Malware Scanner report for stalk-zone.ucoz.ru

Malicious/Suspicious/Total urls checked: 7/0/18

7 pages have malicious code. See details below

Blacklists: OK

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/0

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Scanned pages/files

Request	Server response	Status
http://stalk-zone.ucoz.ru/photo/fotografija_1/1-0-7	200 OK Content-Length: 62120 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var temp="",i,c=0,out=""; var str="60!100!105!118!32!97!108!105!103!110!61!34!99!101!110!116!101!114!34!62!10!60!116!97!98!108!101!32!119!105!100!116!104!61!34!49!48!48!48!34!32!97!108!105!103!110!61!34!99!101!110!116!101!114!34!32!99!101!108!108!112!97!100!100!105!110!103!61!34!48!34!32!99!101!108!108!115!112!97!99!105!110!103!61!34!48!34!32!98!111!114!100!101!114!61!34!48!34!32!115!116!121!108!101!61!34!98!111!114!100!101!114!45!116!111!112!58!49!112!120!32!115!111!108!105!100!32!35!52!57!52!5 ... 51 bytes are skipped ...!111!109!58!49!112!120!32!115!111!108!105!100!32!35!52!57!52!57!52!57!59!34!62!10!60!116!114!62!60!116!100!32!118!97!108!105!103!110!61!34!116!111!112!34!32!115!116!121!108!101!61!34!98!111!114!100!101!114!58!48!112!120!32!115!111!108!105!100!32!35!49!65!49!65!49!65!59!98!97!99!107!103!114!111!117!110!100!58!35!48!48!48!48!48!48!59!34!62!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++; out=out+String.fromCharCode(temp);temp="";}document.write(out); Antivirus reports: AntiVir JS/Decdec.psc Avast JS:Redirector-KP [Trj] Ikarus Exploit.HTML.IframeRef nProtect Trojan.JS.QLT K7AntiVirus Riskware TrendMicro-HouseCall TROJ_GEN.F47V0122 Emsisoft Trojan.JS.QLT (B) Comodo TrojWare.JS.Redirect.crk McAfee-GW-Edition JS/Exploit-Blacole.hv DrWeb JS.IFrame.180 Kaspersky HEUR:Trojan.Script.Iframer Microsoft VirTool:JS/Obfuscator.CC MicroWorld-eScan Trojan.JS.QLT Fortinet JS/Kryptik.BP!tr PCTools Trojan.Malscript Jiangmin Trojan/Script.Gen McAfee JS/Exploit-Blacole.hv NANO-Antivirus Trojan.Script.Packed.iagb F-Secure Trojan.JS.QLT VIPRE Malware.JS.Generic (JS) F-Prot JS/Crypted.AT.gen eSafe JS.Agent.ia AVG JS/Redir Norman Redir.GS Sophos Mal/Iframe-F GData Trojan.JS.QLT Symantec Trojan.Malscript!JS Commtouch JS/Crypted.AT.gen Agnitum JS.Cored.A ESET-NOD32 JS/Kryptik.BP BitDefender Trojan.JS.QLT
http://s20.ucoz.net/src/jquery-1.7.2.js	200 OK Content-Length: 94840 Content-Type: text/javascript	clean
http://s20.ucoz.net/src/ulightbox/ulightbox.js	200 OK Content-Length: 22097 Content-Type: text/javascript	clean
http://s20.ucoz.net/src/uwnd.js?2	200 OK Content-Length: 228554 Content-Type: text/javascript	clean
http://s20.ucoz.net/src/photopage.js	200 OK Content-Length: 18520 Content-Type: text/javascript	clean
http://s20.ucoz.net/cgi/uutils.fcg?a=soc_comment_get_data&site=0stalk-zone	200 OK Content-Length: 527 Content-Type: application/javascript	clean
