Scanned pages/files
| Request | Server response | Status |
http://diretoriadosexo.com/ | 200 OK Content-Length: 38863 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: x3.xclicks.net ...[1000 bytes skipped]... /css" href="/css/style.css" /> <!--[if IE 6]> <link rel="stylesheet" href="/css/ie6.css" type="text/css" media="screen" /> <![endif]--> <script type="text/javascript" src="/js/java.js"></script> <script type="text/javascript" src="/js/xclicks.js"></script> <script language="JavaScript" src="http://x3.xclicks.net/js/x4228.js"></script> </head> <body> <div id="wrapper"> <div id="header"> <a href="http://www.diretoriadosexo.com" title="Diretoria do Sexo"></a> <p><strong>Seja Bem Vindo ao <span class="yl">Diretoria</span>do<span class="gy">Sexo</span>!</strong> Mande suas fotos para nosso e-mail.<br />Envie pelo menos ...[2910 bytes skipped]... | ||
http://diretoriadosexo.com/js/java.js | 200 OK Content-Length: 4341 Content-Type: text/javascript | clean |
http://diretoriadosexo.com/js/xclicks.js | 200 OK Content-Length: 1858 Content-Type: text/javascript | malicious |
Malicious code found. Script contains blacklisted domain: x3.xclicks.net et="Mais Putaria Aqui"; el="http://x3.xclicks.net/sc/out.php?s=4228"
sl=new Array(); sh=new Array(); st=new Array();thpm=new Array(); sn=new Array(); ns=new Array(); sd=new Array(); th=new Array(); a="</a>"; af="<a target='_blank' "; ps="<img border='0' src=thumbs/"; function dw(n) {document.write(n,"\n");} function showLink(n,s,b){if (!s){s='anc'} if (!b){b=''} else {b="&b="+b} ast =af+" class='"+s+"' href='"+el; n=n-1; if (sl[n]& ...[1509 bytes skipped]... | ||
http://x3.xclicks.net/js/x4228.js | 200 OK Content-Length: 74 Content-Type: application/x-javascript | clean |
http://adspaces.ero-advertising.com/adspace/30952.js | 200 OK Content-Length: 1566 Content-Type: application/javascript | clean |
http://st1.freeonlineusers.com/on3.php?id=210163 | 200 OK Content-Length: 21 Content-Type: text/html | clean |
http://st1.freeonlineusers.com/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://adspaces.ero-advertising.com/adspace/60927.js | 200 OK Content-Length: 755 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: diretoriadosexo.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 15 Sep 2014 19:30:27 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=f2r1toohsk6pip7u3k3441st63; path=/
X-Powered-By: PleskLin
GET / HTTP/1.1
Host: diretoriadosexo.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 15 Sep 2014 19:30:27 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=f2r1toohsk6pip7u3k3441st63; path=/
X-Powered-By: PleskLin
Second query (visit from search engine):
GET / HTTP/1.1
Host: diretoriadosexo.com
Referer: http://www.google.com/search?q=diretoriadosexo.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: diretoriadosexo.com
Referer: http://www.google.com/search?q=diretoriadosexo.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=diretoriadosexo.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://diretoriadosexo.com/
Result: diretoriadosexo.com is not infected or malware details are not published yet.
Result: diretoriadosexo.com is not infected or malware details are not published yet.