New scan:

Malware Scanner report for belgorod.com.ua

Malicious/Suspicious/Total urls checked
2/2/17
4 pages have malicious or suspicious code. See details below
Blacklists
OK
Malicious Redirects
Found
The website redirects visitors to the 3rd-party URL:
->http://belgorod.zatoka-ua.com/
belgorod.zatoka-ua.com is marked by Yandex as malicious.

The website "belgorod.com.ua" is most probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here is our redirects fixing guide.
Malicious/Hidden/Total iFrames
0/0/20
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: claralucia-sarmiento.com

Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: claralucia-sarmiento.com
Referer: http://www.google.com/search?q=claralucia-sarmiento.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Scanned pages/files

RequestServer responseStatus
http://belgorod.com.ua/
HTTP/1.1 302 Found
Connection: close
Date: Wed, 23 Apr 2014 19:06:11 GMT
Location: http://belgorod.zatoka-ua.com/
Server: nginx admin
Content-Length: 214
Content-Type: text/html; charset=iso-8859-1
X-Cache: HIT from Backend
malicious
http://belgorod.zatoka-ua.com/
200 OK
Content-Length: 44286
Content-Type: text/html
suspicious
Page code contains blacklisted domain: odessa.kurorts.com

...[3541 bytes skipped]...
r._setDomainName(".zatoka-ua.com");
pageTracker._trackPageview();
} catch(err) {}</script>
</head>
<body>
<div class="upper"><div class="roller"><a href="#top"><img src="http://zatoka-ua.com/tpl/images/top.jpg" alt="" /></a></div></div>

<div id="container">
<div id="label_for_portals">
<a href="http://odessa.kurorts.com" target="_blank" id="odessa_tab"></a>
<a href="http://karpaty.kurorts.com" target="_blank" id="karpaty_tab"></a>
<a href="http://kiev.kurorts.com/" target="_blank" id="kiev_tab"></a>
</div>
<div class="top_banner">
<center>
<table cellpadding="0" cellspacing="0" width="100%"><tr>
<td><!--/* OpenX iFrame Tag v2.8.7 */-->
<!--/*
* This tag
...[47132 bytes skipped]...

http://zatoka-ua.com/tpl/scripts/jquery-1.4.2.min.js
200 OK
Content-Length: 72328
Content-Type: application/javascript
clean
http://zatoka-ua.com/tpl/scripts/jquery.validationEngine-ru.js
200 OK
Content-Length: 2800
Content-Type: application/javascript
clean
http://zatoka-ua.com/tpl/scripts/jquery.validationEngine.js
200 OK
Content-Length: 26724
Content-Type: application/javascript
clean
http://zatoka-ua.com/tpl/scripts/jquery.fancybox-1.3.4.pack.js
200 OK
Content-Length: 15669
Content-Type: application/javascript
clean
http://zatoka-ua.com/js/flowplayer-3.1.4.min.js
200 OK
Content-Length: 15960
Content-Type: application/javascript
clean
http://zatoka-ua.com/tpl/scripts/base.js
200 OK
Content-Length: 6120
Content-Type: application/javascript
clean
http://ulogin.ru/js/ulogin.js
200 OK
Content-Length: 34388
Content-Type: application/x-javascript
clean
http://informer.gismeteo.ru/flash/fcode.js
200 OK
Content-Length: 637
Content-Type: application/x-javascript
clean
http://userapi.com/js/api/openapi.js?49
200 OK
Content-Length: 63942
Content-Type: application/x-javascript
clean
http://belgorod.com.ua//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit/
HTTP/1.1 302 Found
Connection: close
Date: Wed, 23 Apr 2014 19:06:17 GMT
Location: http://belgorod.zatoka-ua.com/translate.google.com/translate_a/element.js?cb=googleTranslateElementInit/
Server: nginx admin
Content-Length: 288
Content-Type: text/html; charset=iso-8859-1
malicious
http://belgorod.zatoka-ua.com/translate.google.com/translate_a/element.js?cb=googletranslateelementinit/
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 23 Apr 2014 19:06:18 GMT
Pragma: no-cache
Location: http://zatoka-ua.com
Server: nginx admin
Content-Length: 0
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=f61e494c153445d9d014c8ae49e243f8; expires=Fri, 23-May-2014 19:06:17 GMT; path=/; domain=.zatoka-ua.com
Set-Cookie: portal=new; expires=Fri, 24-Apr-2015 03:26:17 GMT; path=/; domain=.zatoka-ua.com
X-Powered-By: PHP/5.3.28
clean
http://zatoka-ua.com/
200 OK
Content-Length: 64962
Content-Type: text/html
suspicious
Page code contains blacklisted domain: odessa.kurorts.com

...[3215 bytes skipped]...
r._setDomainName(".zatoka-ua.com");
pageTracker._trackPageview();
} catch(err) {}</script>
</head>
<body>
<div class="upper"><div class="roller"><a href="#top"><img src="http://zatoka-ua.com/tpl/images/top.jpg" alt="" /></a></div></div>

<div id="container">
<div id="label_for_portals">
<a href="http://odessa.kurorts.com" target="_blank" id="odessa_tab"></a>
<a href="http://karpaty.kurorts.com" target="_blank" id="karpaty_tab"></a>
<a href="http://kiev.kurorts.com/" target="_blank" id="kiev_tab"></a>
</div>
<div class="top_banner">
<center>
<table cellpadding="0" cellspacing="0" width="100%"><tr>
<td><!--/* OpenX iFrame Tag v2.8.7 */-->
<!--/*
* This tag
...[71064 bytes skipped]...

http://zatoka-ua.com//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit/
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 23 Apr 2014 19:06:20 GMT
Pragma: no-cache
Location: http://zatoka-ua.com
Server: nginx admin
Content-Length: 0
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=ef4b51556f2d04efe1b2234e6594e6cc; expires=Fri, 23-May-2014 19:06:20 GMT; path=/; domain=.zatoka-ua.com
Set-Cookie: portal=main; expires=Fri, 24-Apr-2015 03:26:20 GMT; path=/; domain=.zatoka-ua.com
X-Powered-By: PHP/5.3.28
clean
http://zatoka-ua.com/test404page.js
HTTP/1.1 301 Moved Permanently
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 23 Apr 2014 19:06:21 GMT
Pragma: no-cache
Location: http://zatoka-ua.com
Server: nginx admin
Content-Length: 0
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=de18e63aa3697be89c6f74cdddbf374e; expires=Fri, 23-May-2014 19:06:20 GMT; path=/; domain=.zatoka-ua.com
Set-Cookie: portal=main; expires=Fri, 24-Apr-2015 03:26:20 GMT; path=/; domain=.zatoka-ua.com
X-Powered-By: PHP/5.3.28
clean
http://userapi.com/js/api/openapi.js?45
200 OK
Content-Length: 63942
Content-Type: application/x-javascript
clean

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=belgorod.com.ua

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://belgorod.com.ua/

Result: belgorod.com.ua is not infected or malware details are not published yet.