspicious
Suspicious code. Script contains iFrame.


<!-- HTML Encrypt By DarK-Mirror.org -->
<!--
document.write(unescape('%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%74%69%74%6C%65%3E%48%61%63%6B%65%64%20%42%79%20%48%33%58%20%4B%48%34%4E%3C%2F%74%69%74%6C%65%3E%0A%0A%3C%6C%69%6E%6B%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%73%31%2E%64%69%72%65%63%74%75%70%6C%6F%61%64%2E%6E%65%74%2F%69%6D%61%67%65%73%2F%31%33%30%38%33%31%2F%32%78%6C%77%6E%6F%38%6D%2E%70%6E%67%22%20%72%65%6
...[3569 bytes skipped]...

Decoded script:

...[3425 bytes skipped]...
99;position:fixed;right:-250px;top:40%;}.facebookbox div{border:none;position:relative;display:block;}.facebookbox span{bottom:12px;font:8px"lucida grande",tahoma,verdana,arial,sans-serif;position:absolute;right:6px;text-align:right;z-index:99999;}.facebookbox span a{color:#808080;text-decoration:none;}.facebookbox span a:hover{text-decoration:underline;}</style></head><body bgcolor="Black"><div class="facebookbox"><iframe scrolling="no" frameborder="0" style="border: medium none; overflow: hidden; height: 270px; width: 245px;background:#fff;" src="http://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/803204749768691&colorscheme=light&show_faces=true&connections=9&stream=false&header=false&height=270"></iframe></div>
<embed src="http://www.youtube.com/v/3U1O1oythXY&autoplay=1" type="application/x-shockwave-flash" wmode="transparent" wi
...[1274 bytes skipped]...

Deface/Content modification. The following signature was found: Hacked By H3X KH4N



<html>
<head>
<title>Hacked By H3X KH4N</title>

<meta content="H3X KH4N Was Here" name="description"/>
<meta content="H3X KH4N" name="keywords"/>
<meta content="Cyb3r Gangst3r J i H" name="Abstract"/>
</head>
<Script Language='Javascript'>
<!-- HTML Encrypt By DarK-Mirror.org -->
<!--
document.write(unescape('%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%74%69%74%6C%65%3E%48%6
...[151927 bytes skipped]...


http://manualidadesnavidenas.net/wp-includes/js/jquery/jquery.js?ver=1.11.2
200 OK
Content-Length: 95952
Content-Type: application/javascript
clean
http://manualidadesnavidenas.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
200 OK
Content-Length: 7200
Content-Type: application/javascript
clean
http://manualidadesnavidenas.net/wp-content/themes/suffusion/scripts/jquery.bgiframe.min.js?ver=1.0
200 OK
Content-Length: 1517
Content-Type: application/javascript
clean
http://manualidadesnavidenas.net/wp-content/themes/suffusion/scripts/suffusion.js?ver=1.0
200 OK
Content-Length: 4811
Content-Type: application/javascript
clean
http://pagead2.googlesyndication.com/pagead/show_ads.js
200 OK
Content-Length: 27376
Content-Type: text/javascript
clean
http://www.google.com/afsonline/show_afs_search.js
200 OK
Content-Length: 3366
Content-Type: text/javascript
clean
http://www.google.es/coop/cse/brand?form=cse-search-box&lang=es
HTTP/1.1 302 Found
Cache-Control: private
Connection: close
Date: Sun, 20 Dec 2015 02:47:39 GMT
Location: https://cse.google.es/coop/cse/brand?form=cse-search-box&lang=es
Server: sffe
Content-Length: 265
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
clean
https://cse.google.es/coop/cse/brand?form=cse-search-box&lang=es
200 OK
Content-Length: 2499
Content-Type: text/javascript
clean
http://platform.twitter.com/widgets.js
200 OK
Content-Length: 87641
Content-Type: application/javascript
clean
https://apis.google.com/js/plusone.js
200 OK
Content-Length: 13354
Content-Type: application/javascript
clean
http://manualidadesnavidenas.net/2013/09/como-hacer-adornos-navidenos-caseros-2.html
200 OK
Content-Length: 83224
Content-Type: text/html
suspicious
Suspicious code. Script contains iFrame.