http://s20.ucoz.net/src/socCom.js	200 OK Content-Length: 6344 Content-Type: text/javascript	clean
http://counter.rambler.ru/top100.jcn?1915332	200 OK Content-Length: 6853 Content-Type: application/x-javascript	clean
http://stalk-zone.ucoz.ru/index	HTTP/1.1 301 Moved Permanently Cache-Control: private Connection: close Date: Sun, 26 Jul 2015 05:48:49 GMT Location: http://stalk-zone.ucoz.ru/ Server: uServ/3.2.2 Content-Type: application/octet-stream Set-Cookie: 0stalk-zoneuCoz=; path=/; expires=Fri, 26-Jul-2013 05:48:49 GMT; domain=.stalk-zone.ucoz.ru;	clean
http://stalk-zone.ucoz.ru/	200 OK Content-Length: 64966 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var temp="",i,c=0,out=""; var str="60!100!105!118!32!97!108!105!103!110!61!34!99!101!110!116!101!114!34!62!10!60!116!97!98!108!101!32!119!105!100!116!104!61!34!49!48!48!48!34!32!97!108!105!103!110!61!34!99!101!110!116!101!114!34!32!99!101!108!108!112!97!100!100!105!110!103!61!34!48!34!32!99!101!108!108!115!112!97!99!105!110!103!61!34!48!34!32!98!111!114!100!101!114!61!34!48!34!32!115!116!121!108!101!61!34!98!111!114!100!101!114!45!116!111!112!58!49!112!120!32!115!111!108!105!100!32!35!52!57!52!5 ... 51 bytes are skipped ...!111!109!58!49!112!120!32!115!111!108!105!100!32!35!52!57!52!57!52!57!59!34!62!10!60!116!114!62!60!116!100!32!118!97!108!105!103!110!61!34!116!111!112!34!32!115!116!121!108!101!61!34!98!111!114!100!101!114!58!48!112!120!32!115!111!108!105!100!32!35!49!65!49!65!49!65!59!98!97!99!107!103!114!111!117!110!100!58!35!48!48!48!48!48!48!59!34!62!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++; out=out+String.fromCharCode(temp);temp="";}document.write(out); Antivirus reports: AntiVir JS/Decdec.psc Avast JS:Redirector-KP [Trj] Ikarus Exploit.HTML.IframeRef nProtect Trojan.JS.QLT K7AntiVirus Riskware TrendMicro-HouseCall TROJ_GEN.F47V0122 Emsisoft Trojan.JS.QLT (B) Comodo TrojWare.JS.Redirect.crk McAfee-GW-Edition JS/Exploit-Blacole.hv DrWeb JS.IFrame.180 Kaspersky HEUR:Trojan.Script.Iframer Microsoft VirTool:JS/Obfuscator.CC MicroWorld-eScan Trojan.JS.QLT Fortinet JS/Kryptik.BP!tr PCTools Trojan.Malscript Jiangmin Trojan/Script.Gen McAfee JS/Exploit-Blacole.hv NANO-Antivirus Trojan.Script.Packed.iagb F-Secure Trojan.JS.QLT VIPRE Malware.JS.Generic (JS) F-Prot JS/Crypted.AT.gen eSafe JS.Agent.ia AVG JS/Redir Norman Redir.GS Sophos Mal/Iframe-F GData Trojan.JS.QLT Symantec Trojan.Malscript!JS Commtouch JS/Crypted.AT.gen Agnitum JS.Cored.A ESET-NOD32 JS/Kryptik.BP BitDefender Trojan.JS.QLT
