New scan:

Malware Scanner report for mettem-m.ru

Malicious/Suspicious/Total urls checked
1/0/16
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://mettem-m.ru/
200 OK
Content-Length: 17708
Content-Type: text/html
clean
http://mettem-m.ru//www.mettem-m.ru.js.1c-bitrix-cdn.ru/bitrix/cache/js/s1/Mettem/kernel_main/kernel_main.js?1396856190277542/
404 Not Found
Content-Length: 5995
Content-Type: text/html
clean
http://mettem-m.ru//www.mettem-m.ru.js.1c-bitrix-cdn.ru/bitrix/cache/js/s1/Mettem/template_4e8be8e8303f30f6af3ca14a3f4643e2/template_4e8be8e8303f30f6af3ca14a3f4643e2_e6fb9afbc8d3770bccc977efae9834ff.js?1396853753670/
404 Not Found
Content-Length: 5995
Content-Type: text/html
clean
http://mettem-m.ru/about-the-company.php
200 OK
Content-Length: 73918
Content-Type: text/html
clean
http://mettem-m.ru//www.mettem-m.ru.js.1c-bitrix-cdn.ru/bitrix/cache/js/s1/Mettem/template_de8b65b1cd296932ac1851b5996a5b08/template_de8b65b1cd296932ac1851b5996a5b08_151294dc004844f9e6b2138439c4bfd0.js?139685375313501/
404 Not Found
Content-Length: 5995
Content-Type: text/html
clean
http://mettem-m.ru/our-representatives.php
200 OK
Content-Length: 43557
Content-Type: text/html
clean
http://www.forexpf.ru/_informer_/eurusd_.php
200 OK
Content-Length: 2732
Content-Type: text/html
clean
http://www.forexpf.ru/test404page.js
HTTP/1.1 302 Found
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 16 Apr 2014 17:35:48 GMT
Pragma: no-cache
Location: /
Server: Microsoft-IIS/6.0
Content-Length: 0
Content-Type: text/html; charset=windows-1251
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=tr76e7fahnsock2miftfdcrdh6; path=/
X-Conf: www-to-forum
X-Powered-By: PHP/5.2.17
clean
http://www.forexpf.ru/
200 OK
Content-Length: 69703
Content-Type: text/html
clean
http://www.forexpf.ru/forex.js
200 OK
Content-Length: 361
Content-Type: application/javascript
clean
http://yandex.st/share/share.js
200 OK
Content-Length: 56315
Content-Type: application/x-javascript
clean
http://mc.yandex.ru/metrika/watch.js
200 OK
Content-Length: 58232
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function(f,d,la){function L(a,b){return function(){try{return a.apply(this,arguments)}catch(c){-1<c.message.indexOf("NPObject")&&ta(c,b)}}}function ta(a,b){if(0.01>Math.random()){var c=["cp: "+b,a.name+": "+a.message,"debug: "+ua,"code: "+Ja,"stack: "+a.stack];(new Image).src="//an.yandex.ru/jserr/101500?"+fa({"cnt-class":100,errmsg:c.join("; ").replace(/\r?\n/g,"\\n")})}}function va(a){0.01>Math.random()&&(a=["ErrorLog: "+a,"code: "+Ja],(new Image).src="//an.yandex.ru/
... 35111 bytes are skipped ...
"+c.join("|")+")$","i").test(a)}function M(a){a=a.target||a.srcElement;if(!a)return!1;3==a.nodeType&&(a=a.parentNode);for(var b=a.nodeName.toString().toLowerCase();a.parentNode&&a.parentNode.nodeName&&("a"!=b&&"area"!=b||!a.href);)a=a.parentNode,b=a.nodeName.toString().toLowerCase();return a.href?a:!1}function N(a,b){return(a?a.replace(/^www\./,""):"")==(b?b.replace(/^www\./,""):"")?!0:!1}
function T(a,b){function c(a){a=a.split(":");a=a[1]||"";a=a.replace(/^\

Antivirus reports:

Bkav
W32.HfsIframe.Fe8e

http://counter.rambler.ru/top100.jcn?360665
200 OK
Content-Length: 6852
Content-Type: application/x-javascript
clean
http://www.forexpf.ru/q2_new/adx.js
200 OK
Content-Length: 70
Content-Type: application/javascript
clean
http://www.forexpf.ru/q2_new/adv.gif
200 OK
Content-Length: 0
Content-Type: image/gif
clean
http://www.forexpf.ru/js/profinance.js
200 OK
Content-Length: 1226
Content-Type: application/javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: mettem-m.ru

Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 16 Apr 2014 17:35:46 GMT
Pragma: no-cache
Server: nginx/1.4.1
Vary: Accept-Encoding
Content-Type: text/html; charset=windows-1251
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Set-Cookie: PHPSESSID=0e7c6484d80b0c11287232e2babc57bf; path=/; HttpOnly
X-Powered-By: PHP/5.3.18
X-Powered-CMS: Bitrix Site Manager (b3fd1c669bed5076bf8ae6280ec606d5)
Second query (visit from search engine):
GET / HTTP/1.1
Host: mettem-m.ru
Referer: http://www.google.com/search?q=mettem-m.ru

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=mettem-m.ru

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://mettem-m.ru/

Result: mettem-m.ru is not infected or malware details are not published yet.