Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=sova.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://sova.ru/ | 200 OK Content-Length: 43961 Content-Type: text/html | clean |
http://sova.ru/main_control_js/blendtrans.js | 200 OK Content-Length: 3993 Content-Type: application/javascript | clean |
http://sova.ru/sys/mainmenu.js | 200 OK Content-Length: 14579 Content-Type: application/javascript | clean |
http://sova.ru/sys/menu.js | 200 OK Content-Length: 8364 Content-Type: application/javascript | clean |
http://sova.ru/mvdv_php/tools/link_counter.js | 200 OK Content-Length: 1695 Content-Type: application/javascript | clean |
http://sova.ru/anons/access.js | 200 OK Content-Length: 1694 Content-Type: application/javascript | clean |
http://sova.ru/sys_mine/tooltip.js | 200 OK Content-Length: 1209 Content-Type: application/javascript | clean |
http://sova.ru/sys/javascript.php | 200 OK Content-Length: 3315 Content-Type: text/html | clean |
http://sova.ru/test404page.js | 404 Not Found Content-Length: 0 Content-Type: text/html | clean |
http://sova.ru/xml/news1.rss | 200 OK Content-Length: 5102 Content-Type: application/xml | clean |
http://sova.ru/journal/rss_help.htm | 200 OK Content-Length: 9522 Content-Type: text/html | clean |
http://sova.ru/news/1/2/2/all.htm | HTTP/1.1 302 Found Connection: close Date: Sun, 14 Sep 2014 07:48:29 GMT Location: http://www.airshow.ru/php/redirect.php?req_url=http%3A%2F%2Fwww.sova.ru%2Fnews%2F1%2F2%2F2%2Fall.htm Server: nginx/0.7.67 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=windows-1251 X-Powered-By: PHP/5.3.3-7+squeeze18 | clean |
http://www.airshow.ru/php/redirect.php?req_url=http%3a%2f%2fwww.sova.ru%2fnews%2f1%2f2%2f2%2fall.htm | 200 OK Content-Length: 325 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.sova.ru <html><body> <form name="form_refresh" method="post" action="http://www.sova.ru/news/1/2/2/all.htm"> </form> <Script Language="JavaScript"><!-- document.forms['form_refresh'].submit(); //var redir = "http://www.sova.ru/news/1/2/2/all.htm"; //window.open(redir,"_self"); //--></Script> </body></html> | ||
http://sova.ru/anons/collection.php | 200 OK Content-Length: 18067 Content-Type: text/html | clean |
http://sova.ru/anons/collection.php?page_txt=1 | 200 OK Content-Length: 14736 Content-Type: text/html | clean |
http://sova.ru/anons/collection.php?page_txt=0 | 200 OK Content-Length: 18067 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: sova.ru
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=300, must-revalidate
Connection: close
Date: Sun, 14 Sep 2014 07:48:26 GMT
Server: nginx/0.7.67
Vary: Accept-Encoding
Content-Type: text/html; charset=windows-1251
Expires: Sun, 14 Sep 2014 07:53:26 GMT
Last-Modified: Sun, 14 Sep 2014 06:48:26 GMT
Set-Cookie: user_ident=deleted; expires=Sat, 14-Sep-2013 07:48:25 GMT; path=/
Set-Cookie: user_ident=958272040; expires=Wed, 24-Jan-2024 20:00:00 GMT; path=/
X-Powered-By: PHP/5.3.3-7+squeeze18
GET / HTTP/1.1
Host: sova.ru
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=300, must-revalidate
Connection: close
Date: Sun, 14 Sep 2014 07:48:26 GMT
Server: nginx/0.7.67
Vary: Accept-Encoding
Content-Type: text/html; charset=windows-1251
Expires: Sun, 14 Sep 2014 07:53:26 GMT
Last-Modified: Sun, 14 Sep 2014 06:48:26 GMT
Set-Cookie: user_ident=deleted; expires=Sat, 14-Sep-2013 07:48:25 GMT; path=/
Set-Cookie: user_ident=958272040; expires=Wed, 24-Jan-2024 20:00:00 GMT; path=/
X-Powered-By: PHP/5.3.3-7+squeeze18
Second query (visit from search engine):
GET / HTTP/1.1
Host: sova.ru
Referer: http://www.google.com/search?q=sova.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: sova.ru
Referer: http://www.google.com/search?q=sova.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.