Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=1stube.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://1stube.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.1stube.com/ | 200 OK Content-Length: 202099 Content-Type: text/html | malicious |
Page code contains blacklisted domain: www.parentaltube.com <div class="title_bl">Recommended Free Sex Movies Sites:</div>
</td> </tr> <tr> <td height="50" colspan="2" align="center"> <table border=0 cellpadding=0 cellspacing=0 class="top topc"> <tr><td align="center" valign="top" width="245"> <table border=0><tr><td align=left> <span><img src="http://1stube.com/t240x180/images/hat_ar.gif" ...[4658 bytes skipped]... Malicious iFrame found. size: 926x270 src: http://1stube.com/adw.shtml This URL is marked by Yandex as suspicious <iframe src="http://1stube.com/adw.shtml" marginheight="0" marginwidth="0" allowtransparency="true" scrolling="no" frameborder="0" style="background-color:transparent" scrolling="no" frameborder="0" width="926" height="270"> Malicious iFrame found. size: 740x100 src: http://1stube.com/adw2.shtml This URL is marked by Yandex as suspicious <iframe src="http://1stube.com/adw2.shtml" marginheight="0" marginwidth="0" allowtransparency="true" scrolling="no" frameborder="0" style="background-color:transparent" scrolling="no" frameborder="0" width="740" height="100"> | ||
http://www.1stube.com/jsa/ax1wHeTzcu4m.js | 200 OK Content-Length: 68 Content-Type: application/x-javascript | clean |
http://www.1stube.com/cgi-bin/a2/out.cgi?id=262&u=http://www.nowretro.com/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 12 Sep 2014 20:31:30 GMT Location: http://www.nowretro.com/ Server: nginx/1.6.1 | clean |
http://www.nowretro.com/ | 200 OK Content-Length: 134715 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.xnxxhdsex.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <base target="_blank" /> <title>Now Retro - Top Retro Porn</title> <meta name="description" content="Retro Porn" /> <meta name="keywords" content="retro porn, Retro Amateurs,Retro Anal,Retro ...[4572 bytes skipped]... | ||
http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js | 200 OK Content-Length: 94840 Content-Type: text/javascript | clean |
http://www.1stube.com/script.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 12 Sep 2014 20:31:33 GMT Location: http://41tube.com/redir.html Server: nginx/1.6.1 Content-Length: 160 Content-Type: text/html | clean |
http://41tube.com/redir.html | 200 OK Content-Length: 344 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: hostednude.com <html> <head> <title>Please wait...</title> <script type="text/javascript"> <!-- window.location = "http://hostednude.com/cgi-bin/at3/out.cgi"; //--> </script> </head> <body bgcolor="#FFFFFF" alink="#0078ff" vlink="#0078ff" link="#0078ff"> Please wait ... or click <a href="http://hostednude.com/cgi-bin/at3/out.cgi">here</a>! </body> </html> | ||
http://41tube.com/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 12 Sep 2014 20:31:33 GMT Location: http://41tube.com/redir.html Server: nginx/1.6.1 Content-Length: 160 Content-Type: text/html | clean |
http://syndication.exoclick.com/splash.php?cat=2&idsite=83749&idzone=150625&login=cumilf&type=3 | 200 OK Content-Length: 5826 Content-Type: application/x-javascript | clean |
http://s7.addthis.com/js/250/addthis_widget.js | 200 OK Content-Length: 6875 Content-Type: text/javascript | clean |
http://www.1stube.com/cgi-bin/a2/out.cgi?id=397&u=http://www.lilactube.com | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 12 Sep 2014 20:31:34 GMT Location: http://www.lilactube.com Server: nginx/1.6.1 | clean |
http://www.lilactube.com/ | 200 OK Content-Length: 218237 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.porntsunami.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml">
<head> <title>Lilac Tube - Huge Free Porn Tube Movies and Big Sex Collection</title> <meta name="description" content="Free Porn Tube Videos and Huge Sex Tube Movies Collection at Lilac Tube"> <meta name="keywords" content="por ...[4496 bytes skipped]... | ||
http://glossytube.com/ubr/ubr.js | 200 OK Content-Length: 3005 Content-Type: application/javascript | clean |
http://www.1stube.com/jsa/m65FTI26ObL7.js | 200 OK Content-Length: 68 Content-Type: application/x-javascript | clean |
http://www.1stube.com/f/teen/?tc=1 | 200 OK Content-Length: 283019 Content-Type: text/html | malicious |
Page code contains blacklisted domain: www.parentaltube.com <div class="title_bl">Recommended Free Sex Movies Sites:</div>
</td> </tr> <tr> <td height="50" colspan="2" align="center"> <table border=0 cellpadding=0 cellspacing=0 class="top topc"> <tr><td align="center" valign="top" width="245"> <table border=0><tr><td align=left> <span><img src="http://1stube.com/t240x180/images/hat_ar.gif" ...[4647 bytes skipped]... Malicious iFrame found. size: 740x100 src: http://1stube.com/adw2.shtml This URL is marked by Yandex as suspicious <iframe src="http://1stube.com/adw2.shtml" marginheight="0" marginwidth="0" allowtransparency="true" scrolling="no" frameborder="0" style="background-color:transparent" scrolling="no" frameborder="0" width="740" height="100"> Malicious iFrame found. size: 926x270 src: http://1stube.com/adw.shtml This URL is marked by Yandex as suspicious <iframe src="http://1stube.com/adw.shtml" marginheight="0" marginwidth="0" allowtransparency="true" scrolling="no" frameborder="0" style="background-color:transparent" scrolling="no" frameborder="0" width="926" height="270"> | ||
http://www.1stube.com/jsa/XJObWs3v0Nsf.js | 200 OK Content-Length: 68 Content-Type: application/x-javascript | clean |
http://www.1stube.com/cgi-bin/a2/out.cgi?id=958&u=http://pornfetishxxx.com | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 12 Sep 2014 20:31:37 GMT Location: http://pornfetishxxx.com Server: nginx/1.6.1 | clean |
http://pornfetishxxx.com/ | 200 OK Content-Length: 186105 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: yakmovies.com <h2 class="title_bl">Free Porn Fetish Tube Category List</h2>
<div class="clear"></div> <!--categories start--> <ul class="categories"> <li><a href="" title="Free Porn"></a></li> <li><a href="" title="Free Porn"></a></li> <li><a href="" title="Free Porn"></a></li></ul> ...[5187 bytes skipped]... | ||
http://pornfetishxxx.com/jsa/wy75xRUFYdPp.js | 200 OK Content-Length: 75 Content-Type: application/x-javascript | clean |
http://www.1stube.com/cgi-bin/a2/out.cgi?id=958&u=http:// | HTTP/1.1 302 Moved Temporarily Connection: close Date: Fri, 12 Sep 2014 20:31:40 GMT Location: http:// Server: nginx/1.6.1 | clean |
http:// | 500 No Host option provided Content-Length: 73 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 1stube.com
Result:
GET / HTTP/1.1
Host: 1stube.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: 1stube.com
Referer: http://www.google.com/search?q=1stube.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 1stube.com
Referer: http://www.google.com/search?q=1stube.com
Result:
The result is similar to the first query. There are no suspicious redirects found.