Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=dildo-huren.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://dildo-huren.com/ | 200 OK Content-Length: 41863 Content-Type: text/html | clean |
http://s1x.slimtrade.com/s1711.js | 200 OK Content-Length: 4149 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: empflix-porno.com eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('e l=w N("2u-2w.m (0)","1E.m (0)","1T (0)");e B=w N("q://2j-1H.m","q://1E.m","q://2a-1H.m");e Y=w N("27,1e,2K","36,J,3c","X,1a,P","3r,1g,30","11,29,25","H,J,24","1a,30,15","3,12,9","x,33,9","30,37,9","7,25,6","13,17,4","15,23,3","5,13,3","6, ...[3711 bytes skipped]... Decoded script: var stTrName=new Array("empflix-porno.com (0)","erotikalarm.com (0)","Tube8 (0)");var stTrUrl=new Array("http://empflix-porno.com","http://erotikalarm.com","http://tube8-porno.com");var stTrValues=new Array("27,94,102","36,49,64","60,69,45","103,59,30","11,29,25","43,49,24","69,30,15","3,12,9","47,33,9","30,37,9","7,25,6","13,17,4","15,23,3","5,13,3","6,11,2","11,20,2","24,43,2","9,21,2","16,21,1","1,3,1","3,6,1","1,15,1","17,20,1","4,21,1","2,9,1","1,8,0","27,9,0","8,9,0","5,9 ...[7822 bytes skipped]... | ||
http://dildo-huren.com/media/js/jquery-1.5.2.min.js | 200 OK Content-Length: 85939 Content-Type: application/javascript | clean |
http://www.google.com/recaptcha/api/js/recaptcha_ajax.js | 200 OK Content-Length: 115874 Content-Type: text/javascript | clean |
http://dildo-huren.com/media/js/global.js?t=30308 | 200 OK Content-Length: 21743 Content-Type: application/javascript | clean |
http://timteen.com/parx/parx.php?s=1711 | 200 OK Content-Length: 334 Content-Type: text/javascript | clean |
http://slimspread.com/adspace.php?a=th | 200 OK Content-Length: 39 Content-Type: text/html | clean |
http://slimspread.com/test404page.js | 404 Not Found Content-Length: 345 Content-Type: text/html | clean |
http://slimspread.com/adspace.php?a=b300x250&n=0 | 200 OK Content-Length: 39 Content-Type: text/html | clean |
http://slimspread.com/adspace.php?a=b300x250&n=1 | 200 OK Content-Length: 39 Content-Type: text/html | clean |
http://slimspread.com/adspace.php?a=pu&n=0 | 200 OK Content-Length: 39 Content-Type: text/html | clean |
http://slimspread.com/adspace.php?a=pu&n=1 | 200 OK Content-Length: 39 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: dildo-huren.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 18 Sep 2014 19:41:30 GMT
Pragma: no-cache
Server: lighttpd/1.4.28
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=kfo6fpa4u3h68hfhtr9rgg4ee6; path=/
X-Powered-By: PHP/5.3.3-7+squeeze14
GET / HTTP/1.1
Host: dildo-huren.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Thu, 18 Sep 2014 19:41:30 GMT
Pragma: no-cache
Server: lighttpd/1.4.28
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=kfo6fpa4u3h68hfhtr9rgg4ee6; path=/
X-Powered-By: PHP/5.3.3-7+squeeze14
Second query (visit from search engine):
GET / HTTP/1.1
Host: dildo-huren.com
Referer: http://www.google.com/search?q=dildo-huren.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: dildo-huren.com
Referer: http://www.google.com/search?q=dildo-huren.com
Result:
The result is similar to the first query. There are no suspicious redirects found.