Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bestxxx.info
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bestxxx.info/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://bestxxx.info/ | 200 OK Content-Length: 78374 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: amateursex18.com ...[1960 bytes skipped]... el="canonical" href="http://bestxxx.info/" /> <meta property="og:locale" content="en_US" /> <meta property="og:type" content="website" /> <meta property="og:title" content="BestXXX - Free Porn Links" /> <meta property="og:url" content="http://bestxxx.info/" /> <meta gin-right:2px;"></p> <p align="center" style="margin-top:0px; margin-bottom:0px;"> <a href="http://amateursex18.com/amateur-amateursex18/loves-cock-cum-face/" target="_blank"><img src="http://pornxxxlink.com/left.jpg" alt="AMATEUR SEX 18" longdesc="HOT PORN"></a> <p align="right" style="margin-top:0px; margin-bottom:0px; margin-left:2px; margin-right:2px;"><a href="#" onClick="closebar2(); return false"><strong><font color="#000000" size="2" face="Verdana, Arial, Helvetica, sans-serif">Close [X]</font></strong></a></p> </ ...[2042 bytes skipped]... | ||
http://adspaces.ero-advertising.com/adspace/314279.js | 200 OK Content-Length: 0 Content-Type: application/javascript | clean |
http://bestxxx.info/wp-content/themes/adultvideo-01-red/js/jquery.tools.min.js | 200 OK Content-Length: 137839 Content-Type: application/javascript | clean |
http://bestxxx.info/wp-content/themes/adultvideo-01-red/js/init.js | 200 OK Content-Length: 537 Content-Type: application/javascript | clean |
https://ads.exoclick.com/ads.js | 200 OK Content-Length: 401 Content-Type: text/javascript | clean |
http://bestxxx.info/ads1.js | 200 OK Content-Length: 2678 Content-Type: application/javascript | clean |
http://bestxxx.info/popunder.js | 200 OK Content-Length: 1902 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ...[1489 bytes skipped]... document.attachEvent( 'onclick', checkTarget ); } else if ( document.addEventListener ) { document.addEventListener( 'click', checkTarget, false ); } } function checkTarget(e) { if ( !getCookie('popundr') ) { var e = e || window.event; var win = doOpen('http://amateursex18.com/hotvideo.html'); setCookie('popundr', 1, 24*60*60*1000); } } initPu(); Antivirus reports:
| ||
http://ads.juicyads.com/jsclients/jac.js | 200 OK Content-Length: 91344 Content-Type: application/x-javascript | clean |
http://adspaces.ero-advertising.com/adspace/314280.js | 200 OK Content-Length: 1278 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/314281.js | 200 OK Content-Length: 18619 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/316933.js | 200 OK Content-Length: 2432 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/314282.js | 200 OK Content-Length: 1434 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/314283.js | 200 OK Content-Length: 1428 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/314284.js | 200 OK Content-Length: 1433 Content-Type: application/javascript | clean |
http://ads.adxpansion.com/public/js/showads.php?zone_id=140948&ver=1 | 200 OK Content-Length: 2762 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: bestxxx.info
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 06 Oct 2014 04:08:33 GMT
Server: nginx/1.6.2
Vary: Cookie
Content-Type: text/html; charset=UTF-8
X-Pingback: http://bestxxx.info/xmlrpc.php
GET / HTTP/1.1
Host: bestxxx.info
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 06 Oct 2014 04:08:33 GMT
Server: nginx/1.6.2
Vary: Cookie
Content-Type: text/html; charset=UTF-8
X-Pingback: http://bestxxx.info/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: bestxxx.info
Referer: http://www.google.com/search?q=bestxxx.info
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: bestxxx.info
Referer: http://www.google.com/search?q=bestxxx.info
Result:
The result is similar to the first query. There are no suspicious redirects found.