Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gostinium.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://gostinium.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://gostinium.ru/ | 200 OK Content-Length: 51405 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: reservation.gostinium.ru <!doctype html > <!--[if lt IE 7]> <html class="no-js ie6 oldie" lang="en"> <![endif]--> <!--[if IE 7]> <html class="no-js ie7 oldie" lang="en"> <![endif]--> <!--[if IE 8]> <html class="no-js ie8 oldie" lang="en"> <![endif]--> <!--[if gt IE 8]><!--> <html class="no-js" dir="ltr" lang="ru-RU"> <!--<![endif]--> <head> <meta http ...[4310 bytes skipped]... | ||
http://gostinium.ru/wp-includes/js/jquery/jquery.js?ver=1.7.2 | 200 OK Content-Length: 94861 Content-Type: application/javascript | clean |
http://gostinium.ru/wp-content/themes/gonzo/js/libs/modernizr-2.0.6.min.js?ver=3.4.2 | 200 OK Content-Length: 15299 Content-Type: application/javascript | clean |
http://gostinium.ru/wp-content/themes/gonzo/js/scripts.js?ver=3.4.2 | 200 OK Content-Length: 103652 Content-Type: application/javascript | clean |
http://gostinium.ru//www.travelpayouts.com/widgets/fc00f0ee7489e02ef508d0a192e038dd.js?v=68/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Sun, 14 Sep 2014 21:06:25 GMT Pragma: no-cache Location: http://gostinium.ru/www.travelpayouts.com/widgets/fc00f0ee7489e02ef508d0a192e038dd.js?v=68/ Server: nginx/1.6.0 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Last-Modified: Sun, 14 Sep 2014 21:06:25 GMT X-Pingback: http://gostinium.ru/xmlrpc.php X-Powered-By: PHP/5.3.28 | clean |
http://gostinium.ru/www.travelpayouts.com/widgets/fc00f0ee7489e02ef508d0a192e038dd.js?v=68/ | 404 Not Found Content-Length: 33133 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: reservation.gostinium.ru <!doctype html > <!--[if lt IE 7]> <html class="no-js ie6 oldie" lang="en"> <![endif]--> <!--[if IE 7]> <html class="no-js ie7 oldie" lang="en"> <![endif]--> <!--[if IE 8]> <html class="no-js ie8 oldie" lang="en"> <![endif]--> <!--[if gt IE 8]><!--> <html class="no-js" dir="ltr" lang="ru-RU"> <!--<![endif]--> <head> <meta http ...[4310 bytes skipped]... | ||
http://counter.rambler.ru/top100.jcn?2807163 | 200 OK Content-Length: 6853 Content-Type: application/x-javascript | clean |
http://gostinium.ru/allhotels/ | 200 OK Content-Length: 32373 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: reservation.gostinium.ru <!doctype html > <!--[if lt IE 7]> <html class="no-js ie6 oldie" lang="en"> <![endif]--> <!--[if IE 7]> <html class="no-js ie7 oldie" lang="en"> <![endif]--> <!--[if IE 8]> <html class="no-js ie8 oldie" lang="en"> <![endif]--> <!--[if gt IE 8]><!--> <html class="no-js" dir="ltr" lang="ru-RU"> <!--<![endif]--> <head> <met ...[4277 bytes skipped]... | ||
http://gostinium.ru/wp-includes/js/comment-reply.js?ver=3.4.2 | 200 OK Content-Length: 786 Content-Type: application/javascript | clean |
http://gostinium.ru/contacts/ | 200 OK Content-Length: 33251 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: reservation.gostinium.ru <!doctype html > <!--[if lt IE 7]> <html class="no-js ie6 oldie" lang="en"> <![endif]--> <!--[if IE 7]> <html class="no-js ie7 oldie" lang="en"> <![endif]--> <!--[if IE 8]> <html class="no-js ie8 oldie" lang="en"> <![endif]--> <!--[if gt IE 8]><!--> <html class="no-js" dir="ltr" lang="ru-RU"> <!--<![endif]--> <head> <meta http ...[4292 bytes skipped]... | ||