<!-- HTML Encrypt By DarK-Mirror.org -->
<!--
document.write(unescape('%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%74%69%74%6C%65%3E%48%61%63%6B%65%64%20%42%79%20%48%33%58%20%4B%48%34%4E%3C%2F%74%69%74%6C%65%3E%0A%0A%3C%6C%69%6E%6B%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%73%31%2E%64%69%72%65%63%74%75%70%6C%6F%61%64%2E%6E%65%74%2F%69%6D%61%67%65%73%2F%31%33%30%38%33%31%2F%32%78%6C%77%6E%6F%38%6D%2E%70%6E%67%22%20%72%65%6
...[3569 bytes skipped]...

Decoded script:

...[3425 bytes skipped]...
99;position:fixed;right:-250px;top:40%;}.facebookbox div{border:none;position:relative;display:block;}.facebookbox span{bottom:12px;font:8px"lucida grande",tahoma,verdana,arial,sans-serif;position:absolute;right:6px;text-align:right;z-index:99999;}.facebookbox span a{color:#808080;text-decoration:none;}.facebookbox span a:hover{text-decoration:underline;}</style></head><body bgcolor="Black"><div class="facebookbox"><iframe scrolling="no" frameborder="0" style="border: medium none; overflow: hidden; height: 270px; width: 245px;background:#fff;" src="http://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/803204749768691&colorscheme=light&show_faces=true&connections=9&stream=false&header=false&height=270"></iframe></div>
<embed src="http://www.youtube.com/v/3U1O1oythXY&autoplay=1" type="application/x-shockwave-flash" wmode="transparent" wi
...[1274 bytes skipped]...

http://manualidadesnavidenas.net/wp-includes/js/comment-reply.min.js?ver=4.2.2
200 OK
Content-Length: 757
Content-Type: application/javascript
clean
http://manualidadesnavidenas.net/2013/09/angeles-navidenos-para-colgar.html
200 OK
Content-Length: 83465
Content-Type: text/html
suspicious
Suspicious code. Script contains iFrame.


<!-- HTML Encrypt By DarK-Mirror.org -->
<!--
document.write(unescape('%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%74%69%74%6C%65%3E%48%61%63%6B%65%64%20%42%79%20%48%33%58%20%4B%48%34%4E%3C%2F%74%69%74%6C%65%3E%0A%0A%3C%6C%69%6E%6B%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%73%31%2E%64%69%72%65%63%74%75%70%6C%6F%61%64%2E%6E%65%74%2F%69%6D%61%67%65%73%2F%31%33%30%38%33%31%2F%32%78%6C%77%6E%6F%38%6D%2E%70%6E%67%22%20%72%65%6
...[3569 bytes skipped]...

Decoded script:

...[3425 bytes skipped]...
99;position:fixed;right:-250px;top:40%;}.facebookbox div{border:none;position:relative;display:block;}.facebookbox span{bottom:12px;font:8px"lucida grande",tahoma,verdana,arial,sans-serif;position:absolute;right:6px;text-align:right;z-index:99999;}.facebookbox span a{color:#808080;text-decoration:none;}.facebookbox span a:hover{text-decoration:underline;}</style></head><body bgcolor="Black"><div class="facebookbox"><iframe scrolling="no" frameborder="0" style="border: medium none; overflow: hidden; height: 270px; width: 245px;background:#fff;" src="http://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/803204749768691&colorscheme=light&show_faces=true&connections=9&stream=false&header=false&height=270"></iframe></div>
<embed src="http://www.youtube.com/v/3U1O1oythXY&autoplay=1" type="application/x-shockwave-flash" wmode="transparent" wi
...[1274 bytes skipped]...

http://manualidadesnavidenas.net/2013/08/como-hacer-duendes-de-navidad.html
200 OK
Content-Length: 86937
Content-Type: text/html
suspicious
Suspicious code. Script contains iFrame.


