New scan:

Malware Scanner report for rumonline.co.za

Malicious/Suspicious/Total urls checked
1/0/18
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://rumonline.co.za/
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=60
Connection: close
Date: Sun, 11 May 2014 00:03:25 GMT
Location: http://www.rumonline.co.za/
Server: nginx
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Sun, 11 May 2014 00:04:25 GMT
Set-Cookie: wfvt_405789162=536ebe4dbe1cf; expires=Sun, 11-May-2014 00:33:25 GMT; path=/
X-Pingback: http://www.rumonline.co.za/xmlrpc.php
X-Powered-By: PHP/5.3.28
clean
http://www.rumonline.co.za/
200 OK
Content-Length: 61698
Content-Type: text/html
clean
http://www.rumonline.co.za/wp-includes/js/jquery/jquery.js?ver=1.8.3
200 OK
Content-Length: 93658
Content-Type: application/javascript
clean
http://static.addynamo.net/ad/js/deliverAds.js
200 OK
Content-Length: 3571
Content-Type: application/x-javascript
clean
http://www.flickr.com/badge_code_v2.gne?count=8&display=random&size=s&layout=x&source=user&user=78397527@N04
200 OK
Content-Length: 2701
Content-Type: application/x-javascript
clean
http://www.rumonline.co.za/wp-content/themes/www2/assets/js/jquery.fitvids.js?ver=2.2
200 OK
Content-Length: 3010
Content-Type: application/javascript
clean
http://www.rumonline.co.za/wp-content/themes/www2/assets/js/jquery.flexslider.js?ver=2.2
200 OK
Content-Length: 41110
Content-Type: application/javascript
clean
http://www.rumonline.co.za/wp-content/themes/www2/assets/js/ddsmoothmenu.js?ver=2.2
200 OK
Content-Length: 11643
Content-Type: application/javascript
clean
http://www.rumonline.co.za/wp-content/themes/www2/assets/js/jquery.carouFredSel-6.2.0-packed.js?ver=6.0.2
200 OK
Content-Length: 36065
Content-Type: application/javascript
clean
http://www.rumonline.co.za/wp-content/themes/www2/assets/js/jquery.imagesloaded.min.js?ver=6.0.2
200 OK
Content-Length: 1047
Content-Type: application/javascript
clean
http://www.rumonline.co.za/wp-content/themes/www2/assets/js/custom.js?ver=2.2
200 OK
Content-Length: 10901
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

jQuery.noConflict();
jQuery(document).ready(function(){
jQuery('.video-thumb').each(function(){
var obj = jQuery(this);
var v = obj.attr('video');
var vi = obj.attr('video-id');
if(typeof(v)!='undefined' && v !=''&& typeof(vi)!='undefined' && vi !=''){
if(v=='youtube'){
obj.html('<img src="http://img.youtube.com/vi/'+vi+'/3.jpg" alt="" />');
}else{
... 9712 bytes are skipped ...
});
}
});


jQuery(window).scroll(function() {
if(jQuery(this).scrollTop() != 0) {
jQuery('#sttotop').fadeIn();
} else {
jQuery('#sttotop').fadeOut();
}
});

jQuery('#sttotop').click(function() {
jQuery('body,html').animate({scrollTop:0},800);
});




});

Antivirus reports:

Emsisoft
Dropped:Adware.DomaIQ.Z (B)

http://rumonline.co.za/test404page.js
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Date: Sun, 11 May 2014 00:03:33 GMT
Pragma: no-cache
Location: http://www.rumonline.co.za/test404page.js
Server: nginx
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Set-Cookie: wfvt_405789162=536ebe5535606; expires=Sun, 11-May-2014 00:33:33 GMT; path=/
X-Pingback: http://www.rumonline.co.za/xmlrpc.php
X-Powered-By: PHP/5.3.28
clean
http://www.rumonline.co.za/test404page.js
404 Not Found
Content-Length: 45920
Content-Type: text/html
clean
http://www.rumonline.co.za/home/
200 OK
Content-Length: 45830
Content-Type: text/html
clean
http://www.rumonline.co.za/wp-includes/js/comment-reply.min.js?ver=3.5.2
200 OK
Content-Length: 786
Content-Type: application/javascript
clean
http://www.rumonline.co.za/contact-us/
200 OK
Content-Length: 45942
Content-Type: text/html
clean
http://www.rumonline.co.za/contact/
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Date: Sun, 11 May 2014 00:03:37 GMT
Pragma: no-cache
Location: http://www.rumonline.co.za/contact-us/
Server: nginx
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Set-Cookie: wfvt_405789162=536ebe59d5263; expires=Sun, 11-May-2014 00:33:37 GMT; path=/
X-Pingback: http://www.rumonline.co.za/xmlrpc.php
X-Powered-By: PHP/5.3.28
clean
http://www.rumonline.co.za/category/fashion/
200 OK
Content-Length: 45424
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: rumonline.co.za

Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=60
Connection: close
Date: Sun, 11 May 2014 00:03:25 GMT
Location: http://www.rumonline.co.za/
Server: nginx
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Sun, 11 May 2014 00:04:25 GMT
Set-Cookie: wfvt_405789162=536ebe4dbe1cf; expires=Sun, 11-May-2014 00:33:25 GMT; path=/
X-Pingback: http://www.rumonline.co.za/xmlrpc.php
X-Powered-By: PHP/5.3.28

...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: rumonline.co.za
Referer: http://www.google.com/search?q=rumonline.co.za

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=rumonline.co.za

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://rumonline.co.za/

Result: rumonline.co.za is not infected or malware details are not published yet.