New scan:

Malware Scanner report for fitboll.ru

Malicious/Suspicious/Total urls checked
0/4/17
4 pages have suspicious code. See details below
Blacklists
Found
The website is marked by Yandex as suspicious.

The website "fitboll.ru" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/1
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=fitboll.ru

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://fitboll.ru/

Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://fitboll.ru/
200 OK
Content-Length: 15622
Content-Type: text/html
clean
http://fitboll.ru/plugins/system/JCH_Optimize/jscss.php?f=77dac5b826e5c72ebddf40997df97ccd&type=js
200 OK
Content-Length: 7449
Content-Type: text/javascript
clean
http://shop.goodbody.ru/banner/windows-1251/charset.js
HTTP/1.1 302 Found
Connection: close
Date: Sun, 24 Aug 2014 02:34:26 GMT
Location: ../_api_1.js
Server: Apache/2.2.3 (CentOS)
Content-Length: 0
Content-Type: application/x-javascript; charset=windows-1251
X-Powered-By: PHP/5.2.10
clean
http://shop.goodbody.ru/banner/windows-1251/../_api_1.js
200 OK
Content-Length: 93175
Content-Type: application/x-javascript
clean
http://shop.goodbody.ru/banner/blocks2.beta.js?ps_pid=8458042&ps_blockid=76298&ps_cols=1&ps_rows=10&ps_cat=&ps_partn=&ps_feed_type=all&ps_feed_search=фитбол, фитболл, мяч, гимнастический, шар, болл&ps_embed=0&ps_stretch=1&ps_tmpl=1&ps_rand=1&ps_charset=utf8&ps_reflink=0&ps_use_title=1&ps_colorFont=000000&ps_colorBackground=FFFFFF&ps_colorBorder=f0f0f0&ps_showPi <span>...87 symbols skipped</span>
200 OK
Content-Length: 1716
Content-Type: application/x-javascript
clean
http://www.goodbody.ru/banner/windows-1251/charset.js
200 OK
Content-Length: 8338
Content-Type: text/html
clean
http://www.goodbody.ru/test404page.js
HTTP/1.1 302 Found
Connection: close
Date: Sun, 24 Aug 2014 02:34:33 GMT
Location: http://www.goodbody.ru/index.php?Content=472&Data=015&menu=1
Server: Apache/2.2.15 (CentOS)
Content-Length: 333
Content-Type: text/html; charset=iso-8859-1
clean
http://www.goodbody.ru/index.php?content=472&data=015&menu=1
200 OK
Content-Length: 83551
Content-Type: text/html
suspicious
Suspicious code found

<div class="express-request"><div class="bg-top"><div class="cnt"><div class="descr"><!-- <ol><li>Íå óäàåòñÿ ñäåëàòü çàêàç ÷åðåç êîðçèíó? </li><li>Òðóäíî ðàçîáðàòüñÿ â ôîðìå çàêàçà? </li><li>Íåîáõîäèìî ñäåëàòü óòî÷íåíèÿ ïåðåä çàêàçîì? </li></ol> --><strong>Âîñïîëüçóéòåñü &laquo;ÝÊÑÏÐÅÑÑ çàÿâêîé&raquo; è â òå÷åíèå ÷àñà (â ðàáî÷åå âðåìÿ) Âàì ïîçâîíèò íàø ìåíåäæåð!</strong> </div><form action
... 442 bytes are skipped ...
"textfield" type="text" name="fast_phone" value="" /></div><div>Òåêñò çàÿâêè</div> <div><textarea id="express-textarea" class="no-text" name="fast_comment" cols="80" rows="10">Íàïèøèòå â ïðîèçâîëüíîì âèäå, ÷òî Âû õîòèòå çàêàçàòü èëè óòî÷íèòü, à çàòåì íàæìèòå êíîïêó "Îòïðàâèòü".</textarea><input class="btn" type="image" src="/images/express-btn.png" /></div></form></div></div><div class="bg-bottom"></div></div>

http://www.goodbody.ru/js/jquery.js
200 OK
Content-Length: 183184
Content-Type: text/javascript
clean
http://www.goodbody.ru/js/cusel-min.js
200 OK
Content-Length: 20936
Content-Type: text/javascript
clean
http://www.goodbody.ru/js/Submenu.js
200 OK
Content-Length: 601
Content-Type: text/javascript
clean
http://www.goodbody.ru/js/JustifyElements.js
200 OK
Content-Length: 948
Content-Type: text/javascript
clean
http://www.goodbody.ru/js/goodbody.js
200 OK
Content-Length: 9787
Content-Type: text/javascript
clean
http://www.goodbody.ru/js/actions.js
200 OK
Content-Length: 2081
Content-Type: text/javascript
clean
http://www.goodbody.ru/
200 OK
Content-Length: 83485
Content-Type: text/html
suspicious
Suspicious code found