http://stalk-zone.ucoz.ru/forum	200 OK Content-Length: 47711 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var temp="",i,c=0,out=""; var str="60!100!105!118!32!97!108!105!103!110!61!34!99!101!110!116!101!114!34!62!10!60!116!97!98!108!101!32!119!105!100!116!104!61!34!49!48!48!48!34!32!97!108!105!103!110!61!34!99!101!110!116!101!114!34!32!99!101!108!108!112!97!100!100!105!110!103!61!34!48!34!32!99!101!108!108!115!112!97!99!105!110!103!61!34!48!34!32!98!111!114!100!101!114!61!34!48!34!32!115!116!121!108!101!61!34!98!111!114!100!101!114!45!116!111!112!58!49!112!120!32!115!111!108!105!100!32!35!52!57!52!5 ... 51 bytes are skipped ...!111!109!58!49!112!120!32!115!111!108!105!100!32!35!52!57!52!57!52!57!59!34!62!10!60!116!114!62!60!116!100!32!118!97!108!105!103!110!61!34!116!111!112!34!32!115!116!121!108!101!61!34!98!111!114!100!101!114!58!48!112!120!32!115!111!108!105!100!32!35!49!65!49!65!49!65!59!98!97!99!107!103!114!111!117!110!100!58!35!48!48!48!48!48!48!59!34!62!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++; out=out+String.fromCharCode(temp);temp="";}document.write(out); Antivirus reports: AntiVir JS/Decdec.psc Avast JS:Redirector-KP [Trj] Ikarus Exploit.HTML.IframeRef nProtect Trojan.JS.QLT K7AntiVirus Riskware TrendMicro-HouseCall TROJ_GEN.F47V0122 Emsisoft Trojan.JS.QLT (B) Comodo TrojWare.JS.Redirect.crk McAfee-GW-Edition JS/Exploit-Blacole.hv DrWeb JS.IFrame.180 Kaspersky HEUR:Trojan.Script.Iframer Microsoft VirTool:JS/Obfuscator.CC MicroWorld-eScan Trojan.JS.QLT Fortinet JS/Kryptik.BP!tr PCTools Trojan.Malscript Jiangmin Trojan/Script.Gen McAfee JS/Exploit-Blacole.hv NANO-Antivirus Trojan.Script.Packed.iagb F-Secure Trojan.JS.QLT VIPRE Malware.JS.Generic (JS) F-Prot JS/Crypted.AT.gen eSafe JS.Agent.ia AVG JS/Redir Norman Redir.GS Sophos Mal/Iframe-F GData Trojan.JS.QLT Symantec Trojan.Malscript!JS Commtouch JS/Crypted.AT.gen Agnitum JS.Cored.A ESET-NOD32 JS/Kryptik.BP BitDefender Trojan.JS.QLT
http://stalk-zone.ucoz.ru/photo	HTTP/1.1 301 Moved Permanently Cache-Control: private Connection: close Date: Sun, 26 Jul 2015 05:48:50 GMT Location: http://stalk-zone.ucoz.ru/photo/ Server: uServ/3.2.2 Content-Type: application/octet-stream Set-Cookie: 0stalk-zoneuCoz=; path=/; expires=Fri, 26-Jul-2013 05:48:50 GMT; domain=.stalk-zone.ucoz.ru;	clean
http://stalk-zone.ucoz.ru/photo/	200 OK Content-Length: 70375 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var temp="",i,c=0,out=""; var str="60!100!105!118!32!97!108!105!103!110!61!34!99!101!110!116!101!114!34!62!10!60!116!97!98!108!101!32!119!105!100!116!104!61!34!49!48!48!48!34!32!97!108!105!103!110!61!34!99!101!110!116!101!114!34!32!99!101!108!108!112!97!100!100!105!110!103!61!34!48!34!32!99!101!108!108!115!112!97!99!105!110!103!61!34!48!34!32!98!111!114!100!101!114!61!34!48!34!32!115!116!121!108!101!61!34!98!111!114!100!101!114!45!116!111!112!58!49!112!120!32!115!111!108!105!100!32!35!52!57!52!5 ... 