Scanned pages/files
Request | Server response | Status |
http://sexyt.ru/ | 200 OK Content-Length: 5776 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: 2polovinki.biz ...[482 bytes skipped]... çíàêîìñòâ, ñåêñ çíàêîìñòâà îíëàéí, çíàêîìñòâà, ñàéò çíàêîìñòâ, çíàêîìñòâà îíëàéí,"> <meta http-equiv="Content-language" content="ru"> <meta http-equiv="Content-Style-Type" content="text/css"> <meta name="classification" content="Ðàçâëå÷åíèÿ"> <meta name='yandex-verification' content='4c30e791fb37b141' /> </head> <body bgcolor="#000000"> <script src="http://2polovinki.biz/wap-location/?_path=/dating-m/&subid=33441&mf=1&bee=0&mts=0&noya=1"></script> <script src="http://poisk-partnera.eu/wap-location/?_path=/dating-mobile/&subid=33440&mf=0&bee=1&mts=1&noya=1"></script> <table style="width: 995px; border: medium none; background-color: rgb(0, 0, 0); border-collapse: collapse;" align="center" width=""><tbody><tr><td style="letter-spacing: 0pt; word-spacing ...[3323 bytes skipped]... | ||
http://2polovinki.biz/wap-location/?_path=/dating-m/&subid=33441&mf=1&bee=0&mts=0&noya=1 | 200 OK Content-Length: 19 Content-Type: application/x-javascript | clean |
http://poisk-partnera.eu/wap-location/?_path=/dating-mobile/&subid=33440&mf=0&bee=1&mts=1&noya=1 | 200 OK Content-Length: 19 Content-Type: application/x-javascript | clean |
http://sexyt.ru/test404page.js | 404 Not Found Content-Length: 3666 Content-Type: text/html | clean |
http://sexyt.ru/modernizr.js | 404 Not Found Content-Length: 3666 Content-Type: text/html | clean |
http://sexyt.ru/script.js | 404 Not Found Content-Length: 3666 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: sexyt.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 05 Mar 2015 10:57:10 GMT
ETag: W/"54f63c83-15ff"
Server: nginx
Content-Type: text/html
Last-Modified: Tue, 03 Mar 2015 22:58:11 GMT
Set-Cookie: uid_zxcv=258cc01954f8368659702d2c03051602; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/
X-Powered-By: PleskLin
GET / HTTP/1.1
Host: sexyt.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 05 Mar 2015 10:57:10 GMT
ETag: W/"54f63c83-15ff"
Server: nginx
Content-Type: text/html
Last-Modified: Tue, 03 Mar 2015 22:58:11 GMT
Set-Cookie: uid_zxcv=258cc01954f8368659702d2c03051602; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/
X-Powered-By: PleskLin
Second query (visit from search engine):
GET / HTTP/1.1
Host: sexyt.ru
Referer: http://www.google.com/search?q=sexyt.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: sexyt.ru
Referer: http://www.google.com/search?q=sexyt.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=sexyt.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://sexyt.ru/
Result: sexyt.ru is not infected or malware details are not published yet.
Result: sexyt.ru is not infected or malware details are not published yet.