New scan:

Malware Scanner report for ferrum-n.ru

Malicious/Suspicious/Total urls checked
1/0/16
1 page has malicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "ferrum-n.ru" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=ferrum-n.ru

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://ferrum-n.ru/
200 OK
Content-Length: 28540
Content-Type: text/html
clean
http://ferrum-n.ru/highslide/highslide-with-html.js
200 OK
Content-Length: 62744
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)



var hs = {

graphicsDir : 'highslide/graphics/',
restoreCursor : 'zoomout.cur', expandSteps : 10, expandDuration : 250, restoreSteps : 10,
restoreDuration : 250,
marginLeft : 15,
marginRight : 15,
marginTop : 15,
marginBottom : 15,
zIndexCounter : 1001,
restoreTitle : 'Click to close image, click and drag to move. Use arrow keys for next and previous.',
loadingText : 'Loading...',
loadingTitle : 'Click to cancel',
load
... 3610 bytes are skipped ...
ody>.*?$', 'i'), '$1');
}
}
hs.getElementByClass(this.content, 'DIV', 'highslide-body').innerHTML = s;
this.onLoad();
for (var x in this) this[x] = null;
}
};
var HsExpander = hs.Expander;

hs.addEventListener(document, 'mousedown', hs.mouseClickHandler);
hs.addEventListener(document, 'mouseup', hs.mouseClickHandler);
hs.addEventListener(window, 'load', hs.preloadImages);
hs.addEventListener(window, 'load', hs.preloadAjax);

Antivirus reports:

Emsisoft
Android.Adware.Mobclick.A (B)

http://ferrum-n.ru/js/functions.js?3
200 OK
Content-Length: 5040
Content-Type: application/javascript
clean
http://ferrum-n.ru/js/jquery.js?1
200 OK
Content-Length: 72174
Content-Type: application/javascript
clean
http://ferrum-n.ru/js/jquery.form.js?1
200 OK
Content-Length: 22463
Content-Type: application/javascript
clean
http://ferrum-n.ru/js/jquery.jcarousel.js?1
200 OK
Content-Length: 15128
Content-Type: application/javascript
clean
http://ferrum-n.ru/js/AC_OETags.js
200 OK
Content-Length: 7826
Content-Type: application/javascript
clean
http://ferrum-n.ru//mc.yandex.ru/metrika/watch.js/
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 27 Jul 2014 16:19:42 GMT
Location: http://ferrum-n.ru/
Server: nginx
Content-Length: 313
Content-Type: text/html; charset=iso-8859-1
X-MJ-Serve-Req-Time: D=15721 usec
X-MJ-Upstream-Addr: 10.10.0.33:81
clean
http://ferrum-n.ru/test404page.js
404 Not Found
Content-Length: 13412
Content-Type: text/html
clean
http://ferrum-n.ru/map
200 OK
Content-Length: 16564
Content-Type: text/html
clean
http://ferrum-n.ru/about
200 OK
Content-Length: 17959
Content-Type: text/html
clean
http://ferrum-n.ru/produkt
200 OK
Content-Length: 14980
Content-Type: text/html
clean
http://ferrum-n.ru/filial
200 OK
Content-Length: 15363
Content-Type: text/html
clean
http://ferrum-n.ru/sotrudn
200 OK
Content-Length: 16960
Content-Type: text/html
clean
http://ferrum-n.ru/lib/JsHttpRequest/JsHttpRequest.js
200 OK
Content-Length: 14684
Content-Type: application/javascript
clean
http://ferrum-n.ru/js/func.js
200 OK
Content-Length: 3286
Content-Type: application/javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: ferrum-n.ru

Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Connection: close
Date: Sun, 27 Jul 2014 16:19:39 GMT
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
Content-Language: ru
Content-Type: text/html; charset=windows-1251
X-MJ-Serve-Req-Time: D=48636 usec
X-MJ-Upstream-Addr: 10.10.0.33:81
X-Powered-By: PHP/5.3.20
Second query (visit from search engine):
GET / HTTP/1.1
Host: ferrum-n.ru
Referer: http://www.google.com/search?q=ferrum-n.ru

Result:
The result is similar to the first query. There are no suspicious redirects found.