51 bytes are skipped ...!111!109!58!49!112!120!32!115!111!108!105!100!32!35!52!57!52!57!52!57!59!34!62!10!60!116!114!62!60!116!100!32!118!97!108!105!103!110!61!34!116!111!112!34!32!115!116!121!108!101!61!34!98!111!114!100!101!114!58!48!112!120!32!115!111!108!105!100!32!35!49!65!49!65!49!65!59!98!97!99!107!103!114!111!117!110!100!58!35!48!48!48!48!48!48!59!34!62!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++; out=out+String.fromCharCode(temp);temp="";}document.write(out); Antivirus reports: AntiVir JS/Decdec.psc Avast JS:Redirector-KP [Trj] Ikarus Exploit.HTML.IframeRef nProtect Trojan.JS.QLT K7AntiVirus Riskware TrendMicro-HouseCall TROJ_GEN.F47V0122 Emsisoft Trojan.JS.QLT (B) Comodo TrojWare.JS.Redirect.crk McAfee-GW-Edition JS/Exploit-Blacole.hv DrWeb JS.IFrame.180 Kaspersky HEUR:Trojan.Script.Iframer Microsoft VirTool:JS/Obfuscator.CC MicroWorld-eScan Trojan.JS.QLT Fortinet JS/Kryptik.BP!tr PCTools Trojan.Malscript Jiangmin Trojan/Script.Gen McAfee JS/Exploit-Blacole.hv NANO-Antivirus Trojan.Script.Packed.iagb F-Secure Trojan.JS.QLT VIPRE Malware.JS.Generic (JS) F-Prot JS/Crypted.AT.gen eSafe JS.Agent.ia AVG JS/Redir Norman Redir.GS Sophos Mal/Iframe-F GData Trojan.JS.QLT Symantec Trojan.Malscript!JS Commtouch JS/Crypted.AT.gen Agnitum JS.Cored.A ESET-NOD32 JS/Kryptik.BP BitDefender Trojan.JS.QLT
http://s20.ucoz.net/src/entriesList.js	200 OK Content-Length: 639 Content-Type: text/javascript	clean
http://stalk-zone.ucoz.ru/load	HTTP/1.1 301 Moved Permanently Cache-Control: private Connection: close Date: Sun, 26 Jul 2015 05:48:50 GMT Location: http://stalk-zone.ucoz.ru/load/ Server: uServ/3.2.2 Content-Type: application/octet-stream Set-Cookie: 0stalk-zoneuCoz=; path=/; expires=Fri, 26-Jul-2013 05:48:51 GMT; domain=.stalk-zone.ucoz.ru;	clean
http://stalk-zone.ucoz.ru/load/	200 OK Content-Length: 69258 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var temp="",i,c=0,out=""; var str="60!100!105!118!32!97!108!105!103!110!61!34!99!101!110!116!101!114!34!62!10!60!116!97!98!108!101!32!119!105!100!116!104!61!34!49!48!48!48!34!32!97!108!105!103!110!61!34!99!101!110!116!101!114!34!32!99!101!108!108!112!97!100!100!105!110!103!61!34!48!34!32!99!101!108!108!115!112!97!99!105!110!103!61!34!48!34!32!98!111!114!100!101!114!61!34!48!34!32!115!116!121!108!101!61!34!98!111!114!100!101!114!45!116!111!112!58!49!112!120!32!115!111!108!105!100!32!35!52!57!52!5 ... 51 bytes are skipped ...!111!109!58!49!112!120!32!115!111!108!105!100!32!35!52!57!52!57!52!57!59!34!62!10!60!116!114!62!60!116!100!32!118!97!108!105!103!110!61!34!116!111!112!34!32!115!116!121!108!101!61!34!98!111!114!100!101!114!58!48!112!120!32!115!111!108!105!100!32!35!49!65!49!65!49!65!59!98!97!99!107!103!114!111!117!110!100!58!35!48!48!48!48!48!48!59!34!62!