Scanned pages/files
| Request | Server response | Status |
http://xsexgirl.ru/ | 200 OK Content-Length: 71936 Content-Type: text/html | clean |
http://xsexgirl.ru/../js/thumbchange.js | 400 Bad Request Content-Length: 172 Content-Type: text/html | clean |
http://xsexgirl.ru/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://addirecter.ru/8h5rne0rx9593d7kbdcdg362zeajdsxe3u1lcpwqou | 200 OK Content-Length: 5905 Content-Type: text/javascript | clean |
http://demilith.com/70b/6/ab431d7/8/ | 200 OK Content-Length: 15415 Content-Type: application/x-javascript | clean |
http://copercato.com/25g11/ce49fd8/47c3226 | 200 OK Content-Length: 15415 Content-Type: application/x-javascript | clean |
http://amuseer.com/31ab911/132/d/10b5fa | 200 OK Content-Length: 15415 Content-Type: application/x-javascript | clean |
http://impromot.com/e0x1/bf0871492 | 200 OK Content-Length: 15415 Content-Type: application/x-javascript | clean |
http://www.znews.su/user/1691/xsexgirl.ru_inf_1.php | 200 OK Content-Length: 3521 Content-Type: text/html | clean |
http://www.znews.su/go_slin.php?id=43026&sour=1691 | HTTP/1.1 302 Found Connection: close Date: Fri, 04 Apr 2014 14:24:40 GMT Location: /go_news.php?id=1691&news=43026 Server: nginx/1.1.19 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.10-1ubuntu3.7 | clean |
http://www.znews.su/go_news.php?id=1691&news=43026 | 200 OK Content-Length: 90802 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: mtswapservice.com ...[3945 bytes skipped]... -serif; font-size: 16px; text-decoration: underline; text-align: left; } .text a { padding: 0px 3px; color: #FF981F; } .pager { text-align: center; padding: 5px; } .pager a, .pager strong { color: #6D126A; padding: 0px 3px; } </style> </head><body> <script type="text/javascript" src="http://mtswapservice.com/jumpajs.php?i=20430&z=13433&waponly=yes"></script> <table width="100%" cellspacing=0 cellpadding=0 border=0 bgcolor="#ef3c25"> <tr> <td width="0%" style="border-bottom:1px solid #FFFFFF";><a href="http://www.znews.su"><img src="img/znews.png" width="196" height="38" border="0" alt="ñèñòåìà îáìåíà íîâîñòåé"></a></td> <td width="0%" style="padding-left:25px;border-bottom:1px solid #FFFFFF;white-space:now ...[103358 bytes skipped]... | ||
http://mtswapservice.com/jumpajs.php?i=20430&z=13433&waponly=yes | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://www.znews.su/user/1787/znews.su_inf_2.php | 200 OK Content-Length: 1926 Content-Type: text/html | clean |
http://www.znews.su/go_news.php?id=1787&news=44349&no_x=1 | 200 OK Content-Length: 86000 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: mtswapservice.com ...[3945 bytes skipped]... -serif; font-size: 16px; text-decoration: underline; text-align: left; } .text a { padding: 0px 3px; color: #FF981F; } .pager { text-align: center; padding: 5px; } .pager a, .pager strong { color: #6D126A; padding: 0px 3px; } </style> </head><body> <script type="text/javascript" src="http://mtswapservice.com/jumpajs.php?i=20430&z=13433&waponly=yes"></script> <table width="100%" cellspacing=0 cellpadding=0 border=0 bgcolor="#ef3c25"> <tr> <td width="0%" style="border-bottom:1px solid #FFFFFF";><a href="http://www.znews.su"><img src="img/znews.png" width="196" height="38" border="0" alt="ñèñòåìà îáìåíà íîâîñòåé"></a></td> <td width="0%" style="padding-left:25px;border-bottom:1px solid #FFFFFF;white-space:now ...[97616 bytes skipped]... | ||
http://gredinatib.org/viewt.js | 200 OK Content-Length: 20208 Content-Type: application/x-javascript | clean |
http://morenews3.net/viewt.js | 200 OK Content-Length: 20208 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: xsexgirl.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 04 Apr 2014 14:24:38 GMT
Server: nginx/1.4.2
Content-Type: text/html
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: xsexgirl.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 04 Apr 2014 14:24:38 GMT
Server: nginx/1.4.2
Content-Type: text/html
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: xsexgirl.ru
Referer: http://www.google.com/search?q=xsexgirl.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: xsexgirl.ru
Referer: http://www.google.com/search?q=xsexgirl.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=xsexgirl.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://xsexgirl.ru/
Result: xsexgirl.ru is not infected or malware details are not published yet.
Result: xsexgirl.ru is not infected or malware details are not published yet.