Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=avtotrans.net
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://avtotrans.net/ | 200 OK Content-Length: 29522 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js | 200 OK Content-Length: 57254 Content-Type: text/javascript | clean |
http://avtotrans.net/js/func_other.js | 200 OK Content-Length: 4692 Content-Type: application/javascript | clean |
http://avtotrans.net/js/func_add_car_gruz.js | 200 OK Content-Length: 9912 Content-Type: application/javascript | clean |
http://avtotrans.net/js/ui/ui/ui.datepicker.js | 200 OK Content-Length: 69877 Content-Type: application/javascript | clean |
http://avtotrans.net/js/ui/ui/i18n/ui.datepicker-ru.js | 200 OK Content-Length: 929 Content-Type: application/javascript | clean |
http://focus.ua/informers.hnd?cnt=10&c=0&e=2&ni=1 | 404 Not Found Content-Length: 13700 Content-Type: text/html | clean |
http://focus.ua/js/jquery-1.9.1.min.js | 200 OK Content-Length: 92593 Content-Type: text/javascript | clean |
http://focus.ua/js/jquery.jcarousel.min.js | 200 OK Content-Length: 17461 Content-Type: text/javascript | clean |
http://focus.ua/js/jquery.history.js | 200 OK Content-Length: 22928 Content-Type: text/javascript | clean |
http://focus.ua/js/jquery-scrolltofixed.js | 200 OK Content-Length: 20865 Content-Type: text/javascript | clean |
http://focus.ua/js/js.js | 200 OK Content-Length: 24927 Content-Type: text/javascript | clean |
http://i.holder.com.ua/t/holder.js | 200 OK Content-Length: 6167 Content-Type: application/x-javascript | clean |
http://i.mediatraffic.com.ua/js/uho/mt20.js | 200 OK Content-Length: 8910 Content-Type: application/x-javascript | clean |
http://focus.ua/articles/ | 200 OK Content-Length: 45151 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. (function(){ var D=new Date(),d=document,b='body',ce='createElement',ac='appendChild',st='style',ds='display',n='none',gi='getElementById'; var i=d[ce]('iframe');i[st][ds]=n;d[gi]("MarketGidScriptRootN14108")[ac](i);try{var iw=i.contentWindow.document;iw.open();iw.writeln("<ht"+"ml><bo"+"dy></bo"+"dy></ht"+"ml>");iw.close();var c=iw[b];} catch(e){var iw=d;var c=d[gi]("MarketGidScriptRootN14108");}var dv=iw[ce]('div');dv.id="MG_ID";dv[st][ds]=n;dv.innerHTML=14108;c[ac](dv); var s=iw[ce]('script');s.async='async';s.defer='defer';s.charset='utf-8';s.src="//jsn.marketgid.com/f/o/focus.ua.14108.js?t="+D.getYear()+D.getMonth()+D.getDate()+D.getHours();c[ac](s);})(); |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: avtotrans.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 28 Jan 2015 07:02:27 GMT
Server: nginx admin
Vary: Accept-Encoding
Content-Type: text/html
X-Cache: HIT from Backend
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: avtotrans.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 28 Jan 2015 07:02:27 GMT
Server: nginx admin
Vary: Accept-Encoding
Content-Type: text/html
X-Cache: HIT from Backend
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: avtotrans.net
Referer: http://www.google.com/search?q=avtotrans.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: avtotrans.net
Referer: http://www.google.com/search?q=avtotrans.net
Result:
The result is similar to the first query. There are no suspicious redirects found.