Scanned pages/files
| Request | Server response | Status |
http://amateurcurves.com/ | 200 OK Content-Length: 120458 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: allrusamateurs.com <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd"> <html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office"> <head> <script type="text/javascript"> var _prset=_prset||[];_prset.push(['domain','amateurcurves.com']); (function(pa,s){if(document.getElementById('pr4fc007d7')){return false;} pa=docu ...[4557 bytes skipped]... | ||
http://banners.adultfriendfinder.com/go/page/js_shea_banner?plain_text=1&skip_lpo=1&pid=g766795&delay=0 | 200 OK Content-Length: 4872 Content-Type: text/html | clean |
http://banners.adultfriendfinder.com/test404page.js | HTTP/1.1 404 Not Found Connection: Keep-Alive Date: Tue, 16 Sep 2014 02:54:46 GMT Location: http://ads.adultfriendfinder.com/banners/ffadult/AFF_468x60_aa_04h.gif Server: Apache Content-Length: 0 Content-Type: text/plain Keep-Alive: timeout=5, max=125 Set-Cookie: banner_user_id=78.158.11.226-1410836086-73228; path=/; domain=.adultfriendfinder.com; expires=Wed, 17-Sep-2014 02:54:46 GMT Set-Cookie: banner=ffadult_none_p07_banner-8494_cl0; path=/; domain=.adultfriendfinder.com; expires=Wed, 17-Sep-2014 02:54:46 GMT X-ApacheServer: ki10-17.friendfinderinc.com X-PERF: 0.032039,0.019774,DB_2_0.0038880,CD_8_0.0015890,PK_2_0.0001130,CE_3_0.0066750 | clean |
http://ads.adultfriendfinder.com/banners/ffadult/aff_468x60_aa_04h.gif | 404 Not Found Content-Length: 235 Content-Type: text/html | clean |
http://ads.adultfriendfinder.com/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://amateurcurves.com/rotate.js | 200 OK Content-Length: 4888 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/313270.js | 200 OK Content-Length: 1568 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: amateurcurves.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 16 Sep 2014 02:54:44 GMT
Server: Apache/1.3.41 (Unix) PHP/5.2.8
Content-Type: text/html
Set-Cookie: tm_key=5417a67471afa; expires=Tue, 16-Sep-2014 14:54:44 GMT; path=/
Set-Cookie: tm_visit=1410836084%257C1; expires=Tue, 16-Sep-2014 14:54:44 GMT; path=/
Set-Cookie: tm_refdomain=deleted; expires=Mon, 16-Sep-2013 02:54:43 GMT; path=/
X-Powered-By: PHP/5.2.8
GET / HTTP/1.1
Host: amateurcurves.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 16 Sep 2014 02:54:44 GMT
Server: Apache/1.3.41 (Unix) PHP/5.2.8
Content-Type: text/html
Set-Cookie: tm_key=5417a67471afa; expires=Tue, 16-Sep-2014 14:54:44 GMT; path=/
Set-Cookie: tm_visit=1410836084%257C1; expires=Tue, 16-Sep-2014 14:54:44 GMT; path=/
Set-Cookie: tm_refdomain=deleted; expires=Mon, 16-Sep-2013 02:54:43 GMT; path=/
X-Powered-By: PHP/5.2.8
Second query (visit from search engine):
GET / HTTP/1.1
Host: amateurcurves.com
Referer: http://www.google.com/search?q=amateurcurves.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: amateurcurves.com
Referer: http://www.google.com/search?q=amateurcurves.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=amateurcurves.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://amateurcurves.com/
Result: amateurcurves.com is not infected or malware details are not published yet.
Result: amateurcurves.com is not infected or malware details are not published yet.