<!-- HTML Encrypt By DarK-Mirror.org -->
<!--
document.write(unescape('%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%74%69%74%6C%65%3E%48%61%63%6B%65%64%20%42%79%20%48%33%58%20%4B%48%34%4E%3C%2F%74%69%74%6C%65%3E%0A%0A%3C%6C%69%6E%6B%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%73%31%2E%64%69%72%65%63%74%75%70%6C%6F%61%64%2E%6E%65%74%2F%69%6D%61%67%65%73%2F%31%33%30%38%33%31%2F%32%78%6C%77%6E%6F%38%6D%2E%70%6E%67%22%20%72%65%6
...[3569 bytes skipped]...

Decoded script:

...[3425 bytes skipped]...
99;position:fixed;right:-250px;top:40%;}.facebookbox div{border:none;position:relative;display:block;}.facebookbox span{bottom:12px;font:8px"lucida grande",tahoma,verdana,arial,sans-serif;position:absolute;right:6px;text-align:right;z-index:99999;}.facebookbox span a{color:#808080;text-decoration:none;}.facebookbox span a:hover{text-decoration:underline;}</style></head><body bgcolor="Black"><div class="facebookbox"><iframe scrolling="no" frameborder="0" style="border: medium none; overflow: hidden; height: 270px; width: 245px;background:#fff;" src="http://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/803204749768691&colorscheme=light&show_faces=true&connections=9&stream=false&header=false&height=270"></iframe></div>
<embed src="http://www.youtube.com/v/3U1O1oythXY&autoplay=1" type="application/x-shockwave-flash" wmode="transparent" wi
...[1274 bytes skipped]...

http://manualidadesnavidenas.net/2013/08/como-hacer-angeles-de-navidad-vestidos.html
200 OK
Content-Length: 85824
Content-Type: text/html
suspicious
Suspicious code. Script contains iFrame.


<!-- HTML Encrypt By DarK-Mirror.org -->
<!--
document.write(unescape('%3C%68%74%6D%6C%3E%0A%3C%68%65%61%64%3E%0A%3C%74%69%74%6C%65%3E%48%61%63%6B%65%64%20%42%79%20%48%33%58%20%4B%48%34%4E%3C%2F%74%69%74%6C%65%3E%0A%0A%3C%6C%69%6E%6B%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%73%31%2E%64%69%72%65%63%74%75%70%6C%6F%61%64%2E%6E%65%74%2F%69%6D%61%67%65%73%2F%31%33%30%38%33%31%2F%32%78%6C%77%6E%6F%38%6D%2E%70%6E%67%22%20%72%65%6
...[3569 bytes skipped]...

Decoded script:

...[3425 bytes skipped]...
99;position:fixed;right:-250px;top:40%;}.facebookbox div{border:none;position:relative;display:block;}.facebookbox span{bottom:12px;font:8px"lucida grande",tahoma,verdana,arial,sans-serif;position:absolute;right:6px;text-align:right;z-index:99999;}.facebookbox span a{color:#808080;text-decoration:none;}.facebookbox span a:hover{text-decoration:underline;}</style></head><body bgcolor="Black"><div class="facebookbox"><iframe scrolling="no" frameborder="0" style="border: medium none; overflow: hidden; height: 270px; width: 245px;background:#fff;" src="http://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/803204749768691&colorscheme=light&show_faces=true&connections=9&stream=false&header=false&height=270"></iframe></div>
<embed src="http://www.youtube.com/v/3U1O1oythXY&autoplay=1" type="application/x-shockwave-flash" wmode="transparent" wi
...[1274 bytes skipped]...


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: manualidadesnavidenas.net

Result:
HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: close
Date: Sun, 20 Dec 2015 02:47:36 GMT
Pragma: no-cache
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 PHP/5.3.25
Vary: Accept-Encoding
Content-Type: text/html
X-Powered-By: PHP/5.3.25
Second query (visit from search engine):
GET / HTTP/1.1
Host: manualidadesnavidenas.net
Referer: http://www.google.com/search?q=manualidadesnavidenas.net

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=manualidadesnavidenas.net

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://manualidadesnavidenas.net/

Result: manualidadesnavidenas.net is not infected or malware details are not published yet.