New scan:

Malware Scanner report for 78site.ru

Malicious/Suspicious/Total urls checked
0/0/17
Blacklists
OK
Malicious redirects
Found
The website redirects visitors from search engines to the 3rd-party URL. The chain of malicious redirects found:
->http://bitly.com/sttmln
303 websites infected.
->http://goo.gl/0rxysb
3265 websites infected.
->http://sh.oowoo.ru/redsh.php
78 websites infected.
->http://hotzone2nn.com/sexgospital/?sid=269188418

->http://hotzonepqnn.info/sexgospital?sid=269188418


The website "78site.ru" is most probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here is our redirects fixing guide.
Malicious/Hidden/Total iFrames
0/0/1
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Malicious/Suspicious Redirects

RequestServer responseStatus
URL: http://www.78site.ru/
(imitation of visitor from search engine)

GET / HTTP/1.1
Host: www.78site.ru
Referer: http://www.google.com/search?q=redirect+check1
HTTP/1.1 302 Found
Connection: close
Date: Sun, 31 Aug 2014 00:38:17 GMT
Location: http://bitly.com/STTMlN
Server: Apache
Content-Length: 207
Content-Type: text/html; charset=iso-8859-1
malicious
URL: http://bitly.com/STTMlN
(imitation of visitor from search engine)

GET /STTMlN HTTP/1.1
Host: bitly.com
Referer: http://www.google.com/search?q=redirect+check2
HTTP/1.1 301 Moved Permanently
Cache-Control: private; max-age=90
Connection: close
Date: Sun, 31 Aug 2014 00:38:20 GMT
Location: http://goo.gl/0rXySb
Server: nginx
Content-Length: 112
Content-Type: text/html; charset=utf-8
Mime-Version: 1.0
Set-Cookie: _bit=54026e7c-00292-0097b-3b1cf10a;domain=.bitly.com;expires=Fri Feb 27 00:38:20 2015;path=/; HttpOnly
malicious
URL: http://goo.gl/0rXySb
(imitation of visitor from search engine)

GET /0rXySb HTTP/1.1
Host: goo.gl
Referer: http://www.google.com/search?q=redirect+check3
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: close
Date: Sun, 31 Aug 2014 00:38:20 GMT
Pragma: no-cache
Location: http://sh.oowoo.ru/redsh.php
Server: GSE
Content-Type: text/html; charset=UTF-8
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Alternate-Protocol: 80:quic
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
malicious
URL: http://sh.oowoo.ru/redsh.php
(imitation of visitor from search engine)

GET /redsh.php HTTP/1.1
Host: sh.oowoo.ru
Referer: http://www.google.com/search?q=redirect+check4
HTTP/1.1 302 Found
Connection: close
Date: Sun, 31 Aug 2014 00:37:12 GMT
Location: http://hotzone2nn.com/sexgospital/?sid=269188418
Server: nginx/1.0.15
Content-Length: 0
Content-Type: text/html; charset=CP1251
X-Powered-By: PHP/5.2.17
suspicious
URL: http://hotzone2nn.com/sexgospital/?sid=269188418
(imitation of visitor from search engine)

GET /sexgospital/?sid=269188418 HTTP/1.1
Host: hotzone2nn.com
Referer: http://www.google.com/search?q=redirect+check5
HTTP/1.1 302 Found
Cache-Control: max-age=259200
Connection: close
Date: Sun, 31 Aug 2014 00:38:21 GMT
Pragma: no-cache
Location: http://hotzonepqnn.info/sexgospital?sid=269188418
Server: nginx/1.0.14
Content-Length: 0
Content-Type: text/html; charset=utf-8
Expires: Wed, 03 Sep 2014 00:38:21 GMT
Set-Cookie: PHPSESSID=0q5fs7e6g0vre0p7aguf3btfs7; path=/
X-Powered-By: PHP/5.3.10
suspicious