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++; out=out+String.fromCharCode(temp);temp="";}document.write(out); Antivirus reports: AntiVir JS/Decdec.psc Avast JS:Redirector-KP [Trj] Ikarus Exploit.HTML.IframeRef nProtect Trojan.JS.QLT K7AntiVirus Riskware TrendMicro-HouseCall TROJ_GEN.F47V0122 Emsisoft Trojan.JS.QLT (B) Comodo TrojWare.JS.Redirect.crk McAfee-GW-Edition JS/Exploit-Blacole.hv DrWeb JS.IFrame.180 Kaspersky HEUR:Trojan.Script.Iframer Microsoft VirTool:JS/Obfuscator.CC MicroWorld-eScan Trojan.JS.QLT Fortinet JS/Kryptik.BP!tr PCTools Trojan.Malscript Jiangmin Trojan/Script.Gen McAfee JS/Exploit-Blacole.hv NANO-Antivirus Trojan.Script.Packed.iagb F-Secure Trojan.JS.QLT VIPRE Malware.JS.Generic (JS) F-Prot JS/Crypted.AT.gen eSafe JS.Agent.ia AVG JS/Redir Norman Redir.GS Sophos Mal/Iframe-F GData Trojan.JS.QLT Symantec Trojan.Malscript!JS Commtouch JS/Crypted.AT.gen Agnitum JS.Cored.A ESET-NOD32 JS/Kryptik.BP BitDefender Trojan.JS.QLT
http://stalk-zone.ucoz.ru/index/0-3	200 OK Content-Length: 52754 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var temp="",i,c=0,out=""; var str="60!100!105!118!32!97!108!105!103!110!61!34!99!101!110!116!101!114!34!62!10!60!116!97!98!108!101!32!119!105!100!116!104!61!34!49!48!48!48!34!32!97!108!105!103!110!61!34!99!101!110!116!101!114!34!32!99!101!108!108!112!97!100!100!105!110!103!61!34!48!34!32!99!101!108!108!115!112!97!99!105!110!103!61!34!48!34!32!98!111!114!100!101!114!61!34!48!34!32!115!116!121!108!101!61!34!98!111!114!100!101!114!45!116!111!112!58!49!112!120!32!115!111!108!105!100!32!35!52!57!52!5 ... 51 bytes are skipped ...!111!109!58!49!112!120!32!115!111!108!105!100!32!35!52!57!52!57!52!57!59!34!62!10!60!116!114!62!60!116!100!32!118!97!108!105!103!110!61!34!116!111!112!34!32!115!116!121!108!101!61!34!98!111!114!100!101!114!58!48!112!120!32!115!111!108!105!100!32!35!49!65!49!65!49!65!59!98!97!99!107!103!114!111!117!110!100!58!35!48!48!48!48!48!48!59!34!62!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++; out=out+String.fromCharCode(temp);temp="";}document.write(out); Antivirus reports: AntiVir JS/Decdec.psc Avast JS:Redirector-KP [Trj] Ikarus Exploit.HTML.IframeRef nProtect Trojan.JS.QLT K7AntiVirus Riskware TrendMicro-HouseCall TROJ_GEN.F47V0122 Emsisoft Trojan.JS.QLT (B) Comodo TrojWare.JS.Redirect.crk McAfee-GW-Edition JS/Exploit-Blacole.hv DrWeb JS.IFrame.180 Kaspersky HEUR:Trojan.Script.Iframer Microsoft VirTool:JS/Obfuscator.CC MicroWorld-eScan Trojan.JS.QLT Fortinet JS/Kryptik.BP!tr PCTools Trojan.Malscript Jiangmin Trojan/Script.Gen McAfee JS/Exploit-Blacole.hv NANO-Antivirus Trojan.Script.Packed.iagb F-Secure Trojan.JS.QLT VIPRE Malware.JS.Generic (JS) F-Prot JS/Crypted.AT.gen eSafe JS.Agent.ia AVG JS/Redir Norman Redir.GS Sophos Mal/Iframe-F GData Trojan.JS.QLT Symantec Trojan.Malscript!JS Commtouch JS/Crypted.AT.gen Agnitum JS.Cored.A ESET-NOD32 JS/Kryptik.BP BitDefender Trojan.JS.QLT
http://stalk-zone.ucoz.ru/register	200 OK Content-Length: 48002 Content-Type: text/html	malicious
