Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=uxtop.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://uxtop.ru/ | 200 OK Content-Length: 5532 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: 301java.net ...[1669 bytes skipped]... gt;</a><br><a href="http://m.uxsex.ru"><font color="red">â¥â¥ СÐÐС ÐÐÐССÐÐÐÐ â¥â¥</font></a><br></div><div class="topik">Top 100 | <b><a href="/str/cat.php">ÐаÑегоÑии</a></b></div><div class="ico"><div class="topni"><b><font color="red">1.</font> <a href="/out.php?id=548"><span class="site">301java.net</b></span></a> <small><b>(1069/2553</b><b>)</b></small> <img src="/images/d.gif" alt="*"><div class="info">Yuklamalar</div></div><div class="str">УÑло на ÑайÑ: <b>5</b><br/></div></div></div><div class="ico"><div class="topni"><b><font color="red">2.</font> <a href="/out.php?id=817"><spz">СÑÑ: <span ...[2518 bytes skipped]... Hidden iFrame found. style: hidden src: http://shamol.biz/down <iframe src="http://shamol.biz/down" style="display:none;"> Hidden iFrame found. style: hidden src: http://uxsex.ru <iframe src="http://uxsex.ru" style="display:none;"> | ||
http://www.adtraff.ru/block3.js | 200 OK Content-Length: 1584 Content-Type: application/x-javascript | clean |
http://nclick.su/tlnk/31434/1/1 | 200 OK Content-Length: 1063 Content-Type: text/html | clean |
http://nclick.su/tout.php?ids=31434&n=280511 | HTTP/1.1 200 OK Cache-Control: no-cache Connection: close Date: Thu, 08 Jan 2015 18:07:35 GMT Pragma: no-cache Server: nginx/1.4.3 Vary: Accept-Encoding Content-Length: 1170 Content-Type: text/html; charset=utf-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: ses=upjktk8eb76usnq05u437829o4; path=/ X-Powered-By: PHP/5.3.3 | clean |
http://nclick.su/tout2.php?ids=31434&kod1=1693947&ses=upjktk8eb76usnq05u437829o4&n=280511 | HTTP/1.1 302 Found Cache-Control: no-cache Connection: close Date: Thu, 08 Jan 2015 18:07:35 GMT Pragma: no-cache Location: http://mox.su Server: nginx/1.4.3 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: ses=8e243snfg8pfp6vqoujbmq74u7; path=/ X-Powered-By: PHP/5.3.3 | clean |
http://mox.su/ | 200 OK Content-Length: 8129 Content-Type: text/html | clean |
http://v.visitweb.com/v/84558 | 200 OK Content-Length: 6144 Content-Type: text/javascript | clean |
http://nclick.ru/tlnk/4443/1/1 | 200 OK Content-Length: 1138 Content-Type: text/html | clean |
http://nclick.ru/test404page.js | HTTP/1.1 302 Found Connection: close Date: Thu, 08 Jan 2015 18:07:36 GMT Location: http://nclick.ru/index.php Server: nginx/1.4.3 Content-Length: 285 Content-Type: text/html; charset=iso-8859-1 | clean |
http://nclick.ru/index.php | 200 OK Content-Length: 7092 Content-Type: text/html | clean |
http://nclick.su/jl2/11384/1/1 | 500 Internal Server Error Content-Length: 0 Content-Type: text/html | clean |
http://nclick.su/test404page.js | HTTP/1.1 302 Found Connection: close Date: Thu, 08 Jan 2015 18:07:37 GMT Location: http://nclick.ru/index.php Server: nginx/1.4.3 Content-Length: 285 Content-Type: text/html; charset=iso-8859-1 | clean |
http://nclick.su/bn/31434/2/1 | 200 OK Content-Length: 372 Content-Type: text/html | clean |
http://nclick.su/bnout.php?ids=31434&n=3417564 | HTTP/1.1 200 OK Cache-Control: no-cache Connection: close Date: Thu, 08 Jan 2015 18:07:37 GMT Pragma: no-cache Server: nginx/1.4.3 Vary: Accept-Encoding Content-Length: 1400 Content-Type: text/html; charset=utf-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: ses=krss5deh2dgk7m10l3u8i1k406; path=/ X-Powered-By: PHP/5.3.3 | clean |
http://nclick.su/bnout2.php?ids=31434&kod1=6341256&ses=krss5deh2dgk7m10l3u8i1k406&n=3417564 | HTTP/1.1 302 Found Cache-Control: no-cache Connection: close Date: Thu, 08 Jan 2015 18:07:37 GMT Pragma: no-cache Location: http://mox.su Server: nginx/1.4.3 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: ses=39diqj4qrohjp186slf3g7m8v0; path=/ X-Powered-By: PHP/5.3.3 | clean |
http://nclick.su/bnout.php?ids=31434&n=3417565 | HTTP/1.1 200 OK Cache-Control: no-cache Connection: close Date: Thu, 08 Jan 2015 18:07:37 GMT Pragma: no-cache Server: nginx/1.4.3 Vary: Accept-Encoding Content-Length: 1400 Content-Type: text/html; charset=utf-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: ses=dn0nlfq3q08sjsn0efpqg27895; path=/ X-Powered-By: PHP/5.3.3 | clean |
http://nclick.su/bnout2.php?ids=31434&kod1=7399460&ses=dn0nlfq3q08sjsn0efpqg27895&n=3417565 | HTTP/1.1 302 Found Cache-Control: no-cache Connection: close Date: Thu, 08 Jan 2015 18:07:37 GMT Pragma: no-cache Location: http://mox.su Server: nginx/1.4.3 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Set-Cookie: ses=mguug8d54n56p0g2vfhnpp36m2; path=/ X-Powered-By: PHP/5.3.3 | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: uxtop.ru
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Connection: close
Date: Thu, 08 Jan 2015 17:06:10 GMT
Server: nginx
Content-Length: 5532
Content-Type: text/html; charset=UTF-8
Expires: Fri, 09 Jan 2015 17:06:10 GMT
X-Powered-By: PHP/5.4.13
...5532 bytes of data.
GET / HTTP/1.1
Host: uxtop.ru
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Connection: close
Date: Thu, 08 Jan 2015 17:06:10 GMT
Server: nginx
Content-Length: 5532
Content-Type: text/html; charset=UTF-8
Expires: Fri, 09 Jan 2015 17:06:10 GMT
X-Powered-By: PHP/5.4.13
...5532 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: uxtop.ru
Referer: http://www.google.com/search?q=uxtop.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: uxtop.ru
Referer: http://www.google.com/search?q=uxtop.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.