New scan:

Malware Scanner report for liberty-travel.ru

Malicious/Suspicious/Total urls checked
0/0/15
Blacklists
OK
Malicious redirects
Found
The website redirects visitors from search engines to the 3rd-party URL. The chain of malicious redirects found:
->http://bitly.com/sttmln
317 websites infected.
->http://goo.gl/0rxysb
3273 websites infected.
->http://sh.oowoo.ru/redsh.php
78 websites infected.
->http://fastmambo.biz/?s=370


The website "liberty-travel.ru" is most probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here is our redirects fixing guide.
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Malicious/Suspicious Redirects

RequestServer responseStatus
URL: http://liberty-travel.ru/
(imitation of visitor from search engine)

GET / HTTP/1.1
Host: liberty-travel.ru
Referer: http://www.google.com/search?q=redirect+check1
HTTP/1.1 302 Found
Connection: close
Date: Fri, 12 Sep 2014 16:49:24 GMT
Location: http://bitly.com/STTMlN
Server: nginx/1.6.0
Content-Length: 207
Content-Type: text/html; charset=iso-8859-1
malicious
URL: http://bitly.com/STTMlN
(imitation of visitor from search engine)

GET /STTMlN HTTP/1.1
Host: bitly.com
Referer: http://www.google.com/search?q=redirect+check2
HTTP/1.1 301 Moved Permanently
Cache-Control: private; max-age=90
Connection: close
Date: Fri, 12 Sep 2014 16:49:24 GMT
Location: http://goo.gl/0rXySb
Server: nginx
Content-Length: 112
Content-Type: text/html; charset=utf-8
Mime-Version: 1.0
Set-Cookie: _bit=54132414-000f0-07f2e-431cf10a;domain=.bitly.com;expires=Wed Mar 11 16:49:24 2015;path=/; HttpOnly
malicious
URL: http://goo.gl/0rXySb
(imitation of visitor from search engine)

GET /0rXySb HTTP/1.1
Host: goo.gl
Referer: http://www.google.com/search?q=redirect+check3
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: close
Date: Fri, 12 Sep 2014 16:45:35 GMT
Pragma: no-cache
Age: 229
Location: http://sh.oowoo.ru/redsh.php
Server: GSE
Content-Type: text/html; charset=UTF-8
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Alternate-Protocol: 80:quic,p=0.002
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
malicious
URL: http://sh.oowoo.ru/redsh.php
(imitation of visitor from search engine)

GET /redsh.php HTTP/1.1
Host: sh.oowoo.ru
Referer: http://www.google.com/search?q=redirect+check4
HTTP/1.1 302 Found
Connection: close
Date: Fri, 12 Sep 2014 16:48:03 GMT
Location: http://fastmambo.biz/?s=370
Server: nginx/1.0.15
Content-Length: 0
Content-Type: text/html; charset=CP1251
X-Powered-By: PHP/5.2.17
suspicious

Scanned pages/files

RequestServer responseStatus
http://liberty-travel.ru/
200 OK
Content-Length: 19871
Content-Type: text/html
clean
http://liberty-travel.ru/wp-content/themes/Liberty/js/jq.js
200 OK
Content-Length: 83500
Content-Type: application/x-javascript
clean
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
200 OK
Content-Length: 91556
Content-Type: text/javascript
clean
http://liberty-travel.ru/wp-content/themes/Liberty/js/slider.js
200 OK
Content-Length: 18799
Content-Type: application/x-javascript
clean
http://liberty-travel.ru/wp-content/themes/Liberty/function.js
200 OK
Content-Length: 143
Content-Type: application/x-javascript
clean
http://liberty-travel.ru/wp-includes/js/jquery/jquery.js?ver=1.11.0
200 OK
Content-Length: 96402
Content-Type: application/x-javascript
clean
http://liberty-travel.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
200 OK
Content-Length: 7200
Content-Type: application/x-javascript
clean
http://liberty-travel.ru/wp-content/plugins/fotorama/fotorama.js?ver=3.9.2
200 OK
Content-Length: 37411
Content-Type: application/x-javascript
clean
http://liberty-travel.ru/wp-content/plugins/fotorama/fotorama-wp.js?ver=3.9.2
200 OK
Content-Length: 571
Content-Type: application/x-javascript
clean
http://liberty-travel.ru/wp-content/plugins/wp-responsive-slider-with-lightbox/js/images-responsive-thumbnail-slider-plus-lightbox-jc.js?ver=3.9.2
200 OK
Content-Length: 49469
Content-Type: application/x-javascript
clean
http://liberty-travel.ru/wp-content/plugins/wp-responsive-slider-with-lightbox/js/l-box-js.js?ver=3.9.2
200 OK
Content-Length: 16987
Content-Type: application/x-javascript
clean
http://liberty-travel.ru/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.50.0-2014.02.05
200 OK
Content-Length: 16305
Content-Type: application/x-javascript
clean
http://liberty-travel.ru/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.8
200 OK
Content-Length: 9630
Content-Type: application/x-javascript
clean
http://liberty-travel.ru/wp-content/plugins/ml-slider/assets/sliders/flexslider/jquery.flexslider-min.js?ver=2.8.1
200 OK
Content-Length: 53526
Content-Type: application/x-javascript
clean
http://liberty-travel.ru/wp-content/plugins/ml-slider/assets/easing/jQuery.easing.min.js?ver=2.8.1
200 OK
Content-Length: 5564
Content-Type: application/x-javascript
clean

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=liberty-travel.ru

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://liberty-travel.ru/

Result: liberty-travel.ru is not infected or malware details are not published yet.