Scanned pages/files
Request | Server response | Status |
http://intourist.travel/ | 200 OK Content-Length: 60206 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 645x320 style: hidden src: http://ui.sletat.ru/hotresult.html?sfx=_lfwgh&fbg=ffffff&mbg=ffffff&bbg=ffffff&bbd=eeeeee&cbd=abadb3&c1=222222&c2=838383&c3=9d1414&c4=dac6a1&style=.sqrd.country%20span%23main%7bfont-weight%3a%20normal%20!important%3b%7d.sqrd.country%20span%23main%7bfont-style%3a%20italic%20!important%3b%7d¤cy=rub&rc=5&settings={ <iframe allowtransparency="true" onload="sm2_sly_lfwgh.init()" id="sm2_slyresult_lfwgh" src="http://ui.sletat.ru/hotresult.html?sfx=_lfwgh&fbg=ffffff&mbg=ffffff&bbg=ffffff&bbd=eeeeee&cbd=abadb3&c1=222222&c2=838383&c3=9d1414&c4=dac6a1&style=.sqrd.country%20span%23main%7bfont-weight%3a%20normal%20!important%3b%7d.sqrd.country%20span%23main%7bfont-style%3a%20italic%20!important%3b%7d¤cy=rub&rc=5&settings={'plugins':[]}" height="320" width="645" frameborder="0" style="display:none" scrolling="no"> Hidden iFrame found. size: 505x150 style: hidden src: http://ui.sletat.ru/searchresult.html?sfx=_6dov5&fbg=b8dcfc&mbg=ffffff&bbg=ffffff&bbd=eeeeee&cbd=abadb3&c1=222222&c2=838383&c3=9d1414&c4=dac6a1&style=p.caption%7bfont-weight%3a%20normal%20!important%3b%7dp.caption%7bfont-style%3a%20normal%20!important%3b%7d&tpl=w500&firstdelay=7000&rc=5&settings={ <iframe allowtransparency="true" onload="sm_sly_6dov5.init()" id="sm_slyresult_6dov5" src="http://ui.sletat.ru/searchresult.html?sfx=_6dov5&fbg=b8dcfc&mbg=ffffff&bbg=ffffff&bbd=eeeeee&cbd=abadb3&c1=222222&c2=838383&c3=9d1414&c4=dac6a1&style=p.caption%7bfont-weight%3a%20normal%20!important%3b%7dp.caption%7bfont-style%3a%20normal%20!important%3b%7d&tpl=w500&firstdelay=7000&rc=5&settings={'plugins':[]}" height="150" width="505" frameborder="0" style="display:none;" scrolling="no"> | ||
http://intourist.travel/media/system/js/mootools-core.js | 200 OK Content-Length: 96362 Content-Type: application/javascript | clean |
http://intourist.travel/media/system/js/core.js | 200 OK Content-Length: 4784 Content-Type: application/javascript | clean |
http://intourist.travel/components/com_k2/js/k2.js?v2.6.7&sitepath=/ | 200 OK Content-Length: 8007 Content-Type: application/javascript | clean |
http://intourist.travel/media/system/js/caption.js | 200 OK Content-Length: 729 Content-Type: application/javascript | clean |
http://intourist.travel/media/system/js/mootools-more.js | 200 OK Content-Length: 238331 Content-Type: application/javascript | clean |
http://intourist.travel/media/mod_vt_nivo_slider/js/jquery/latest/jquery.min.js | 200 OK Content-Length: 93107 Content-Type: application/javascript | clean |
http://intourist.travel/media/mod_vt_nivo_slider/js/jquery.nivo.slider.min.js | 200 OK Content-Length: 12201 Content-Type: application/javascript | clean |
http://intourist.travel//vk.com/js/api/openapi.js?87/ | 404 Not Found Content-Length: 1734 Content-Type: text/html | clean |
http://intourist.travel/test404page.js | 404 Not Found Content-Length: 1734 Content-Type: text/html | clean |
http://intourist.travel/templates/intourist/jquery.js | 200 OK Content-Length: 92793 Content-Type: application/javascript | clean |
http://intourist.travel/templates/intourist/script.js | 200 OK Content-Length: 43573 Content-Type: application/javascript | clean |
http://intourist.travel/templates/intourist/script.responsive.js | 200 OK Content-Length: 16691 Content-Type: application/javascript | clean |
http://ui.sletat.ru/client/linker.js?settings={formViewMode:'block'}&sfx=_6doV5 | 200 OK Content-Length: 33686 Content-Type: text/javascript | clean |
http://ui.sletat.ru/client/linker_hot.js?settings={formViewMode:'block'}&sfx=_lFWgH | 200 OK Content-Length: 24271 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: intourist.travel
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Thu, 12 Jun 2014 19:59:11 GMT
Pragma: no-cache
Server: Jino.ru/mod_pizza
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: ac0a531eebf8db37fc10715aa74f0e3e=a9c7cc458a619b8121a44f1fabadc581; path=/
X-Logged-In: False
GET / HTTP/1.1
Host: intourist.travel
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Thu, 12 Jun 2014 19:59:11 GMT
Pragma: no-cache
Server: Jino.ru/mod_pizza
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: ac0a531eebf8db37fc10715aa74f0e3e=a9c7cc458a619b8121a44f1fabadc581; path=/
X-Logged-In: False
Second query (visit from search engine):
GET / HTTP/1.1
Host: intourist.travel
Referer: http://www.google.com/search?q=intourist.travel
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: intourist.travel
Referer: http://www.google.com/search?q=intourist.travel
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=intourist.travel
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://intourist.travel/
Result: intourist.travel is not infected or malware details are not published yet.
Result: intourist.travel is not infected or malware details are not published yet.