Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=zaycu.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://zaycu.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://zaycu.ru/ | 200 OK Content-Length: 6916 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: forum.zaycu.ru ...[1377 bytes skipped]... />--> </div> <div class="t"><img src='/img/morkovka.gif' class="ico" alt="mork" /> ÐÐµÐ½Ñ WAP.ZAYCU.RU<br /> </div> <div class="main"><img src='http://zaycu.ru/img/default.gif' class="ic" alt="" /><a href="http://zaycu.ru/news/"> ÐовоÑÑи</a> <b>(30.09.2014)</b><br /><img src='http://zaycu.ru/img/default.gif' class="ic" alt="" /><a href="http://forum.zaycu.ru"> ФоÑÑм</a> <b>(on: 0)</b><br /> <img src='http://zaycu.ru/img/default.gif' class="ic" alt="" /><a href="http://tabor.ru/?39"> ÐнакомÑÑва</a> <b>(on: 15000)</b><br /> <img src="/img/default.gif" class="ic" alt="" /><a href="http://vmmo.ru/reference/go?pref_id=1000323"> NEW! Ðнлайн-игÑа ÐоÑенÑÑ</a><br /><img src='http://zaycu.ru/img/default.gif' class="ic" alt="" ...[2522 bytes skipped]... | ||
http://mpay69tds.biz/embed_code/62/fobar | 200 OK Content-Length: 9397 Content-Type: text/javascript | clean |
http://c.waptut.ru/6029/main.js | 200 OK Content-Length: 1120 Content-Type: application/javascript | clean |
http://zaycu.ru/stat/go.php?id=1 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 02 Oct 2014 12:11:34 GMT Location: http://zaycu.ru Server: Apache/2.2.15 (CentOS) Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.3.3 | clean |
http://zaycu.ru/test404page.js | 404 Not Found Content-Length: 286 Content-Type: text/html | clean |
http://zaycu.ru/news/ | 200 OK Content-Length: 6810 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: films.zaycu.ru ...[538 bytes skipped]... "stylesheet" href="/css/style.css" type="text/css" /> </head> <body> <div class="logo"><img src='/img/news.gif' alt="" /></div> <div class="ab"> Ðа зайÑÐ°Ñ Ð½Ð¾Ð²Ð¾ÑÑи ÑиÑай,пеÑвее вÑÐµÑ Ð²ÑÑ Ñзнавай! </div> <div class="rek"> <a href="http://zaycu.ru/support/">Ðак мне задаÑÑ Ð²Ð¾Ð¿ÑÐ¾Ñ Ð·Ð°Ð¹ÑÑ?</a><br/> <a href="http://films.zaycu.ru/file/1657/">Ðлан побега - ФилÑм Ñ Ð»ÐµÐ³ÐµÐ½Ð´Ð°ÑнÑми акÑеÑами!</a><br/> <a href='http://forum.zaycu.ru/'>ÐбÑÑдиÑÑ Ð½Ð¾Ð²Ð¾ÑÑÑ Ð½Ð° ФоÑÑме</a><br /> </div> <div class="t"><img src='/img/morkovka.gif' class="ico" alt="" /> ÐÐÐЦЫ - ÐÐÐÐСТÐ<br /> </div> <div class="main"> <img src='/img/default.gif' class="ic" alt="" /> <b>+ХоÑоÑÐ°Ñ Ð¾Ð±Ð½Ð¾ ...[3441 bytes skipped]... | ||
http://c.waptut.ru/6029/small.js | 200 OK Content-Length: 1121 Content-Type: application/javascript | clean |
http://zaycu.ru/support/ | 200 OK Content-Length: 3896 Content-Type: text/html | clean |
http://zaycu.ru/stat/go.php?id=3 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 02 Oct 2014 12:11:34 GMT Location: http://zaycu.ru Server: Apache/2.2.15 (CentOS) Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.3.3 | clean |
http://zaycu.ru/stat/go.php?id=29 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 02 Oct 2014 12:11:34 GMT Location: http://zaycu.ru Server: Apache/2.2.15 (CentOS) Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Powered-By: PHP/5.3.3 | clean |
http://zaycu.ru/support/4/ | 200 OK Content-Length: 5208 Content-Type: text/html | clean |
http://zaycu.ru/support/4/?p=2 | 200 OK Content-Length: 5533 Content-Type: text/html | clean |
http://zaycu.ru/support/4/?p=1 | 200 OK Content-Length: 5211 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: symbian.zaycu.ru ...[800 bytes skipped]... адавай, и оÑвеÑÑ Ð¿Ð¾Ð»ÑÑай! </div> <div class="rek"> <a href='http://zaycu.ru/stat/go.php?id=3'>ЮнÑе ЦелоÑки! ХалÑва ÑÑÑ!</a><br/> <a href='http://zaycu.ru/stat/go.php?id=29'>ÐÐÐ ÐÐ 2011! ÐеСпÐаТнÐ!+</a><br/> <a href="http://ero.zaycu.ru/1068/">ÐомаÑнее ÐоÑно - ÐапÑеÑеннÐ!</a><br/> <a href="http://symbian.zaycu.ru/">Ðде обновиÑÑ Ñвой ÑмаÑÑ? ТУТ!</a><br/> </div> <div class="t"><img src='/img/morkovka.gif' class="ico" alt="" /> zaycu.ru/support/ - ÐоддеÑжка<br /> </div> <div class="main"> <b>ÐеобÑÑнÑе вопÑоÑÑ</b><br/><br/> <img src='/img/zakazik.gif' class="ic" alt="" /> <b>ÐоÑÑÑ (tis)</b><br/> <b>[17.09.2014 03:57]</b><br/> ...[3093 bytes skipped]... | ||
http://zaycu.ru/support/4/?p=3 | 200 OK Content-Length: 5498 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: themes.zaycu.ru ...[685 bytes skipped]... go"><img src='/img/support.gif' alt="" /></div> <div class="ab"> Ð "Ðоб" вопÑоÑÑ Ð·Ð°Ð´Ð°Ð²Ð°Ð¹, и оÑвеÑÑ Ð¿Ð¾Ð»ÑÑай! </div> <div class="rek"> <a href='http://zaycu.ru/stat/go.php?id=3'>ЮнÑе ЦелоÑки! ХалÑва ÑÑÑ!</a><br/> <a href='http://zaycu.ru/stat/go.php?id=29'>ÐÐÐ ÐÐ 2011! ÐеСпÐаТнÐ!+</a><br/> <a href="http://themes.zaycu.ru/">Ð¢ÐµÐ¼Ñ Ð´Ð»Ñ Nokia S40 и не ÑолÑко!</a><br/> <a href="http://films.zaycu.ru/file/861/">ÐгÑаеÑÑ Ð² СмÑÑÑиков? СкаÑай ФилÑм!</a><br/> </div> <div class="t"><img src='/img/morkovka.gif' class="ico" alt="" /> zaycu.ru/support/ - ÐоддеÑжка<br /> </div> <div class="main"> <b>ÐеобÑÑнÑе вопÑоÑÑ</b><br/><br/> <img src='/img/zakaz ...[3203 bytes skipped]... | ||
http://zaycu.ru/support/4/?p=4 | 200 OK Content-Length: 5151 Content-Type: text/html | clean |
http://zaycu.ru/support/4/?p=5 | 200 OK Content-Length: 5860 Content-Type: text/html | clean |
http://zaycu.ru/support/4/?p=6 | 200 OK Content-Length: 5689 Content-Type: text/html | clean |
http://zaycu.ru/support/4/?p=7 | 200 OK Content-Length: 5185 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: films.zaycu.ru ...[777 bytes skipped]... об" вопÑоÑÑ Ð·Ð°Ð´Ð°Ð²Ð°Ð¹, и оÑвеÑÑ Ð¿Ð¾Ð»ÑÑай! </div> <div class="rek"> <a href='http://zaycu.ru/stat/go.php?id=3'>ЮнÑе ЦелоÑки! ХалÑва ÑÑÑ!</a><br/> <a href='http://zaycu.ru/stat/go.php?id=29'>ÐÐÐ ÐÐ 2011! ÐеСпÐаТнÐ!+</a><br/> <a href="http://play.zaycu.ru/track/4-under">Alex Hepburn - Under</a><br/> <a href="http://films.zaycu.ru/35/">ÐÑеÑеÑÑвеннÑе ÐонÑеÑÑÑ</a><br/> </div> <div class="t"><img src='/img/morkovka.gif' class="ico" alt="" /> zaycu.ru/support/ - ÐоддеÑжка<br /> </div> <div class="main"> <b>ÐеобÑÑнÑе вопÑоÑÑ</b><br/><br/> <img src='/img/zakazik.gif' class="ic" alt="" /> <b>ÐоÑÑÑ (ÑолÑ)</b><br/> <b>[08.05.2014 18:07]</b><br/> Ð ...[3131 bytes skipped]... |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: zaycu.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 02 Oct 2014 12:11:33 GMT
Pragma: no-cache
Server: Apache/2.2.15 (CentOS)
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
X-Powered-By: PHP/5.3.3
GET / HTTP/1.1
Host: zaycu.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 02 Oct 2014 12:11:33 GMT
Pragma: no-cache
Server: Apache/2.2.15 (CentOS)
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
X-Powered-By: PHP/5.3.3
Second query (visit from search engine):
GET / HTTP/1.1
Host: zaycu.ru
Referer: http://www.google.com/search?q=zaycu.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: zaycu.ru
Referer: http://www.google.com/search?q=zaycu.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.