New scan:

Malware Scanner report for hoodi.ru

Malicious/Suspicious/Total urls checked
1/0/15
1 page has malicious code. See details below
Blacklists
OK
Malicious redirects
Found
The website redirects visitors from search engines to the 3rd-party URL. The chain of malicious redirects found:
->http://web-redirect.ru/?web
530 websites infected. web-redirect.ru is marked by Yandex as suspicious.
->http://cmsjoom.ru/components/com_weblinks/2/separator.php


The website "hoodi.ru" is most probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here is our redirects fixing guide.
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Malicious/Suspicious Redirects

RequestServer responseStatus
URL: http://hoodi.ru/
(imitation of visitor from search engine)

GET / HTTP/1.1
Host: hoodi.ru
Referer: http://www.google.com/search?q=redirect+check1
HTTP/1.1 302 Found
Connection: close
Date: Sat, 07 Mar 2015 12:06:11 GMT
Location: http://web-redirect.ru/?web
Server: nginx/1.6.2
Content-Type: text/html; charset=windows-1251
Set-Cookie: _cutt_caches_images=1425729971; expires=Sun, 08-Mar-2015 12:06:11 GMT; path=/
X-Powered-By: PHP/5.2.10
malicious
URL: http://web-redirect.ru/?web
(imitation of visitor from search engine)

GET /?web HTTP/1.1
Host: web-redirect.ru
Referer: http://www.google.com/search?q=redirect+check2
HTTP/1.1 302 Found
Cache-Control: max-age=0
Connection: close
Date: Sat, 07 Mar 2015 12:06:11 GMT
Pragma: no-cache
Location: http://cmsjoom.ru/components/com_weblinks/2/separator.php
Server: nginx/1.0.15
Content-Length: 0
Content-Type: text/html; charset=utf-8
Expires: Thu, 21 Jul 1977 07:30:00 GMT
Last-Modified: Sat, 07 Mar 2015 12:06:11 GMT
X-Powered-By: PHP/5.3.3
suspicious

Scanned pages/files

RequestServer responseStatus
http://hoodi.ru/
200 OK
Content-Length: 97126
Content-Type: text/html
clean
http://hoodi.ru/components/com_jcomments/js/jcomments-v2.1.js?v=2
200 OK
Content-Length: 27179
Content-Type: application/x-javascript
clean
http://hoodi.ru/components/com_jcomments/libraries/joomlatune/ajax.js
200 OK
Content-Length: 3978
Content-Type: application/x-javascript
clean
http://hoodi.ru/media/system/js/caption.js
200 OK
Content-Length: 1963
Content-Type: application/x-javascript
clean
http://hoodi.ru/modules/mod_swmenufree/jquery-1.2.6.pack.js
200 OK
Content-Length: 72173
Content-Type: application/x-javascript
clean
http://hoodi.ru/modules/mod_swmenufree/hoverIntent.js
200 OK
Content-Length: 3174
Content-Type: application/x-javascript
clean
http://hoodi.ru/modules/mod_swmenufree/superfish.js
200 OK
Content-Length: 3714
Content-Type: application/x-javascript
clean
http://hoodi.ru/modules/mod_swmenufree/supersubs.js
200 OK
Content-Length: 3298
Content-Type: application/x-javascript
clean
http://hoodi.ru/templates/shopper_frenzy/js/s5_suckerfish.js
200 OK
Content-Length: 383
Content-Type: application/x-javascript
clean
http://hoodi.ru/modules/mod_s5_vm_accordion/s5_vm_accordion/s5_vm_accordion.js
200 OK
Content-Length: 9681
Content-Type: application/x-javascript
clean
http://hoodi.ru//mc.yandex.ru/metrika/watch.js/
404 NOT FOUND
Content-Length: 234850
Content-Type: text/html
clean
http://hoodi.ru/index.php/Интернет-магазин.html
200 OK
Content-Length: 100531
Content-Type: text/html
clean
http://www.hoodi.ru/components/com_virtuemart/fetchscript.php?gzip=1&subdir[0]=/themes/s5_shopper_frenzy&file[0]=theme.js&subdir[1]=/js&file[1]=sleight.js&subdir[2]=/js/mootools&file[2]=mootools-release-1.11.js&subdir[3]=/js/mootools&file[3]=mooPrompt.js
200 OK
Content-Length: 56684
Content-Type: text/javascript
clean
http://odnaknopka.ru/ok3.js
200 OK
Content-Length: 2852
Content-Type: text/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function NewOdnaknopka3() {
this.domain=location.href+'/';
this.domain=this.domain.substr(this.domain.indexOf('://')+3);
this.domain=this.domain.substr(0,this.domain.indexOf('/'));
this.location=false;
this.url=function(system) {
var title=encodeURIComponent(document.title);
var url=encodeURIComponent(location.href);
switch (system) {
case 1: return 'http://vkontakte.ru/share.php?url='+url;
case 2: return 'http://www.facebook.com/sharer.php?u='+u
... 2382 bytes are skipped ...
ka.ru/images/blank.gif" width="16" height="16" alt=" #" title="'+titles[i]+'" style="border:0;padding:0;margin:0 4px 0 0;background:url(http://odnaknopka.ru/images/panel.png) no-repeat -270px -'+(i*16)+'px"/></a>';
}
document.write(html);
}
}
odnaknopka3=new NewOdnaknopka3();
odnaknopka3.init();
var js = document.createElement("script");
js.type = "text/javascript";
js.src = "http://odnaknopka.ru/stat.js";
document.body.appendChild(js);

Antivirus reports:

VIPRE
Malware.JS.Generic (JS)

http://www.hoodi.ru/components/com_virtuemart/fetchscript.php?gzip=1&subdir[0]=/js&file[0]=wz_tooltip.js
200 OK
Content-Length: 38065
Content-Type: text/javascript
clean

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=hoodi.ru

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://hoodi.ru/

Result: hoodi.ru is not infected or malware details are not published yet.