Sucuri and Quttera disagree on detection, VW archives detects as with unknown html.
Suspicious: http://killmalware.com/quybehlo.nm.ru/
4 malicious files with detected reference to malicious blacklisted domain -smotri.com
→ https://www.mywot.com/en/scorecard/nm.ru?utm_source=addon&utm_content=popup
-qip.ru/advertise blocked by HTTP Switchboard.
List of referenced blacklisted domains/hosts: 3
-smotri.com
-quote.rbc.ru
-qip.ru
I.m.o. a PHISH of sorts.

polonus

I thought I would also do a tracker tracker on this one with the blacklisted domains there included.
Google Adsense installed: ca-pub-4624801353304023 Advertiser Features Enabled.
Netcraft does not give trackers: http://toolbar.netcraft.com/site_report/?url=https%3A%2F%2Fqip.ru%2Freg%2Frecover
but I see from external links ads, tracking, analytics, widgets etc.
This tracker tracker report txt is for research purposes only, do not try to open up all uri’s given there inside a browser as the security of the sites might not be quaranteed - some of these links were immedeately blocked by my HTTPS Switchboard extension. The tracker tracker results are based on Ghostery code. and is being used to make part of the Cloud tracking visible (and also can be used for security related queries and analysis).

polonus (volunteer website security analyst and website error-hunter)

An SSL check found the following pages with unsecure content:
Pages with unsecure content:
-https://qip.ru/reg/recover ?
-https://qip.ru/ ?
-https://qip.ru/services ?
-https://qip.ru/advertise ?
-https://qip.ru/rules ?
-https://qip.ru/?newversion ?
-https://qip.ru/reg/register?retpath=https%3A%2F%2Fqip.ru%2F ?
-https://qip.ru/mnt/pages/register?retpath=http%3A%2F%2Fqip.ru%2F&utm_source=mainqip&utm_medium=referral&utm_term=title&utm_campaign=main_new_register ?
-https://qip.ru/download_qip_2012 ?
-https://qip.ru/reg/logout?retpath=https%3A%2F%2Fqip.ru%2F ?
-https://qip.ru/advertise/requirements ?
-https://qip.ru/mnt/pages/register?retpath=http:%2F%2Fqip.ru%2F&utm_source=mainqip&utm_medium=referral&utm_term=title&utm_campaign=main_new_register ?

Pages failed to crawl (error returned from the server):
-https://qip.ru/reg/register?retpath=http%3A%2F%2Fqip.ru%2Fservices
-https://qip.ru/reg/register?retpath=http%3A%2F%2Fqip.ru%2Fservices
-https://qip.ru/reg/register
-https://qip.ru/reg/register
-https://qip.ru/reg/logout?retpath=http%3A%2F%2Fqip.ru%2Fadvertise
-https://qip.ru/reg/logout?retpath=http%3A%2F%2Fqip.ru%2Fadvertise
-https://qip.ru/reg/register?retpath=http%3A%2F%2Fqip.ru%2Fadvertise
-https://qip.ru/reg/register?retpath=http%3A%2F%2Fqip.ru%2Fadvertise
-https://qip.ru/reg/logout?retpath=http%3A%2F%2Fqip.ru%2Fpage%2Frules
-https://qip.ru/reg/logout?retpath=http%3A%2F%2Fqip.ru%2Fpage%2Frules
-https://qip.ru/reg/register?retpath=http%3A%2F%2Fqip.ru%2Fpage%2Frules
-https://qip.ru/reg/register?retpath=http%3A%2F%2Fqip.ru%2Fpage%2Frules
-http://qip.ru/reg/register
-http://qip.ru/reg/register

See tracker tracker report on just these above uri’s.
Scanned here OK: https://www.metascan-online.com/en/scanresult/file/019e00ad91ce4b509040e150758eb416

Interesting in this respect ret path: https://nealpoole.com/blog/category/vulnerability-writeups/
link article author = Neal Poole

XSS is an output problem and not an input problem, which is why something like xss_clean() can never be a reliable approach to solving XSS problems (and xss_clean() itself is a laughably terrible implementation even by the low, low standards of anti-XSS tools).

polonus