Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=zatoka.kurorts.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://zatoka.kurorts.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://zatoka.kurorts.com/ | 200 OK Content-Length: 58974 Content-Type: text/html | malicious |
Page code contains blacklisted domain: zatoka-ua.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>ÐаÑока. ÐÑдÑÑ Ð² ÐаÑоке. ÐÑÑоÑÑ ÐаÑока на ЧеÑном моÑе под ÐдеÑÑой</title> <me ...[4109 bytes skipped]... Malicious iFrame found. size: 468x60 src: http://maximalist.com.ua/openx/www/delivery/afr.php?zoneid=44&cb=insert_random_number_here This URL is marked by Yandex as suspicious <iframe id='a4aeeeef' name='a4aeeeef' src='http://maximalist.com.ua/openx/www/delivery/afr.php?zoneid=44&cb=insert_random_number_here' frameborder='0' scrolling='no' width='468' height='60'> Malicious iFrame found. size: 179x255 src: http://maximalist.com.ua/openx/www/delivery/afr.php?zoneid=58&cb=insert_random_number_here This URL is marked by Yandex as suspicious <iframe id='a04b6a79' name='a04b6a79' src='http://maximalist.com.ua/openx/www/delivery/afr.php?zoneid=58&cb=insert_random_number_here' frameborder='0' scrolling='no' width='179' height='255' allowtransparency='true'> Malicious iFrame found. size: 179x255 src: http://maximalist.com.ua/openx/www/delivery/afr.php?zoneid=29&cb=insert_random_number_here&ct0=insert_clickurl_here This URL is marked by Yandex as suspicious <iframe id='ae9eefe2' name='ae9eefe2' src='http://maximalist.com.ua/openx/www/delivery/afr.php?zoneid=29&cb=insert_random_number_here&ct0=insert_clickurl_here' frameborder='0' scrolling='no' width='179' height='255' allowtransparency='true'> Malicious iFrame found. size: 728x90 src: http://maximalist.com.ua/openx/www/delivery/afr.php?zoneid=39&cb=insert_random_number_here&ct0=insert_clickurl_here This URL is marked by Yandex as suspicious <iframe id="ace9e09a" name="ace9e09a" src="http://maximalist.com.ua/openx/www/delivery/afr.php?zoneid=39&cb=insert_random_number_here&ct0=insert_clickurl_here" allowtransparency="true" frameborder="0" height="90" scrolling="no" width="728"> Malicious iFrame found. size: 179x255 src: http://maximalist.com.ua/openx/www/delivery/afr.php?zoneid=28&cb=insert_random_number_here This URL is marked by Yandex as suspicious <iframe id="ab862e86" name="ab862e86" src="http://maximalist.com.ua/openx/www/delivery/afr.php?zoneid=28&cb=insert_random_number_here" allowtransparency="true" frameborder="0" height="255" scrolling="no" width="179"> Malicious iFrame found. size: 179x255 src: http://maximalist.com.ua/openx/www/delivery/afr.php?resize=1&zoneid=27&cb=insert_random_number_here&ct0=insert_clickurl_here This URL is marked by Yandex as suspicious <iframe id="a6fe3071" name="a6fe3071" src="http://maximalist.com.ua/openx/www/delivery/afr.php?resize=1&zoneid=27&cb=insert_random_number_here&ct0=insert_clickurl_here" allowtransparency="true" frameborder="0" height="255" scrolling="no" width="179"> | ||
https://odessa.kurorts.com/tpl/scripts/jquery-1.4.2.min.js | 200 OK Content-Length: 72328 Content-Type: application/javascript | clean |
http://kurorts.com/tpl/scripts/jquery.validationEngine-ru.js | 200 OK Content-Length: 2800 Content-Type: application/javascript | clean |
http://kurorts.com/tpl/scripts/jquery.validationEngine.js | 200 OK Content-Length: 26724 Content-Type: application/javascript | clean |
http://kurorts.com/tpl/scripts/jquery.fancybox-1.3.4.pack.js | 200 OK Content-Length: 15669 Content-Type: application/javascript | clean |
http://kurorts.com/js/flowplayer-3.1.4.min.js | 200 OK Content-Length: 15960 Content-Type: application/javascript | clean |
https://odessa.kurorts.com/tpl/scripts/base.js | 200 OK Content-Length: 7650 Content-Type: application/javascript | clean |
http://ulogin.ru/js/ulogin.js | 200 OK Content-Length: 46618 Content-Type: application/x-javascript | clean |
http://informer.gismeteo.ru/flash/fcode.js | 200 OK Content-Length: 637 Content-Type: application/x-javascript | clean |
http://userapi.com/js/api/openapi.js?49 | 200 OK Content-Length: 64013 Content-Type: application/x-javascript | clean |
http://zatoka.kurorts.com//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit/ | 404 Not Found Content-Length: 40290 Content-Type: text/html | malicious |
Page code contains blacklisted domain: zatoka-ua.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>СÑÑаниÑа не найдена. 404 оÑибка</title> <meta name="keywords" content="СÑÑаниÑа не найден ...[4125 bytes skipped]... Malicious iFrame found. size: 728x90 src: http://maximalist.com.ua/openx/www/delivery/afr.php?zoneid=39&cb=insert_random_number_here&ct0=insert_clickurl_here This URL is marked by Yandex as suspicious <iframe id="ace9e09a" name="ace9e09a" src="http://maximalist.com.ua/openx/www/delivery/afr.php?zoneid=39&cb=insert_random_number_here&ct0=insert_clickurl_here" allowtransparency="true" frameborder="0" height="90" scrolling="no" width="728"> Malicious iFrame found. size: 179x255 src: http://maximalist.com.ua/openx/www/delivery/afr.php?zoneid=29&cb=insert_random_number_here&ct0=insert_clickurl_here This URL is marked by Yandex as suspicious <iframe id='ae9eefe2' name='ae9eefe2' src='http://maximalist.com.ua/openx/www/delivery/afr.php?zoneid=29&cb=insert_random_number_here&ct0=insert_clickurl_here' frameborder='0' scrolling='no' width='179' height='255' allowtransparency='true'> Malicious iFrame found. size: 179x255 src: http://maximalist.com.ua/openx/www/delivery/afr.php?zoneid=28&cb=insert_random_number_here This URL is marked by Yandex as suspicious <iframe id="ab862e86" name="ab862e86" src="http://maximalist.com.ua/openx/www/delivery/afr.php?zoneid=28&cb=insert_random_number_here" allowtransparency="true" frameborder="0" height="255" scrolling="no" width="179"> Malicious iFrame found. size: 179x255 src: http://maximalist.com.ua/openx/www/delivery/afr.php?resize=1&zoneid=27&cb=insert_random_number_here&ct0=insert_clickurl_here This URL is marked by Yandex as suspicious <iframe id="a6fe3071" name="a6fe3071" src="http://maximalist.com.ua/openx/www/delivery/afr.php?resize=1&zoneid=27&cb=insert_random_number_here&ct0=insert_clickurl_here" allowtransparency="true" frameborder="0" height="255" scrolling="no" width="179"> Malicious iFrame found. size: 468x60 src: http://maximalist.com.ua/openx/www/delivery/afr.php?zoneid=44&cb=insert_random_number_here This URL is marked by Yandex as suspicious <iframe id='a4aeeeef' name='a4aeeeef' src='http://maximalist.com.ua/openx/www/delivery/afr.php?zoneid=44&cb=insert_random_number_here' frameborder='0' scrolling='no' width='468' height='60'> Malicious iFrame found. size: 179x255 src: http://maximalist.com.ua/openx/www/delivery/afr.php?zoneid=58&cb=insert_random_number_here This URL is marked by Yandex as suspicious <iframe id='a04b6a79' name='a04b6a79' src='http://maximalist.com.ua/openx/www/delivery/afr.php?zoneid=58&cb=insert_random_number_here' frameborder='0' scrolling='no' width='179' height='255' allowtransparency='true'> | ||
http://userapi.com/js/api/openapi.js?45 | 200 OK Content-Length: 64013 Content-Type: application/x-javascript | clean |
http://zatoka.kurorts.com/category/hotels-premium-odessa | 200 OK Content-Length: 44572 Content-Type: text/html | malicious |
Page code contains blacklisted domain: zatoka-ua.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>ÐÑÑÑие гоÑÑинниÑÑ Ð¾Ð´ÐµÑÑÑ, гоÑÑиниÑÑ ÐºÐ»Ð°ÑÑа лÑкÑ, пÑемиÑм оÑели в ÐдеÑÑе </ti ...[4085 bytes skipped]... Malicious iFrame found. size: 179x255 src: http://maximalist.com.ua/openx/www/delivery/afr.php?zoneid=28&cb=insert_random_number_here This URL is marked by Yandex as suspicious <iframe id="ab862e86" name="ab862e86" src="http://maximalist.com.ua/openx/www/delivery/afr.php?zoneid=28&cb=insert_random_number_here" allowtransparency="true" frameborder="0" height="255" scrolling="no" width="179"> Malicious iFrame found. size: 179x255 src: http://maximalist.com.ua/openx/www/delivery/afr.php?resize=1&zoneid=27&cb=insert_random_number_here&ct0=insert_clickurl_here This URL is marked by Yandex as suspicious <iframe id="a6fe3071" name="a6fe3071" src="http://maximalist.com.ua/openx/www/delivery/afr.php?resize=1&zoneid=27&cb=insert_random_number_here&ct0=insert_clickurl_here" allowtransparency="true" frameborder="0" height="255" scrolling="no" width="179"> Malicious iFrame found. size: 728x90 src: http://maximalist.com.ua/openx/www/delivery/afr.php?zoneid=39&cb=insert_random_number_here&ct0=insert_clickurl_here This URL is marked by Yandex as suspicious <iframe id="ace9e09a" name="ace9e09a" src="http://maximalist.com.ua/openx/www/delivery/afr.php?zoneid=39&cb=insert_random_number_here&ct0=insert_clickurl_here" allowtransparency="true" frameborder="0" height="90" scrolling="no" width="728"> Malicious iFrame found. size: 179x255 src: http://maximalist.com.ua/openx/www/delivery/afr.php?zoneid=29&cb=insert_random_number_here&ct0=insert_clickurl_here This URL is marked by Yandex as suspicious <iframe id='ae9eefe2' name='ae9eefe2' src='http://maximalist.com.ua/openx/www/delivery/afr.php?zoneid=29&cb=insert_random_number_here&ct0=insert_clickurl_here' frameborder='0' scrolling='no' width='179' height='255' allowtransparency='true'> Malicious iFrame found. size: 179x255 src: http://maximalist.com.ua/openx/www/delivery/afr.php?zoneid=58&cb=insert_random_number_here This URL is marked by Yandex as suspicious <iframe id='a04b6a79' name='a04b6a79' src='http://maximalist.com.ua/openx/www/delivery/afr.php?zoneid=58&cb=insert_random_number_here' frameborder='0' scrolling='no' width='179' height='255' allowtransparency='true'> Malicious iFrame found. size: 468x60 src: http://maximalist.com.ua/openx/www/delivery/afr.php?zoneid=44&cb=insert_random_number_here This URL is marked by Yandex as suspicious <iframe id='a4aeeeef' name='a4aeeeef' src='http://maximalist.com.ua/openx/www/delivery/afr.php?zoneid=44&cb=insert_random_number_here' frameborder='0' scrolling='no' width='468' height='60'> | ||
http://api-maps.yandex.ru/1.1/index.xml?key=AAPdKU4BAAAAvPt_XgIA_7WCwtx-YAav-YVlfVsj6TOXUaQAAAAAAAAAAAAS7nDsiTPa9pAtiqhwCEnwE5EF5w== | 200 OK Content-Length: 5375 Content-Type: text/javascript | clean |
http://maps.google.com/maps/api/js?sensor=false | 200 OK Content-Length: 5022 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: zatoka.kurorts.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 28 Jul 2014 01:36:27 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=7bd4cdb9fa4f02c9c64ab3852006433c; expires=Wed, 27-Aug-2014 01:36:27 GMT; path=/; domain=.kurorts.com
Set-Cookie: portal=odessa; expires=Tue, 28-Jul-2015 09:56:27 GMT; path=/; domain=.kurorts.com
X-Powered-By: PHP/5.3.28
GET / HTTP/1.1
Host: zatoka.kurorts.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 28 Jul 2014 01:36:27 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=7bd4cdb9fa4f02c9c64ab3852006433c; expires=Wed, 27-Aug-2014 01:36:27 GMT; path=/; domain=.kurorts.com
Set-Cookie: portal=odessa; expires=Tue, 28-Jul-2015 09:56:27 GMT; path=/; domain=.kurorts.com
X-Powered-By: PHP/5.3.28
Second query (visit from search engine):
GET / HTTP/1.1
Host: zatoka.kurorts.com
Referer: http://www.google.com/search?q=zatoka.kurorts.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: zatoka.kurorts.com
Referer: http://www.google.com/search?q=zatoka.kurorts.com
Result:
The result is similar to the first query. There are no suspicious redirects found.