Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: morenewwords.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 10 Jan 2015 12:05:17 GMT
Location: http://www.morenewwords.com/
Server: Apache
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.morenewwords.com/xmlrpc.php
...0 bytes of data.
GET / HTTP/1.1
Host: morenewwords.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 10 Jan 2015 12:05:17 GMT
Location: http://www.morenewwords.com/
Server: Apache
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.morenewwords.com/xmlrpc.php
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: morenewwords.com
Referer: http://www.google.com/search?q=morenewwords.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: morenewwords.com
Referer: http://www.google.com/search?q=morenewwords.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://21centurytube.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 15 Sep 2014 11:50:25 GMT Location: http://www.21centurytube.com/ Server: nginx/1.6.0 Content-Length: 237 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.21centurytube.com/ | 200 OK Content-Length: 162297 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: 21porno.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <title>21 Century Porn Tube!</title> <meta name="keywords" content="porn categories,hard porn,hot porn,porn,porn tube, se ...[4342 bytes skipped]... | ||
http://www.21centurytube.com/js/jquery-1.3.2.min.js | 200 OK Content-Length: 57254 Content-Type: application/javascript | clean |
http://s7.addthis.com/js/250/addthis_widget.js | 200 OK Content-Length: 6875 Content-Type: text/javascript | clean |
http://adspaces.ero-advertising.com/adspace/147333.js | 200 OK Content-Length: 1830 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/147334.js | 200 OK Content-Length: 1828 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/138417.js | 200 OK Content-Length: 3797 Content-Type: application/javascript | clean |
http://21centurytube.com/ftt2/o.php?l=toplist&perm=21porno.com | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 15 Sep 2014 11:50:29 GMT Location: http://www.21centurytube.com/ftt2/o.php?l=toplist&perm=21porno.com Server: nginx/1.6.0 Content-Length: 278 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.21centurytube.com/ftt2/o.php?l=toplist&perm=21porno.com | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate Connection: close Date: Mon, 15 Sep 2014 11:50:29 GMT Pragma: no-cache Location: http://21porno.com Server: nginx/1.6.0 Content-Length: 0 Content-Type: text/html Set-Cookie: ftt2=YTo1OntzOjI6ImlwIjtpOjEzMTg5ODA1Nzg7czoxOiJmIjtzOjE6IjAiO3M6MToicyI7czoyOiJzZSI7czoxOiJ2IjthOjE6e2k6MDtzOjQ6IjU1NzciO31zOjI6ImNjIjtzOjE6IjAiO30%3D; expires=Tue, 16-Sep-2014 11:50:29 GMT; Max-Age=86400; path=/; domain=.21centurytube.com X-Powered-By: PHP/5.5.12 | malicious |
http://21porno.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 15 Sep 2014 11:50:30 GMT Location: http://www.21porno.com/ Server: nginx/1.6.0 Content-Length: 231 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.21porno.com/ | 200 OK Content-Length: 140140 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: bigsexporn.com <!DOCTYPE html>
<html lang="en"> <head> <title>21 Porno is a multiniche Porn Tube. 21 Porno proudly presents a huge collection of porn videos and sex movies. Sex Tubes are updated hourly to provide our visitors with the most recent porn in the Internet.</title> <link media="all" rel="stylesheet" type="text/css" href="/css/all.css" /> <link rel="shortcut icon" type="image/x-icon" href=" ...[4492 bytes skipped]... | ||
http://www.21porno.com/js/jquery-1.3.2.min.js | 200 OK Content-Length: 57254 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/160053.js | 200 OK Content-Length: 1832 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/160054.js | 200 OK Content-Length: 1830 Content-Type: application/javascript | clean |
http://syndication.exoclick.com/ads.php?type=300x250&login=Shamanboo&cat=2&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=788831&idsite=202007 | 200 OK Content-Length: 646 Content-Type: text/javascript | clean |
http://adspaces.ero-advertising.com/adspace/160051.js | 200 OK Content-Length: 3835 Content-Type: application/javascript | clean |
http://cdn.reporo.net/jsbanner.js | 200 OK Content-Length: 836 Content-Type: application/x-javascript | clean |
http://21centurytube.com/ftt2/o.php?l=toplist&perm=21centurytube.com | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 15 Sep 2014 11:50:34 GMT Location: http://www.21centurytube.com/ftt2/o.php?l=toplist&perm=21centurytube.com Server: nginx/1.6.0 Content-Length: 284 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.21centurytube.com/ftt2/o.php?l=toplist&perm=21centurytube.com | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate Connection: close Date: Mon, 15 Sep 2014 11:50:34 GMT Pragma: no-cache Location: http://pornzeus.com Server: nginx/1.6.0 Content-Length: 0 Content-Type: text/html Set-Cookie: ftt2=YTo1OntzOjI6ImlwIjtpOjEzMTg5ODA1Nzg7czoxOiJmIjtzOjE6IjAiO3M6MToicyI7czoyOiJzZSI7czoxOiJ2IjthOjI6e2k6MTtpOjU1Nzc7aToyO3M6NDoiNDkwMCI7fXM6MjoiY2MiO3M6MToiMCI7fQ%3D%3D; expires=Tue, 16-Sep-2014 11:50:34 GMT; Max-Age=86400; path=/; domain=.21centurytube.com X-Powered-By: PHP/5.5.12 | malicious |
http://pornzeus.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 15 Sep 2014 11:50:29 GMT Location: http://www.pornzeus.com/ Server: Apache/2 Content-Length: 296 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.pornzeus.com/ | 200 OK Content-Length: 167147 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.platinum-porn.com ...[3065 bytes skipped]... </table> </div> </div> <center> <table> <tr> <td> <center>pornzeus.com is not in any way responsible for the content of the pages to which it links. We encourage you to if ever find a link in question pertaining to illegal or copyrighted content to contact us and it will be reviewed promptly for removal from this website. <a href="http://www.platinum-porn.com" target="_blank">Platinum</a></center> </td> </tr> </table> </center> <script type="text/javascript"> (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){ (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m) })(window,document,'script','//www.google-analyti ...[833 bytes skipped]... | ||
http://cdn.pornzeus.com/script.js | 200 OK Content-Length: 2417 Content-Type: application/javascript | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=21centurytube.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://21centurytube.com/
Result: 21centurytube.com is not infected or malware details are not published yet.
Result: 21centurytube.com is not infected or malware details are not published yet.