Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=xxxrus.net
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://xxxrus.net/ | 200 OK Content-Length: 22449 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: tnyzin.ru ...[1612 bytes skipped]... unction() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <script language='javascript' charset='UTF-8' type='text/javascript' src='http://tnyzin.ru/660j4tatq8n7s7v0dddqfo13skikuus5'></script> </head> <body> <div id="loading-layer" style="display:none">Çàãðóçêà. Ïîæàëóéñòà, ïîäîæäèòå...</div> <script type="text/Âàì íåîáõîäèìî íàéòè, ÷òî- ëèáî êîíêðåòíîå âîñïîëüçóéòåñü ïîèñêîì ïî ñàéòó. Íà íàøåì ñàéòå åñòü ðàçäåë <a href="http://xxxrus.net/russkoe_porno/"> <strong>Ðóññêàÿ ïîðíóõà</strong> </a>ãäå âû íàéäåò âèäåî ñ ðóññêèìè àêòðèñàìè è àêòåðàìè. Äëÿ ëþáèòåë ...[2148 bytes skipped]... | ||
http://xxxrus.net/engine/classes/min/index.php?charset=windows-1251&g=general&10 | 200 OK Content-Length: 183476 Content-Type: application/x-javascript | clean |
http://tnyzin.ru/660j4tatq8n7s7v0dddqfo13skikuus5 | 200 OK Content-Length: 7958 Content-Type: text/javascript | clean |
http://morenews4.net/viewt.js | 200 OK Content-Length: 20987 Content-Type: application/x-javascript | clean |
http://xxxrus.net/porno_foto/ | 200 OK Content-Length: 15198 Content-Type: text/html | clean |
http://xxxrus.net/teens/ | 200 OK Content-Length: 20809 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: tnyzin.ru ...[1505 bytes skipped]... unction() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <script language='javascript' charset='UTF-8' type='text/javascript' src='http://tnyzin.ru/660j4tatq8n7s7v0dddqfo13skikuus5'></script> </head> <body> <div id="loading-layer" style="display:none">Çàãðóçêà. Ïîæàëóéñòà, ïîäîæäèòå...</div> <script type="text/javascript"> <!-- var dle_root = '/'; var dle_admin = ''; var dle_login_hash = ''; var dle_groupt type="submit" onclick="doVote('vote'); return false;" class="l_button" value="Ãîëîñîâàòü" /> </fo ...[2313 bytes skipped]... | ||
http://xxxrus.net/anal/ | 200 OK Content-Length: 20930 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: tnyzin.ru ...[1562 bytes skipped]... unction() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <script language='javascript' charset='UTF-8' type='text/javascript' src='http://tnyzin.ru/660j4tatq8n7s7v0dddqfo13skikuus5'></script> </head> <body> <div id="loading-layer" style="display:none">Çàãðóçêà. Ïîæàëóéñòà, ïîäîæäèòå...</div> <script type="text/javascript"> <!-- var dle_root = '/'; var dlt type="submit" onclick="doVote('vote'); return false;" class="l_button" value="Ãîëîñîâàòü" /> </form> <!-- Voting answers e ...[2248 bytes skipped]... | ||
http://xxxrus.net/porno_filmy/ | 200 OK Content-Length: 21744 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: tnyzin.ru ...[1542 bytes skipped]... unction() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <script language='javascript' charset='UTF-8' type='text/javascript' src='http://tnyzin.ru/660j4tatq8n7s7v0dddqfo13skikuus5'></script> </head> <body> <div id="loading-layer" style="display:none">Çàãðóçêà. Ïîæàëóéñòà, ïîäîæäèòå...</div> <script type="text/javascript"> <!-- var dle_root = '/'; var dle_admin = ''; vt type="submit" onclick="doVote('vote'); return false;" class="l_button" value="Ãîëîñîâàòü" /> </form> ...[2272 bytes skipped]... | ||
http://xxxrus.net/minet/ | 200 OK Content-Length: 20969 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: tnyzin.ru ...[1654 bytes skipped]... unction() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <script language='javascript' charset='UTF-8' type='text/javascript' src='http://tnyzin.ru/660j4tatq8n7s7v0dddqfo13skikuus5'></script> </head> <body> <div id="loading-layer" style="display:none">Çàãðóçêà. Ïîæàëóéñòà, ïîäît type="submit" onclick="doVote('vote'); return false;" class="l_button" value="Ãîëîñîâàòü" /> </form> <!-- Voting answers end --> <!-- Voting results start --> & ...[2133 bytes skipped]... | ||
http://xxxrus.net/domashnee_porno/ | 200 OK Content-Length: 21267 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: tnyzin.ru ...[1682 bytes skipped]... unction() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <script language='javascript' charset='UTF-8' type='text/javascript' src='http://tnyzin.ru/660j4tatq8n7s7v0dddqfo13skikuus5'></script> </head> <body> <div id="loading-layer" style="display:nonet type="submit" onclick="doVote('vote'); return false;" class="l_button" value="Ãîëîñîâàòü" /> </form> <!-- Voting answers end --> <!-- Voting results start --> <form method="post" name="vot ...[2102 bytes skipped]... | ||
http://xxxrus.net/masturb/ | 200 OK Content-Length: 20878 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: tnyzin.ru ...[1552 bytes skipped]... unction() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <script language='javascript' charset='UTF-8' type='text/javascript' src='http://tnyzin.ru/660j4tatq8n7s7v0dddqfo13skikuus5'></script> </head> <body> <div id="loading-layer" style="display:none">Çàãðóçêà. Ïîæàëóéñòà, ïîäîæäèòå...</div> <script type="text/javascript"> <!-- var dle_root = '/'; var dle_admin t type="submit" onclick="doVote('vote'); return false;" class="l_button" value="Ãîëîñîâàòü" /> </form> <!-- Voting ...[2258 bytes skipped]... | ||
http://xxxrus.net/lesbians/ | 200 OK Content-Length: 19470 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: tnyzin.ru ...[1665 bytes skipped]... unction() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <script language='javascript' charset='UTF-8' type='text/javascript' src='http://tnyzin.ru/660j4tatq8n7s7v0dddqfo13skikuus5'></script> </head> <body> <div id="loading-layer" style="display:none">Çàãðóçêà. Ïîæàët type="submit" onclick="doVote('vote'); return false;" class="l_button" value="Ãîëîñîâàòü" /> </form> <!-- Voting answers end --> <!-- Voting results start --> <form met ...[2122 bytes skipped]... | ||
http://xxxrus.net/russkoe_porno/ | 200 OK Content-Length: 20067 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: tnyzin.ru ...[1586 bytes skipped]... unction() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <script language='javascript' charset='UTF-8' type='text/javascript' src='http://tnyzin.ru/660j4tatq8n7s7v0dddqfo13skikuus5'></script> </head> <body> <div id="loading-layer" style="display:none">Çàãðóçêà. Ïîæàëóéñòà, ïîäîæäèòå...</div> <script type="text/javascript"> <!-- var dle_t type="submit" onclick="doVote('vote'); return false;" class="l_button" value="Ãîëîñîâàòü" /> </form> <!-- Voting answers end --> ...[2220 bytes skipped]... | ||
http://xxxrus.net/inter/ | 200 OK Content-Length: 18290 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: tnyzin.ru ...[1670 bytes skipped]... unction() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <script language='javascript' charset='UTF-8' type='text/javascript' src='http://tnyzin.ru/660j4tatq8n7s7v0dddqfo13skikuus5'></script> </head> <body> <div id="loading-layer" style="display:none">Çàãðóçêà. t type="submit" onclick="doVote('vote'); return false;" class="l_button" value="Ãîëîñîâàòü" /> </form> <!-- Voting answers end --> <!-- Voting results start --> <form method=" ...[2117 bytes skipped]... | ||
http://xxxrus.net/group/ | 200 OK Content-Length: 21392 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: tnyzin.ru ...[1664 bytes skipped]... unction() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> <script language='javascript' charset='UTF-8' type='text/javascript' src='http://tnyzin.ru/660j4tatq8n7s7v0dddqfo13skikuus5'></script> </head> <body> <div id="loading-layer" style="display:none">Çàãðóçêà. Ïîæàëót type="submit" onclick="doVote('vote'); return false;" class="l_button" value="Ãîëîñîâàòü" /> </form> <!-- Voting answers end --> <!-- Voting results start --> <form me ...[2123 bytes skipped]... |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: xxxrus.net
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 23 Aug 2014 11:36:01 GMT
Pragma: no-cache
Server: nginx
Content-Type: text/html; charset=CP1251
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=s8u11pe0065o556ugdtputfuf5; path=/; domain=.xxxrus.net; HttpOnly
Set-Cookie: dle_user_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.xxxrus.net; httponly
Set-Cookie: dle_password=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.xxxrus.net; httponly
Set-Cookie: dle_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.xxxrus.net; httponly
X-Powered-By: PHP/5.3.27
GET / HTTP/1.1
Host: xxxrus.net
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 23 Aug 2014 11:36:01 GMT
Pragma: no-cache
Server: nginx
Content-Type: text/html; charset=CP1251
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=s8u11pe0065o556ugdtputfuf5; path=/; domain=.xxxrus.net; HttpOnly
Set-Cookie: dle_user_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.xxxrus.net; httponly
Set-Cookie: dle_password=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.xxxrus.net; httponly
Set-Cookie: dle_hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.xxxrus.net; httponly
X-Powered-By: PHP/5.3.27
Second query (visit from search engine):
GET / HTTP/1.1
Host: xxxrus.net
Referer: http://www.google.com/search?q=xxxrus.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: xxxrus.net
Referer: http://www.google.com/search?q=xxxrus.net
Result:
The result is similar to the first query. There are no suspicious redirects found.