New scan:

Malware Scanner report for ufrpe.br

Malicious/Suspicious/Total urls checked
1/0/15
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://ufrpe.br/
200 OK
Content-Length: 16269
Content-Type: text/html
clean
http://ufrpe.br/js/AC_RunActiveContent.js
200 OK
Content-Length: 8321
Content-Type: application/javascript
clean
http://ufrpe.br/js/funcoes.js
200 OK
Content-Length: 15607
Content-Type: application/javascript
clean
http://ufrpe.br/js/valida.js
200 OK
Content-Length: 5035
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function validaCadastrarEmail()
{
var objForm = document.frmCadastrarEmail;
bolValida = validarEmail(objForm.txtNewsEmail, "Por favor informe o e-mail corretamente\nEx. usuario@site.com.br");
if (!bolValida)
return;

document.frmCadastrarEmail.submit();
}


function validaBusca(objForm)
{
var bolValida = true;

bolValida = validarTxtMin(objForm.txtBuscaTexto, 1, "Por favor informe a palavra a ser buscada\nMĂ­nimo
... 3656 bytes are skipped ...
n mudaLink(intId)
{
location.replace('links.php?cmbTipo='+intId);
}

function mudaPesquisa(intId)
{
location.replace('pesquisa_ufrpe.php?cmbTipo='+intId);
}

function mostraArea(intId)
{

if(document.getElementById("divTelefone"+intId).style.display != 'none')
document.getElementById("divTelefone"+intId).style.display = 'none';
else
document.getElementById("divTelefone"+intId).style.display = 'block';
}

Antivirus reports:

Emsisoft
Win32.Ramnit.N (B)

http://ufrpe.br/includes/lightbox/lightbox.js
200 OK
Content-Length: 12670
Content-Type: application/javascript
clean
http://www.statcounter.com/counter/counter.js
200 OK
Content-Length: 15530
Content-Type: application/x-javascript
clean
http://ufrpe.br/translate.php?lang=pt-BR&idioma=
200 OK
Content-Length: 0
Content-Type: text/html
clean
http://ufrpe.br/test404page.js
404 Not Found
Content-Length: 286
Content-Type: text/html
clean
http://ufrpe.br/translate.php?lang=en&idioma=e
200 OK
Content-Length: 0
Content-Type: text/html
clean
http://ufrpe.br/index.php
200 OK
Content-Length: 16269
Content-Type: text/html
clean
http://ufrpe.br/pagina.php?idConteudo=66
200 OK
Content-Length: 17707
Content-Type: text/html
clean
http://ufrpe.br/pesquisa_ufrpe.php
200 OK
Content-Length: 17485
Content-Type: text/html
clean
http://ufrpe.br/em_foco.php
200 OK
Content-Length: 14904
Content-Type: text/html
clean
http://ufrpe.br/edital_concurso.php
200 OK
Content-Length: 19212
Content-Type: text/html
clean
http://ufrpe.br/pagina.php?idConteudo=68
200 OK
Content-Length: 14324
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: ufrpe.br

Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 03 Oct 2014 12:21:15 GMT
Pragma: no-cache
Server: Apache/2.2.16 (Debian)
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=a292fb9696988f6aa76dc05353e9e6d7; path=/
X-Powered-By: PHP/5.3.3-7+squeeze14
Second query (visit from search engine):
GET / HTTP/1.1
Host: ufrpe.br
Referer: http://www.google.com/search?q=ufrpe.br

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=ufrpe.br

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ufrpe.br/

Result: ufrpe.br is not infected or malware details are not published yet.