Scanned pages/files
Request | Server response | Status |
http://bokepzterbaru.xtgem.com/ | HTTP/1.1 200 OK Connection: close Date: Thu, 19 Feb 2015 10:10:35 GMT Via: 1.1 varnish Accept-Ranges: bytes Age: 0 Vary: Host,Accept-Encoding Content-Length: 1113 Content-Type: text/html; charset=UTF-8 P3P: CP="Not supported" Refresh: 5; url=http://bokepzterbaru.sextgem.com/ Set-Cookie: XT_transfer_interstitial=1; expires=Fri, 20-Feb-2015 10:10:35 GMT; path=/; domain=.bokepzterbaru.xtgem.com X-Varnish: 694921048 | clean |
http://bokepzterbaru.sextgem.com/ | 200 OK Content-Length: 29896 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 0x0 style: hidden src: http://colmek.sextgem.com <iframe src="http://colmek.sextgem.com" width="0px"
height="0px" style="display:none"> Hidden iFrame found. size: 0x0 style: hidden src: http://enif.images.xtstatic.com/tp.gif <iframe src="http://enif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> Hidden iFrame found. size: 0x0 style: hidden src: http://disif.images.xtstatic.com/tp.gif <iframe src="http://disif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> Hidden iFrame found. size: 0x0 style: hidden src: http://nojsif.images.xtstatic.com/tp.gif <iframe src="http://nojsif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> Hidden iFrame found. size: 0x0 style: hidden src: http://cif.images.xtstatic.com/tp.gif <iframe src="http://cif.images.xtstatic.com/tp.gif" style="height: 0px;width: 0px;background-color: transparent;border: 0px none transparent;padding: 0px;overflow: hidden;display: none;visibility: hidden;"> | ||
http://connect.facebook.net/en_US/all.js | 200 OK Content-Length: 161933 Content-Type: application/x-javascript | clean |
http://admaster.union.ucweb.com/js/union_html5_sdk.js | 200 OK Content-Length: 13726 Content-Type: application/javascript | clean |
http://awap4dollar.com/ad/codex/?id=gzbbr9cmda | 500 Can't connect to awap4dollar.com:80 Content-Length: 190 Content-Type: text/plain | clean |
http://awap4dollar.com/test404page.js | 500 Can't connect to awap4dollar.com:80 Content-Length: 190 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: bokepzterbaru.xtgem.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 19 Feb 2015 10:10:35 GMT
Via: 1.1 varnish
Accept-Ranges: bytes
Age: 0
Vary: Host,Accept-Encoding
Content-Length: 1113
Content-Type: text/html; charset=UTF-8
P3P: CP="Not supported"
Refresh: 5; url=http://bokepzterbaru.sextgem.com/
Set-Cookie: XT_transfer_interstitial=1; expires=Fri, 20-Feb-2015 10:10:35 GMT; path=/; domain=.bokepzterbaru.xtgem.com
X-Varnish: 694921048
...1113 bytes of data.
GET / HTTP/1.1
Host: bokepzterbaru.xtgem.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 19 Feb 2015 10:10:35 GMT
Via: 1.1 varnish
Accept-Ranges: bytes
Age: 0
Vary: Host,Accept-Encoding
Content-Length: 1113
Content-Type: text/html; charset=UTF-8
P3P: CP="Not supported"
Refresh: 5; url=http://bokepzterbaru.sextgem.com/
Set-Cookie: XT_transfer_interstitial=1; expires=Fri, 20-Feb-2015 10:10:35 GMT; path=/; domain=.bokepzterbaru.xtgem.com
X-Varnish: 694921048
...1113 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: bokepzterbaru.xtgem.com
Referer: http://www.google.com/search?q=bokepzterbaru.xtgem.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: bokepzterbaru.xtgem.com
Referer: http://www.google.com/search?q=bokepzterbaru.xtgem.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bokepzterbaru.xtgem.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bokepzterbaru.xtgem.com/
Result: bokepzterbaru.xtgem.com is not infected or malware details are not published yet.
Result: bokepzterbaru.xtgem.com is not infected or malware details are not published yet.