Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ms-protvino.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://ms-protvino.ru/ | 200 OK Content-Length: 19331 Content-Type: text/html | malicious |
Page code contains blacklisted domain: staatis.zyns.com <!DOCTYPE html> <html> <head> <title>ÐÑиÑиалÑнÑй ÑÐ°Ð¹Ñ â ÐÑоÑвинÑкий мÑÑокомбинаÑ</title> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="cmsmagazine" content="4844a40c52c44f1512d7761a02245ba5" /> <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.m ...[4110 bytes skipped]... Malicious iFrame found. size: 468x60 src: http://staatis.zyns.com/out.php?sid=3 This URL is marked by Google as suspicious <iframe src="http://staatis.zyns.com/out.php?sid=3" width="468" height="60" style="position:absolute;left:-10000px;"> Malicious iFrame found. size: 468x60 src: http://starsic.zyns.com/out.php?sid=3 This URL is marked by Google as suspicious <iframe src="http://starsic.zyns.com/out.php?sid=3" width="468" height="60" style="position:absolute;left:-10000px;"> | ||
http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js | 200 OK Content-Length: 93435 Content-Type: text/javascript | clean |
http://ms-protvino.ru//ms-protvino.ru.js.1c-bitrix-cdn.ru/bitrix/templates/main/slider/jquery.bxslider.min.js?141259234819123/ | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://ms-protvino.ru/test404page.js | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://ms-protvino.ru//ms-protvino.ru.js.1c-bitrix-cdn.ru/bitrix/templates/main/fancybox/lib/jquery.mousewheel-3.0.6.pack.js?14125923491384/ | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://ms-protvino.ru/bitrix/templates/main/fancybox/source/jquery.fancybox.pack.js?v=2.1.5 | 200 OK Content-Length: 23135 Content-Type: application/x-javascript | clean |
http://api-maps.yandex.ru/2.1/?lang=ru_RU | 200 OK Content-Length: 115445 Content-Type: text/javascript | clean |
http://ms-protvino.ru//ms-protvino.ru.js.1c-bitrix-cdn.ru/bitrix/cache/js/s1/main/kernel_main/kernel_main.js?1415781545317507/ | 200 OK Content-Length: 0 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ms-protvino.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 27 Jan 2015 14:25:29 GMT
Pragma: no-cache
Server: nginx/1.6.2
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Set-Cookie: PHPSESSID=1dfc11bbcb0a8254105deb73a7efd57b; path=/; HttpOnly
X-Powered-By: PHP/5.3.13
X-Powered-CMS: Bitrix Site Manager (4bd320ffb0621369afef5bd28e09e533)
GET / HTTP/1.1
Host: ms-protvino.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 27 Jan 2015 14:25:29 GMT
Pragma: no-cache
Server: nginx/1.6.2
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Set-Cookie: PHPSESSID=1dfc11bbcb0a8254105deb73a7efd57b; path=/; HttpOnly
X-Powered-By: PHP/5.3.13
X-Powered-CMS: Bitrix Site Manager (4bd320ffb0621369afef5bd28e09e533)
Second query (visit from search engine):
GET / HTTP/1.1
Host: ms-protvino.ru
Referer: http://www.google.com/search?q=ms-protvino.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ms-protvino.ru
Referer: http://www.google.com/search?q=ms-protvino.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.