http://gostinium.ru/avia/ | 200 OK Content-Length: 34421 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: reservation.gostinium.ru <!doctype html > <!--[if lt IE 7]> <html class="no-js ie6 oldie" lang="en"> <![endif]--> <!--[if IE 7]> <html class="no-js ie7 oldie" lang="en"> <![endif]--> <!--[if IE 8]> <html class="no-js ie8 oldie" lang="en"> <![endif]--> <!--[if gt IE 8]><!--> <html class="no-js" dir="ltr" lang="ru-RU"> <!--<![endif]--> <head> <met ...[4267 bytes skipped]... | ||
http://gostinium.ru/poisk-turov/ | 200 OK Content-Length: 43367 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: reservation.gostinium.ru <!doctype html > <!--[if lt IE 7]> <html class="no-js ie6 oldie" lang="en"> <![endif]--> <!--[if IE 7]> <html class="no-js ie7 oldie" lang="en"> <![endif]--> <!--[if IE 8]> <html class="no-js ie8 oldie" lang="en"> <![endif]--> <!--[if gt IE 8]><!--> <html class="no-js" dir="ltr" lang="ru-RU"> <!--<![endif]--> <head> <meta http ...[4282 bytes skipped]... | ||
http://www.grandtravelgroup.com/module/script?domain=tours.gostinium.ru | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 14 Sep 2014 21:06:30 GMT Location: http://www.grandtravelgroup.com/module/script/?domain=tours.gostinium.ru Server: cloudflare-nginx Vary: Accept-Encoding Content-Type: text/html; charset=iso-8859-1 CF-RAY: 169f8c7a2f3b0f81-FRA Set-Cookie: __cfduid=ded5aa04fb30e4d3a12a52e4b28d2d6aa1410728790105; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.grandtravelgroup.com; HttpOnly | clean |
http://www.grandtravelgroup.com/module/script/?domain=tours.gostinium.ru | 200 OK Content-Length: 89645 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: tours.gostinium.ru ...[1232 bytes skipped]... <div class="ember-view gtg-form-block gtg-form-block-inline"><div class="gtg-form-head"> <span class="gtg-maintitle">ÐÐÐСРРÐÐ ÐÐÐÐ ÐÐÐÐÐРТУРÐÐ</span> <span class="gtg-subtitle">мониÑоÑинг ÑпеÑпÑедложений Ð¾Ñ 150 ÑÑÑопеÑаÑоÑов РоÑÑии и ÑÑÑан СÐÐ</span></div>'); document.write('<form id="gtg-form" action="http://tours.gostinium.ru/search" method="POST" target="_blank">'); document.write('<input name="departFrom" value="" type="hidden"/><input name="departTo" value="" type="hidden"/><input type="hidden" value="" name="partner" />'); document.write('<div class="gtg-left-part"> ÐоÑод вÑлеÑа:<br /> <span class="gorod"><select name="city" class="gtg-select-left"><option value="1264">СанкÑ-ÐеÑеÑбÑÑг</option><op ...[2705 bytes skipped]... | ||
http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js | 200 OK Content-Length: 94840 Content-Type: text/javascript | clean |
https://www.grandtravelgroup.com/js/ui.datepicker.js | 200 OK Content-Length: 61287 Content-Type: application/javascript | clean |
http://www.grandtravelgroup.com/portal/static/js/fast-app.js | 200 OK Content-Length: 6741 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: gostinium.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 14 Sep 2014 21:06:23 GMT
Server: nginx/1.6.0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://gostinium.ru/xmlrpc.php
X-Powered-By: PHP/5.3.28
GET / HTTP/1.1
Host: gostinium.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 14 Sep 2014 21:06:23 GMT
Server: nginx/1.6.0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://gostinium.ru/xmlrpc.php
X-Powered-By: PHP/5.3.28
Second query (visit from search engine):
GET / HTTP/1.1
Host: gostinium.ru
Referer: http://www.google.com/search?q=gostinium.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: gostinium.ru
Referer: http://www.google.com/search?q=gostinium.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.