Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=cumindaughter.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://cumindaughter.org/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: jrswebdesign.org
Result:
HTTP/1.1 200 OK
Date: Fri, 16 May 2014 20:31:22 GMT
Accept-Ranges: bytes
ETag: "70641173176fcf1:0"
Server: Microsoft-IIS/7.5
Content-Length: 5744
Content-Type: text/html
Last-Modified: Wed, 14 May 2014 01:54:32 GMT
X-Powered-By: ASP.NET
...5744 bytes of data.
GET / HTTP/1.1
Host: jrswebdesign.org
Result:
HTTP/1.1 200 OK
Date: Fri, 16 May 2014 20:31:22 GMT
Accept-Ranges: bytes
ETag: "70641173176fcf1:0"
Server: Microsoft-IIS/7.5
Content-Length: 5744
Content-Type: text/html
Last-Modified: Wed, 14 May 2014 01:54:32 GMT
X-Powered-By: ASP.NET
...5744 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: jrswebdesign.org
Referer: http://www.google.com/search?q=jrswebdesign.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: jrswebdesign.org
Referer: http://www.google.com/search?q=jrswebdesign.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://cumindaughter.org/ | 200 OK Content-Length: 30235 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: little-porn.com <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN" "http://www.w3.org/TR/html4/frameset.dtd">
<html> <head> <script src="http://i3.putags.com/22/21/a2/2221a24121d5d3da19c12137c532e52f.js" type="text/javascript"></script> <title>Cum In Daughter . Daughter Sex Dreams collection!</title> <div class="topperf"> <a class="topperfimg" href="out.php?http://little-porn.com" target="_blank"><img src="/images/cache/77x56/118.92.608536206.jpg" width="77" height="56" title="Amateur taboo uncensrored porn with petite young girls - Perfect naked bodies ready to hot fuck ! Little legal teens 18-19yo, Family taboo anal porn, Crazy nymphets wants big black cock, Young couple on trip recording porn, Nice teen having first sex, Private barely legal sex, Ass hole first fuck, Collection of best young porn sites, ...[3700 bytes skipped]... | ||
http://i3.putags.com/22/21/a2/2221a24121d5d3da19c12137c532e52f.js | 200 OK Content-Length: 5272 Content-Type: application/x-javascript | clean |
http://s7.addthis.com/js/250/addthis_widget.js | 200 OK Content-Length: 6875 Content-Type: text/javascript | clean |
http://cumindaughter.org/hitbot.js | 200 OK Content-Length: 37 Content-Type: text/html | clean |
http://cumindaughter.org/test404page.js | HTTP/1.1 404 Not Found Connection: close Date: Fri, 19 Sep 2014 23:10:26 GMT Server: Apache Content-Length: 269 Content-Type: text/html; charset=UTF-8 | malicious |
http://taboo.cc/exit | HTTP/1.1 200 OK Connection: close Date: Fri, 19 Sep 2014 23:10:27 GMT Server: Apache Content-Type: text/html; charset=UTF-8 | clean |
http://taboo.cc/video/26411/two_vicious_nymphs_fuck_in_the_riverbed | 200 OK Content-Length: 91793 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: i11egalpussy.com <!-- hitslap.com redirect code begin -->
<script src=http://hitslap.com/show.php?u=9&type=redirect&traffic=mobile></script> <!-- hitslap.com redirect code end --> <script type="text/javascript" src="http://banners.alt.com/go/page/js_im_box_v2?lang=english&plain_text=1&skip_lpo=1&delay=1&size=square250&align=left&find_sex=2&looking_for_person=1&photo=3&explicit=1&no ...[4366 bytes skipped]... | ||
http://hitslap.com/show.php?u=9&type=redirect&traffic=mobile | 200 OK Content-Length: 124 Content-Type: text/html | clean |
http://hitslap.com/show.php?u=9&type=redirect&traffic=mobile'+'&r='+Math.random()+' | 200 OK Content-Length: 147 Content-Type: text/html | clean |
http://hitslap.com/show.php?u=9&type=redirect&traffic=mobile'+'&r='+Math.random()+''+'&r='+Math.random()+' | 200 OK Content-Length: 170 Content-Type: text/html | clean |
http://hitslap.com/show.php?u=9&type=redirect&traffic=mobile'+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+' | 200 OK Content-Length: 193 Content-Type: text/html | clean |
http://hitslap.com/show.php?u=9&type=redirect&traffic=mobile'+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+' | 200 OK Content-Length: 216 Content-Type: text/html | clean |
http://hitslap.com/show.php?u=9&type=redirect&traffic=mobile'+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+' | 200 OK Content-Length: 239 Content-Type: text/html | clean |
http://hitslap.com/show.php?u=9&type=redirect&traffic=mobile'+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+' | 200 OK Content-Length: 262 Content-Type: text/html | clean |
http://hitslap.com/show.php?u=9&type=redirect&traffic=mobile'+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+' | 200 OK Content-Length: 285 Content-Type: text/html | clean |
http://hitslap.com/show.php?u=9&type=redirect&traffic=mobile'+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+' | 200 OK Content-Length: 308 Content-Type: text/html | clean |
http://hitslap.com/show.php?u=9&type=redirect&traffic=mobile'+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+''+'&r='+Math.random()+' | 200 OK Content-Length: 331 Content-Type: text/html | clean |