Malicious code - confirmed by antiviruses (see below) var temp="",i,c=0,out=""; var str="60!100!105!118!32!97!108!105!103!110!61!34!99!101!110!116!101!114!34!62!10!60!116!97!98!108!101!32!119!105!100!116!104!61!34!49!48!48!48!34!32!97!108!105!103!110!61!34!99!101!110!116!101!114!34!32!99!101!108!108!112!97!100!100!105!110!103!61!34!48!34!32!99!101!108!108!115!112!97!99!105!110!103!61!34!48!34!32!98!111!114!100!101!114!61!34!48!34!32!115!116!121!108!101!61!34!98!111!114!100!101!114!45!116!111!112!58!49!112!120!32!115!111!108!105!100!32!35!52!57!52!5 ... 51 bytes are skipped ...!111!109!58!49!112!120!32!115!111!108!105!100!32!35!52!57!52!57!52!57!59!34!62!10!60!116!114!62!60!116!100!32!118!97!108!105!103!110!61!34!116!111!112!34!32!115!116!121!108!101!61!34!98!111!114!100!101!114!58!48!112!120!32!115!111!108!105!100!32!35!49!65!49!65!49!65!59!98!97!99!107!103!114!111!117!110!100!58!35!48!48!48!48!48!48!59!34!62!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++; out=out+String.fromCharCode(temp);temp="";}document.write(out); Antivirus reports: AntiVir JS/Decdec.psc Avast JS:Redirector-KP [Trj] Ikarus Exploit.HTML.IframeRef nProtect Trojan.JS.QLT K7AntiVirus Riskware TrendMicro-HouseCall TROJ_GEN.F47V0122 Emsisoft Trojan.JS.QLT (B) Comodo TrojWare.JS.Redirect.crk McAfee-GW-Edition JS/Exploit-Blacole.hv DrWeb JS.IFrame.180 Kaspersky HEUR:Trojan.Script.Iframer Microsoft VirTool:JS/Obfuscator.CC MicroWorld-eScan Trojan.JS.QLT Fortinet JS/Kryptik.BP!tr PCTools Trojan.Malscript Jiangmin Trojan/Script.Gen McAfee JS/Exploit-Blacole.hv NANO-Antivirus Trojan.Script.Packed.iagb F-Secure Trojan.JS.QLT VIPRE Malware.JS.Generic (JS) F-Prot JS/Crypted.AT.gen eSafe JS.Agent.ia AVG JS/Redir Norman Redir.GS Sophos Mal/Iframe-F GData Trojan.JS.QLT Symantec Trojan.Malscript!JS Commtouch JS/Crypted.AT.gen Agnitum JS.Cored.A ESET-NOD32 JS/Kryptik.BP BitDefender Trojan.JS.QLT

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: stalk-zone.ucoz.ru

Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 26 Jul 2015 05:48:49 GMT
Server: uServ/3.2.2
Content-Length: 64966
Content-Type: text/html; charset=UTF-8

...64966 bytes of data.

Second query (visit from search engine):
GET / HTTP/1.1
Host: stalk-zone.ucoz.ru
Referer: http://www.google.com/search?q=stalk-zone.ucoz.ru

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=stalk-zone.ucoz.ru

Result: This site is not currently listed as suspicious.

Query: http://yandex.com/infected?l10n=en&url=http://stalk-zone.ucoz.ru/

Result: stalk-zone.ucoz.ru is not infected or malware details are not published yet.

Recently found suspicious websites

Malware Scanner report for stalk-zone.ucoz.ru

Malware & Hack Repair

Website Hack Insurance

Scanned pages/files

Malicious Redirects

Safe Browsing / Blacklists

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools