New scan:

Malware Scanner report for qip.ru

Malicious/Suspicious/Total urls checked
0/9/15
9 pages have suspicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://qip.ru/
200 OK
Content-Length: 83054
Content-Type: text/html
suspicious
Suspicious code found

<div class="qip_footer qf_stretch">
<div class="qf_left"><script>
function forLinkToNewVersion(_link) {
_gaq.push(['_trackEvent', 'Новый дизайн', 'Клик', 'Подвал']);
setTimeout(function() {document.location.href = _link.href;}, 100);
return false;
}
</script>
<a id="q_footer_pda" href="//qip.ru/?newversion" rel="nofollow" onclick='return forLinkToNewVersion(this);'>Новый дизайн</a></
... 4215 bytes are skipped ...
eta.ua', 'q'], ['_addOrganic', 'bigmir.net', 'z'], ['_setCampContentKey', 'from'], ['_setCampContentKey', 'ref'], ['_trackPageview']];
(function() {
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.defer = true; ga.async = true;
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
})();
</script>

http://qip.ru/js/s_index.js?556
200 OK
Content-Length: 46110
Content-Type: application/x-javascript
clean
http://qip.ru/js/criteo.js?556
200 OK
Content-Length: 1108
Content-Type: application/x-javascript
clean
http://qip.ru//api.qip.ru/js/head.js?584/
404 Not Found
Content-Length: 83280
Content-Type: text/html
suspicious
Suspicious code found

<div class="qip_footer qf_stretch">
<div class="qf_left"><script>
function forLinkToNewVersion(_link) {
_gaq.push(['_trackEvent', 'Новый дизайн', 'Клик', 'Подвал']);
setTimeout(function() {document.location.href = _link.href;}, 100);
return false;
}
</script>
<a id="q_footer_pda" href="//qip.ru/?newversion" rel="nofollow" onclick='return forLinkToNewVersion(this);'>Новый дизайн</a></
... 4215 bytes are skipped ...
eta.ua', 'q'], ['_addOrganic', 'bigmir.net', 'z'], ['_setCampContentKey', 'from'], ['_setCampContentKey', 'ref'], ['_trackPageview']];
(function() {
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.defer = true; ga.async = true;
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
})();
</script>

http://qip.ru//pagead2.googlesyndication.com/pagead/show_ads.js/
404 Not Found
Content-Length: 83561
Content-Type: text/html
suspicious
Suspicious code found

<div class="qip_footer qf_stretch">
<div class="qf_left"><script>
function forLinkToNewVersion(_link) {
_gaq.push(['_trackEvent', 'Новый дизайн', 'Клик', 'Подвал']);
setTimeout(function() {document.location.href = _link.href;}, 100);
return false;
}
</script>
<a id="q_footer_pda" href="//qip.ru/?newversion" rel="nofollow" onclick='return forLinkToNewVersion(this);'>Новый дизайн</a></
... 4215 bytes are skipped ...
eta.ua', 'q'], ['_addOrganic', 'bigmir.net', 'z'], ['_setCampContentKey', 'from'], ['_setCampContentKey', 'ref'], ['_trackPageview']];
(function() {
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.defer = true; ga.async = true;
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
})();
</script>

http://qip.ru//qip.ru/homepage/
404 Not Found
Content-Length: 84116
Content-Type: text/html
suspicious
Suspicious code found

<div class="qip_footer qf_stretch">
<div class="qf_left"><script>
function forLinkToNewVersion(_link) {
_gaq.push(['_trackEvent', 'Новый дизайн', 'Клик', 'Подвал']);
setTimeout(function() {document.location.href = _link.href;}, 100);
return false;
}
</script>
<a id="q_footer_pda" href="//qip.ru/?newversion" rel="nofollow" onclick='return forLinkToNewVersion(this);'>Новый дизайн</a></
... 4215 bytes are skipped ...
eta.ua', 'q'], ['_addOrganic', 'bigmir.net', 'z'], ['_setCampContentKey', 'from'], ['_setCampContentKey', 'ref'], ['_trackPageview']];
(function() {
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.defer = true; ga.async = true;
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
})();
</script>

https://qip.ru/reg/recover
200 OK
Content-Length: 17522
Content-Type: text/html
suspicious
Suspicious code found

<div class="qip_footer qf_stretch">
<div class="qf_left"><script>
function forLinkToNewVersion(_link) {
_gaq.push(['_trackEvent', 'Новый дизайн', 'Клик', 'Подвал']);
setTimeout(function() {document.location.href = _link.href;}, 100);
return false;
}
</script>
<a id="q_footer_pda" href="//qip.ru/?newversion" rel="nofollow" onclick='return forLinkToNewVersion(this);'>Новый дизайн</a></
... 4215 bytes are skipped ...
eta.ua', 'q'], ['_addOrganic', 'bigmir.net', 'z'], ['_setCampContentKey', 'from'], ['_setCampContentKey', 'ref'], ['_trackPageview']];
(function() {
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.defer = true; ga.async = true;
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
})();
</script>

https://api.qip.ru/js/main.js?584
200 OK
Content-Length: 13764
Content-Type: application/x-javascript
clean
https://api.qip.ru/js/JsHttpRequest.js
200 OK
Content-Length: 13895
Content-Type: application/x-javascript
clean
https://qip.ru//mail.qip.ru/
404 Not Found
Content-Length: 83707
Content-Type: text/html
suspicious
Suspicious code found

<div class="qip_footer qf_stretch">
<div class="qf_left"><script>
function forLinkToNewVersion(_link) {
_gaq.push(['_trackEvent', 'Новый дизайн', 'Клик', 'Подвал']);
setTimeout(function() {document.location.href = _link.href;}, 100);
return false;
}
</script>
<a id="q_footer_pda" href="//qip.ru/?newversion" rel="nofollow" onclick='return forLinkToNewVersion(this);'>Новый дизайн</a></
... 4215 bytes are skipped ...
eta.ua', 'q'], ['_addOrganic', 'bigmir.net', 'z'], ['_setCampContentKey', 'from'], ['_setCampContentKey', 'ref'], ['_trackPageview']];
(function() {
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.defer = true; ga.async = true;
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
})();
</script>

https://qip.ru/js/s_index.js?556
200 OK
Content-Length: 46110
Content-Type: application/x-javascript
clean
https://qip.ru/js/criteo.js?556
200 OK
Content-Length: 1108
Content-Type: application/x-javascript
clean
https://qip.ru//api.qip.ru/js/head.js?584/
404 Not Found
Content-Length: 84153
Content-Type: text/html
suspicious
Suspicious code found

<div class="qip_footer qf_stretch">
<div class="qf_left"><script>
function forLinkToNewVersion(_link) {
_gaq.push(['_trackEvent', 'Новый дизайн', 'Клик', 'Подвал']);
setTimeout(function() {document.location.href = _link.href;}, 100);
return false;
}
</script>
<a id="q_footer_pda" href="//qip.ru/?newversion" rel="nofollow" onclick='return forLinkToNewVersion(this);'>Новый дизайн</a></
... 4215 bytes are skipped ...
eta.ua', 'q'], ['_addOrganic', 'bigmir.net', 'z'], ['_setCampContentKey', 'from'], ['_setCampContentKey', 'ref'], ['_trackPageview']];
(function() {
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.defer = true; ga.async = true;
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
})();
</script>

https://qip.ru//pagead2.googlesyndication.com/pagead/show_ads.js/
404 Not Found
Content-Length: 84252
Content-Type: text/html
suspicious
Suspicious code found

<div class="qip_footer qf_stretch">
<div class="qf_left"><script>
function forLinkToNewVersion(_link) {
_gaq.push(['_trackEvent', 'Новый дизайн', 'Клик', 'Подвал']);
setTimeout(function() {document.location.href = _link.href;}, 100);
return false;
}
</script>
<a id="q_footer_pda" href="//qip.ru/?newversion" rel="nofollow" onclick='return forLinkToNewVersion(this);'>Новый дизайн</a></
... 4215 bytes are skipped ...
eta.ua', 'q'], ['_addOrganic', 'bigmir.net', 'z'], ['_setCampContentKey', 'from'], ['_setCampContentKey', 'ref'], ['_trackPageview']];
(function() {
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.defer = true; ga.async = true;
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
})();
</script>

https://qip.ru//qip.ru/homepage/
404 Not Found
Content-Length: 86150
Content-Type: text/html
suspicious
Suspicious code found

<div class="qip_footer qf_stretch">
<div class="qf_left"><script>
function forLinkToNewVersion(_link) {
_gaq.push(['_trackEvent', 'Новый дизайн', 'Клик', 'Подвал']);
setTimeout(function() {document.location.href = _link.href;}, 100);
return false;
}
</script>
<a id="q_footer_pda" href="//qip.ru/?newversion" rel="nofollow" onclick='return forLinkToNewVersion(this);'>Новый дизайн</a></
... 4215 bytes are skipped ...
eta.ua', 'q'], ['_addOrganic', 'bigmir.net', 'z'], ['_setCampContentKey', 'from'], ['_setCampContentKey', 'ref'], ['_trackPageview']];
(function() {
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.defer = true; ga.async = true;
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
})();
</script>


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: qip.ru

Result:
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate
Connection: close
Date: Mon, 27 Apr 2015 18:39:06 GMT
Pragma: no-cache
Server: nginx
Content-Type: text/html; charset=utf-8
Expires: Wed, 14 May 2000 00:00:00 GMT
Set-Cookie: sqip_weather_code=RU_45_45_2; expires=Sun, 17-Jan-2016 18:39:06 GMT; path=/; domain=qip.ru
Set-Cookie: startqip_uniq=11fa2899c139a3785773f65ac92f2d35; expires=Wed, 27-May-2015 18:39:06 GMT; path=/; domain=qip.ru
Second query (visit from search engine):
GET / HTTP/1.1
Host: qip.ru
Referer: http://www.google.com/search?q=qip.ru

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=qip.ru

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://qip.ru/

Result: qip.ru is not infected or malware details are not published yet.