New scan:

Malware Scanner report for vesti-ua.net

Malicious/Suspicious/Total urls checked
0/1/15
1 page has suspicious code. See details below
Blacklists
OK
Malicious redirects
Found
The website redirects visitors from search engines to the 3rd-party URL. The chain of malicious redirects found:
->http://web-redirect.ru/?web
453 websites infected. web-redirect.ru is marked by Yandex as suspicious.
->http://rosmetsar.ru/components/com_weblinks/2/separator.php


The website "vesti-ua.net" is most probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here is our redirects fixing guide.
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Malicious/Suspicious Redirects

RequestServer responseStatus
URL: http://vesti-ua.net/
(imitation of visitor from search engine)

GET / HTTP/1.1
Host: vesti-ua.net
Referer: http://www.google.com/search?q=redirect+check1
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 16 Sep 2014 21:17:31 GMT
Pragma: no-cache
Location: http://web-redirect.ru/?web
Server: nginx/1.2.1
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: _cutt_caches_images=1410902251; expires=Wed, 17-Sep-2014 21:17:31 GMT; path=/
Set-Cookie: PHPSESSID=fi15gslkdalirhir28figpa2q6; path=/
X-Powered-By: PHP/5.4.4-14+deb7u8
malicious
URL: http://web-redirect.ru/?web
(imitation of visitor from search engine)

GET /?web HTTP/1.1
Host: web-redirect.ru
Referer: http://www.google.com/search?q=redirect+check2
HTTP/1.1 302 Found
Cache-Control: max-age=0
Connection: close
Date: Tue, 16 Sep 2014 21:15:26 GMT
Pragma: no-cache
Location: http://rosmetsar.ru/components/com_weblinks/2/separator.php
Server: nginx/1.0.15
Content-Length: 0
Content-Type: text/html; charset=utf-8
Expires: Thu, 21 Jul 1977 07:30:00 GMT
Last-Modified: Tue, 16 Sep 2014 21:15:26 GMT
X-Powered-By: PHP/5.3.3
suspicious

Scanned pages/files

RequestServer responseStatus
http://vesti-ua.net/
200 OK
Content-Length: 74031
Content-Type: text/html
suspicious
Suspicious code. Script contains iFrame.

(function(){
var D=new Date(),d=document,b='body',ce='createElement',ac='appendChild',st='style',ds='display',n='none',gi='getElementById';
var i=d[ce]('iframe');i[st][ds]=n;d[gi]("MarketGidScriptRootC566289")[ac](i);try{var iw=i.contentWindow.document;iw.open();iw.writeln("<ht"+"ml><bo"+"dy></bo"+"dy></ht"+"ml>");iw.close();var c=iw[b];}
catch(e){var iw=d;var c=d[gi]("MarketGidScriptRootC566289");}var dv=iw[ce]('div');dv.id="MG_ID";dv[st][ds]=n;dv.innerHTML=566289;c[ac](dv);
var s=iw[ce]('script');s.async='async';s.defer='defer';s.charset='utf-8';s.src="http://jsc.marketgid.com/v/e/vesti-ua.net.566289.js?t="+D.getYear()+D.getMonth()+D.getDate()+D.getHours();c[ac](s);})();

http://b.c8.net.ua/b/js/preroll.js
200 OK
Content-Length: 36961
Content-Type: application/x-javascript
clean
http://b.c8.net.ua/b/js/swfobject.js
200 OK
Content-Length: 6880
Content-Type: application/x-javascript
clean
http://vesti-ua.net/engine/classes/min/index.php?charset=utf-8&g=general&6
200 OK
Content-Length: 179945
Content-Type: application/x-javascript
clean
http://vesti-ua.net/templates/vestiua/js/jquery.ttabs.js
200 OK
Content-Length: 1006
Content-Type: application/x-javascript
clean
http://vesti-ua.net//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit/
404 Not Found
Content-Length: 570
Content-Type: text/html
clean
http://vesti-ua.net/test404page.js
404 Not Found
Content-Length: 570
Content-Type: text/html
clean
http://vesti-ua.net//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js/
404 Not Found
Content-Length: 570
Content-Type: text/html
clean
http://traffim.com/informer/33159.js
200 OK
Content-Length: 7211
Content-Type: text/html
clean
http://js.ru.redtram.com/n4p/0/26/ticker_26596.js
200 OK
Content-Length: 18070
Content-Type: application/javascript
clean
http://vesti-ua.net//vk.com/js/api/openapi.js?98/
404 Not Found
Content-Length: 570
Content-Type: text/html
clean
http://vesti-ua.net//vk.com/js/api/openapi.js?110/
404 Not Found
Content-Length: 570
Content-Type: text/html
clean
http://js.ru.redtram.com/n4p/0/26/ticker_26591.js
200 OK
Content-Length: 15142
Content-Type: application/javascript
clean
http://counter.rambler.ru/top100.jcn?2813855
200 OK
Content-Length: 6853
Content-Type: application/x-javascript
clean
http://webo4ka.ru/Ucoz6/topvk_knopka_nazad_i_vverx_kak_v_vk.js
200 OK
Content-Length: 2116
Content-Type: text/javascript
clean

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=vesti-ua.net

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://vesti-ua.net/

Result: vesti-ua.net is not infected or malware details are not published yet.