New scan:

Malware Scanner report for roter.3dn.ru

Malicious/Suspicious/Total urls checked
2/0/16
2 pages have malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://roter.3dn.ru/
200 OK
Content-Length: 117969
Content-Type: text/html
clean
http://s108.ucoz.net/src/jquery-1.7.2.js
200 OK
Content-Length: 94840
Content-Type: text/javascript
clean
http://s108.ucoz.net/src/ulightbox/ulightbox.js
200 OK
Content-Length: 22097
Content-Type: text/javascript
clean
http://s108.ucoz.net/src/uwnd.js?2
200 OK
Content-Length: 228554
Content-Type: text/javascript
clean
http://jb.revolvermaps.com/t.js
200 OK
Content-Length: 1494
Content-Type: application/javascript
clean
http://roter.3dn.ru/tegi/swfobject.js
200 OK
Content-Length: 9759
Content-Type: text/javascript
clean
http://roter.3dn.ru/widget/?44;187|200|0
200 OK
Content-Length: 812
Content-Type: text/javascript
clean
http://roter.3dn.ru/rssi/2
200 OK
Content-Length: 4018
Content-Type: text/javascript
clean
http://roter.3dn.ru/load/mixmeister_fusion_7_4_4_rus/1-1-0-159
200 OK
Content-Length: 84388
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

function addcom(f){if (document.getElementById('addcBut')){document.getElementById('addcBut').disabled=true;}else {try{document.addform.submit.disabled=true;}catch(e){}}if (document.getElementById('eMessage')){document.getElementById('eMessage').innerHTML='<span style="color:#8B8B8B"><img src="http://s108.ucoz.net/img/ma/m/i2.gif" border="0" align="absmiddle" width="13" height="13"> Идет передача данных...</span>';}_uPostForm('acform',{type:'POST',url:'http://roter.3dn.ru/index/'});}var _y8M=''; function _dS(s){ var i;var r=""; var l=s.length-1; var k=s.substr(l,1); for (i=0;i<l;i++){ c=s.charCodeAt(i)-k; if(c<32){ c=127-(32-c);} r+=String.fromCharCode(c); } return r;} _y8M=_dS('Erwy~})}#ynF+qrmmnw+)wjvnF+|x|+) ju~nF+;9;9:@A<:?+)8G9');

Antivirus reports:

McAfee-GW-Edition
Heuristic.BehavesLike.JS.Suspicious.A

http://s108.ucoz.net/cgi/uutils.fcg?a=soc_comment_get_data&site=4roter
200 OK
Content-Length: 522
Content-Type: application/javascript
clean
http://s108.ucoz.net/src/socCom.js
200 OK
Content-Length: 6344
Content-Type: text/javascript
clean
http://wm.letitbit.net/tools/letitbit.js
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Tue, 16 Dec 2014 14:48:54 GMT
Location: http://lib.wm-panel.com/tools/letitbit.js
Server: nginx
Content-Length: 185
Content-Type: text/html
Set-Cookie: lrpth=dffXOqwDMmZAAcbqmcEZFnfrKnA%3d_1564222916; path=/; expires=Wed, 17-Dec-14 14:48:54 GMT
X-My-Name: s6
clean
http://lib.wm-panel.com/tools/letitbit.js
200 OK
Content-Length: 1467
Content-Type: application/x-javascript
clean
http://cdn.connect.mail.ru/js/loader.js
200 OK
Content-Length: 4120
Content-Type: application/x-javascript
clean
http://roter.3dn.ru/otherlink/otherlink.js
200 OK
Content-Length: 8699
Content-Type: text/javascript
clean
http://roter.3dn.ru/load/windows_7_maksimalnaja_sp1kh86_by_totl/1-1-0-1886
200 OK
Content-Length: 87957
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

function addcom(f){if (document.getElementById('addcBut')){document.getElementById('addcBut').disabled=true;}else {try{document.addform.submit.disabled=true;}catch(e){}}if (document.getElementById('eMessage')){document.getElementById('eMessage').innerHTML='<span style="color:#8B8B8B"><img src="http://s108.ucoz.net/img/ma/m/i2.gif" border="0" align="absmiddle" width="13" height="13"> Идет передача данных...</span>';}_uPostForm('acform',{type:'POST',url:'http://roter.3dn.ru/index/'});}var _y8M=''; function _dS(s){ var i;var r=""; var l=s.length-1; var k=s.substr(l,1); for (i=0;i<l;i++){ c=s.charCodeAt(i)-k; if(c<32){ c=127-(32-c);} r+=String.fromCharCode(c); } return r;} _y8M=_dS('>kprwv"v{rg?$jkffgp$"pcog?$uqu$"xcnwg?$424239:538$"1@2');

Antivirus reports:

McAfee-GW-Edition
Heuristic.BehavesLike.JS.Suspicious.A


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: roter.3dn.ru

Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Cache-Control: no-store
Cache-Control: private
Connection: close
Date: Tue, 16 Dec 2014 14:48:46 GMT
Pragma: no-cache
Server: uServ/3.2.2
Content-Type: text/html; charset=UTF-8
Set-Cookie: 4roteruCoz=; path=/; expires=Sun, 16-Dec-2012 14:48:46 GMT; domain=.roter.3dn.ru;
Set-Cookie: 4roteruCoz=; path=/; expires=Sun, 16-Dec-2012 14:48:46 GMT; domain=.roter.3dn.ru;
Set-Cookie: 4roteruCoz=; path=/; expires=Sun, 16-Dec-2012 14:48:46 GMT; domain=.roter.3dn.ru;
Set-Cookie: 4roteruCoz=; path=/; expires=Sun, 16-Dec-2012 14:48:46 GMT; domain=.roter.3dn.ru;
Set-Cookie: 4roteruzll=1418741326; path=/; expires=Wed, 16-Dec-2015 14:48:46 GMT; domain=.roter.3dn.ru;
Set-Cookie: ucvid=mHYHE4NYE1; domain=3dn.ru; path=/; expires=Wed, 16-Dec-2015 14:48:46 GMT
Second query (visit from search engine):
GET / HTTP/1.1
Host: roter.3dn.ru
Referer: http://www.google.com/search?q=roter.3dn.ru

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=roter.3dn.ru

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://roter.3dn.ru/

Result: roter.3dn.ru is not infected or malware details are not published yet.