<div class="express-request"><div class="bg-top"><div class="cnt"><div class="descr"><!-- <ol><li>Íå óäàåòñÿ ñäåëàòü çàêàç ÷åðåç êîðçèíó? </li><li>Òðóäíî ðàçîáðàòüñÿ â ôîðìå çàêàçà? </li><li>Íåîáõîäèìî ñäåëàòü óòî÷íåíèÿ ïåðåä çàêàçîì? </li></ol> --><strong>Âîñïîëüçóéòåñü &laquo;ÝÊÑÏÐÅÑÑ çàÿâêîé&raquo; è â òå÷åíèå ÷àñà (â ðàáî÷åå âðåìÿ) Âàì ïîçâîíèò íàø ìåíåäæåð!</strong> </div><form action
... 397 bytes are skipped ...
"textfield" type="text" name="fast_phone" value="" /></div><div>Òåêñò çàÿâêè</div> <div><textarea id="express-textarea" class="no-text" name="fast_comment" cols="80" rows="10">Íàïèøèòå â ïðîèçâîëüíîì âèäå, ÷òî Âû õîòèòå çàêàçàòü èëè óòî÷íèòü, à çàòåì íàæìèòå êíîïêó "Îòïðàâèòü".</textarea><input class="btn" type="image" src="/images/express-btn.png" /></div></form></div></div><div class="bg-bottom"></div></div>

http://www.goodbody.ru/937/021/1/
200 OK
Content-Length: 28253
Content-Type: text/html
suspicious
Suspicious code found

<div class="express-request"><div class="bg-top"><div class="cnt"><div class="descr"><!-- <ol><li>Íå óäàåòñÿ ñäåëàòü çàêàç ÷åðåç êîðçèíó? </li><li>Òðóäíî ðàçîáðàòüñÿ â ôîðìå çàêàçà? </li><li>Íåîáõîäèìî ñäåëàòü óòî÷íåíèÿ ïåðåä çàêàçîì? </li></ol> --><strong>Âîñïîëüçóéòåñü &laquo;ÝÊÑÏÐÅÑÑ çàÿâêîé&raquo; è â òå÷åíèå ÷àñà (â ðàáî÷åå âðåìÿ) Âàì ïîçâîíèò íàø ìåíåäæåð!</strong> </div><form action
... 407 bytes are skipped ...
"textfield" type="text" name="fast_phone" value="" /></div><div>Òåêñò çàÿâêè</div> <div><textarea id="express-textarea" class="no-text" name="fast_comment" cols="80" rows="10">Íàïèøèòå â ïðîèçâîëüíîì âèäå, ÷òî Âû õîòèòå çàêàçàòü èëè óòî÷íèòü, à çàòåì íàæìèòå êíîïêó "Îòïðàâèòü".</textarea><input class="btn" type="image" src="/images/express-btn.png" /></div></form></div></div><div class="bg-bottom"></div></div>

http://www.goodbody.ru/12/008/1/
200 OK
Content-Length: 39664
Content-Type: text/html
suspicious
Suspicious code found

<div class="express-request"><div class="bg-top"><div class="cnt"><div class="descr"><!-- <ol><li>Íå óäàåòñÿ ñäåëàòü çàêàç ÷åðåç êîðçèíó? </li><li>Òðóäíî ðàçîáðàòüñÿ â ôîðìå çàêàçà? </li><li>Íåîáõîäèìî ñäåëàòü óòî÷íåíèÿ ïåðåä çàêàçîì? </li></ol> --><strong>Âîñïîëüçóéòåñü &laquo;ÝÊÑÏÐÅÑÑ çàÿâêîé&raquo; è â òå÷åíèå ÷àñà (â ðàáî÷åå âðåìÿ) Âàì ïîçâîíèò íàø ìåíåäæåð!</strong> </div><form action
... 406 bytes are skipped ...
"textfield" type="text" name="fast_phone" value="" /></div><div>Òåêñò çàÿâêè</div> <div><textarea id="express-textarea" class="no-text" name="fast_comment" cols="80" rows="10">Íàïèøèòå â ïðîèçâîëüíîì âèäå, ÷òî Âû õîòèòå çàêàçàòü èëè óòî÷íèòü, à çàòåì íàæìèòå êíîïêó "Îòïðàâèòü".</textarea><input class="btn" type="image" src="/images/express-btn.png" /></div></form></div></div><div class="bg-bottom"></div></div>


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: fitboll.ru

Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Sun, 24 Aug 2014 02:34:24 GMT
Pragma: no-cache
Server: Jino.ru/mod_pizza
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Sun, 24 Aug 2014 02:34:24 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 0ad4073308cd87e85f639446c17a7a3a=f4b4a928ae4a92aa90eefe3d0909e266; path=/
Set-Cookie: ja_trona_tpl=ja_trona; expires=Fri, 14-Aug-2015 02:34:23 GMT; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: fitboll.ru
Referer: http://www.google.com/search?q=fitboll.ru

Result:
The result is similar to the first query. There are no suspicious redirects found.