Scanned pages/files

RequestServer responseStatus
http://www.78site.ru/
500 timeout
Content-Length: 30
Content-Type: text/plain
clean
http://www.78site.ru/test404page.js
HTTP/1.1 302 Found
Connection: close
Date: Sun, 31 Aug 2014 00:38:23 GMT
Location: http://bitly.com/STTMlN
Server: Apache
Content-Length: 207
Content-Type: text/html; charset=iso-8859-1
clean
http://bitly.com/sttmln
HTTP/1.1 301 Moved Permanently
Cache-Control: private; max-age=90
Connection: close
Date: Sun, 31 Aug 2014 00:38:25 GMT
Location: http://www.22b.net/
Server: nginx
Content-Length: 111
Content-Type: text/html; charset=utf-8
Mime-Version: 1.0
Set-Cookie: _bit=54026e81-00363-00983-3b1cf10a;domain=.bitly.com;expires=Fri Feb 27 00:38:25 2015;path=/; HttpOnly
clean
http://www.22b.net/
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=900
Connection: close
Date: Sun, 31 Aug 2014 00:38:25 GMT
Age: 1
Location: http://august13.com
Server: Microsoft-IIS/7.5
Content-Length: 0
Content-Type: text/html
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
clean
http://august13.com/
HTTP/1.1 301 Moved Permanently
Cache-Control: max-age=900
Connection: close
Date: Sun, 31 Aug 2014 00:38:26 GMT
Age: 0
Location: http://www.june26.com
Server: Microsoft-IIS/7.5
Content-Length: 0
Content-Type: text/html
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
clean
http://www.june26.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 31 Aug 2014 00:38:26 GMT
Location: http://june26.com/
Server: Microsoft-IIS/8.0
Content-Length: 141
Content-Type: text/html; charset=UTF-8
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
clean
http://june26.com/
200 OK
Content-Length: 40277
Content-Type: text/html
clean
https://apis.google.com/js/plusone.js
200 OK
Content-Length: 12388
Content-Type: application/javascript
clean
http://pagead2.googlesyndication.com/pagead/show_ads.js
200 OK
Content-Length: 21259
Content-Type: text/javascript
clean
http://www.google.com/coop/cse/brand?form=searchbox_018151311854596026525%3Aim7ixqvhtbg
200 OK
Content-Length: 2561
Content-Type: text/javascript
clean
http://www.78site.ru//www.blogger.com/static/v1/widgets/3274410642-widgets.js/
HTTP/1.1 302 Found
Connection: close
Date: Sun, 31 Aug 2014 00:38:28 GMT
Location: http://bitly.com/STTMlN
Server: Apache
Content-Length: 207
Content-Type: text/html; charset=iso-8859-1
clean
http://bitly.com/test404page.js
HTTP/1.1 302 Found
Connection: close
Date: Sun, 31 Aug 2014 00:38:30 GMT
Location: https://bitly.com/test404page.js
Server: nginx
Content-Length: 0
Content-Type: text/html; charset=UTF-8
clean
https://bitly.com/test404page.js
404 Not Found
Content-Length: 9227
Content-Type: text/html
clean
https://bitly.com/
200 OK
Content-Length: 12611
Content-Type: text/html
clean
https://bitly.com//ajax.googleapis.com/ajax/libs/jquery/1.6.4/jquery.min.js/
404 Not Found
Content-Length: 9227
Content-Type: text/html
clean
https://bitly.com//d3h5jhobc20ump.cloudfront.net/f85dc948f620c661e54d9a77081899c7.js/
404 Not Found
Content-Length: 9227
Content-Type: text/html
clean
https://bitly.com//dl6fh5ptkejqa.cloudfront.net/dccb7a49d1fad39fc5596bdb43937d91.js/
404 Not Found
Content-Length: 9227
Content-Type: text/html
clean

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=78site.ru

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://78site.ru/

Result: 78site.ru is not infected or malware details are not published yet.