New scan:

Malware Scanner report for xn--h1aaecngahu.com

Malicious/Suspicious/Total urls checked
0/1/4
1 page has suspicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "xn--h1aaecngahu.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/2
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=xn--h1aaecngahu.com

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://xn--h1aaecngahu.com/
HTTP/1.1 302 Found
Connection: close
Date: Sun, 11 Jan 2015 18:33:43 GMT
Location: http://portalmobi.com/in.cgi?4&group=kinopoisk--com
Server: Apache
Content-Length: 0
Content-Type: text/html; charset=UTF-8
clean
http://portalmobi.com/in.cgi?4&group=kinopoisk--com
HTTP/1.1 302 Found
Connection: close
Date: Sun, 11 Jan 2015 18:53:20 GMT
Location: http://internet-ru.com/
Server: nginx
Content-Length: 287
Content-Type: text/html; charset=iso-8859-1
Set-Cookie: dmvgp=gI4hADQAAwA.AaDGslT__6DGslQrAKDGslRAAAEAAACgxrJUAA--; expires=Mon, 11-Jan-2016 18:53:20 GMT; path=/; domain=portalmobi.com
clean
http://internet-ru.com/
200 OK
Content-Length: 4227
Content-Type: text/html
suspicious
Suspicious code found


<div id="logo">
<h1>Èíòåðíåò&nbsp;ñîåäèíåíèå...</h1>
<table cellpadding="0" cellspacing="0" width="100%">
<tbody><tr>
<td style="padding: 4px 0pt 5px;" width="300">
Ñâÿçü ïðåäîñòàâëåíà ÎÀÎ "Èíòåðíåò Ðó". Ìàãèñòðàëüíûé îïåðàòîð ñåòåâîãî äîñòóïà è àãðåãàòîð ðåãèîíàëüíûõ òåëåêîììóíèêàöèîííûõ ñåòåé.
</td>
<td class="tCenter" style="padding: 0pt 6px;">
<font face="arial" size="2">&
... 65 bytes are skipped ...
X Service Alarm: Ïðåâûøåí ëèìèò îäíîâðåìåííûõ ñîåäèíåíèé. Îòêàç ÁÄ. (Error #1035).<br>
> Çàïðîøåííûé Ñåðâåð ïåðåãðóæåí, èäåò êýøèðîâàíèå òðàôèêà ïî ïðîòîêîëó IPTSV6.&nbsp;&nbsp;<?
echo date("H:i:s Ìñê d.m.Y",time()+3*3600); ?><br>
> Ïîëüçîâàòåëü (IP *************) ïðîâåðåí: ÎÊ. Âûäåëåíèå íîâîãî äèíàìè÷åñêîãî äèàïàçîíà: $time=120 ñåê.<br></font>
</td>
</tr>
</tbody></table>
</div>

http://internet-ru.com/test404page.js
404 Not Found
Content-Length: 292
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: xn--h1aaecngahu.com

Result:
HTTP/1.1 302 Found
Connection: close
Date: Sun, 11 Jan 2015 18:33:43 GMT
Location: http://portalmobi.com/in.cgi?4&group=kinopoisk--com
Server: Apache
Content-Length: 0
Content-Type: text/html; charset=UTF-8

...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: xn--h1aaecngahu.com
Referer: http://www.google.com/search?q=xn--h1aaecngahu.com

Result:
The result is similar to the first query. There are no suspicious redirects found.