New scan:

Malware Scanner report for salmoncarvings.com

Malicious/Suspicious/Total urls checked
0/0/10
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/4/4
4 suspicious iframes found. See details below
Deface / Content modification
Found
Probably the website is defaced. The following signature was found:

! Hacked by Peyman Siyahi !  (9 websites defaced)

See details below

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://salmoncarvings.com/
200 OK
Content-Length: 1281
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 2x2     
src: http://go.ad2up.com/afu.php?id=299977

<iframe src="http://go.ad2up.com/afu.php?id=299977" height="2" width="2">

Hidden iFrame found.
size: 2x2     
src: http://onclickads.net/afu.php?zoneid=299976&var=299976

<iframe src="http://onclickads.net/afu.php?zoneid=299976&var=299976" height="2" width="2">

Deface/Content modification. The following signature was found: ! Hacked by Peyman Siyahi !


<title>! Hacked by Peyman Siyahi !</title>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<iframe src="http://go.ad2up.com/afu.php?id=299977" height="2" width="2"></iframe>
<iframe src="http://onclickads.net/afu.php?zoneid=299976&var=299976" height="2" width="2"><
...[1194 bytes skipped]...


http://salmoncarvings.com//go.mobisla.com/notice.php?p=299981&interactive=1&pushup=1/
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Date: Tue, 01 Sep 2015 04:34:20 GMT
Pragma: no-cache
Location: http://www.salmoncarvings.com/go.mobisla.com/notice.php?p=299981&interactive=1&pushup=1/
Server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Wed, 11 Jan 1984 05:00:00 GMT
X-Pingback: http://www.salmoncarvings.com/xmlrpc.php
X-Powered-By: PHP/5.4.44
clean
http://www.salmoncarvings.com/go.mobisla.com/notice.php?p=299981&interactive=1&pushup=1/
404 Not Found
Content-Length: 9311
Content-Type: text/html
clean
http://www.salmoncarvings.com/wp-includes/js/jquery/jquery.js?ver=1.11.2
200 OK
Content-Length: 95952
Content-Type: application/javascript
clean
http://www.salmoncarvings.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
200 OK
Content-Length: 7200
Content-Type: application/javascript
clean
http://www.salmoncarvings.com/wp-content/plugins/google-analyticator/external-tracking.min.js?ver=6.4.9
200 OK
Content-Length: 1190
Content-Type: application/javascript
clean
http://salmoncarvings.com/test404page.js
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Date: Tue, 01 Sep 2015 04:34:24 GMT
Pragma: no-cache
Location: http://www.salmoncarvings.com/test404page.js
Server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Wed, 11 Jan 1984 05:00:00 GMT
X-Pingback: http://www.salmoncarvings.com/xmlrpc.php
X-Powered-By: PHP/5.4.44
clean
http://www.salmoncarvings.com/test404page.js
404 Not Found
Content-Length: 9311
Content-Type: text/html
clean
http://www.salmoncarvings.com/
200 OK
Content-Length: 1281
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 2x2     
src: http://onclickads.net/afu.php?zoneid=299976&var=299976

<iframe src="http://onclickads.net/afu.php?zoneid=299976&var=299976" height="2" width="2">

Hidden iFrame found.
size: 2x2     
src: http://go.ad2up.com/afu.php?id=299977

<iframe src="http://go.ad2up.com/afu.php?id=299977" height="2" width="2">

http://www.salmoncarvings.com//go.mobisla.com/notice.php?p=299981&interactive=1&pushup=1/
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Date: Tue, 01 Sep 2015 04:34:27 GMT
Pragma: no-cache
Location: http://www.salmoncarvings.com/go.mobisla.com/notice.php?p=299981&interactive=1&pushup=1/
Server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Expires: Wed, 11 Jan 1984 05:00:00 GMT
X-Pingback: http://www.salmoncarvings.com/xmlrpc.php
X-Powered-By: PHP/5.4.44
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: salmoncarvings.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 01 Sep 2015 04:34:19 GMT
Accept-Ranges: bytes
ETag: "501-51dc34a97fb7a"
Server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Content-Length: 1281
Content-Type: text/html
Last-Modified: Thu, 20 Aug 2015 19:38:10 GMT

...1281 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: salmoncarvings.com
Referer: http://www.google.com/search?q=salmoncarvings.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=salmoncarvings.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://salmoncarvings.com/

Result: salmoncarvings.com is not infected or malware details are not published yet.