Scanned pages/files
Request | Server response | Status |
http://dirtyxxxtube.com/ | 200 OK Content-Length: 122551 Content-Type: text/html | clean |
http://dirtyxxxtube.com/hdr.js | 200 OK Content-Length: 1422 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/325161.js | 200 OK Content-Length: 1245 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/177854.js | 200 OK Content-Length: 1249 Content-Type: application/javascript | clean |
http://static.clickpapa.com/c.js | 200 OK Content-Length: 5559 Content-Type: application/x-javascript | suspicious |
Suspicious code. Script contains iFrame. (function ()
{ var dc = { id: 0, width: 0, height: 0, client: 0 }; var codes_domain = 'www.clickpapa.com'; dv = function(option) { var option_name = "clickpapa_ad_"+option; if (window[option_name] != undefined && window[option_name] != "") return window[option_name]; else return dc[option_name]; }; if(window.ClickPapa == und ...[4047 bytes skipped]... Decoded script: <iframe src='http://www.clickpapa.com/d.php?&id=undefined&client=undefined&keywords="My Title"&count=1&screen_size="undefinedxundefined"&browser="Netscape-4"&OS="Windows XP"&lang="undefined"&cookie="true"' frameborder='0' scrolling='no' name='cft-1' id='cft-1' width='undefined' height='undefined'></iframe> | ||
http://dirtyxxxtube.com/cgi-bin/a2/out.cgi?id=312&l=toplisttop&u=http://moviemo.com/ | HTTP/1.1 302 Found Connection: close Date: Thu, 08 Jan 2015 05:11:36 GMT Location: http://moviemo.com/ Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny3 with Suhosin-Patch Vary: Accept-Encoding Content-Length: 322 Content-Type: text/html; charset=iso-8859-1 | clean |
http://moviemo.com/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 08 Jan 2015 05:11:37 GMT Location: http://moviemo.com/main.shtml Server: Apache/2.4.10 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.4.31 | clean |
http://moviemo.com/main.shtml | 200 OK Content-Length: 257143 Content-Type: text/html | clean |
http://moviemo.com/fx_html/preview.html | 200 OK Content-Length: 46986 Content-Type: text/html | clean |
http://moviemo.com/fx_html/../fx_html/amateur_1.html | 200 OK Content-Length: 168244 Content-Type: text/html | clean |
http://moviemo.com/fx_html/amateur_2.html | 200 OK Content-Length: 194016 Content-Type: text/html | clean |
http://moviemo.com/fx_html/amateur_1.html | 200 OK Content-Length: 168244 Content-Type: text/html | clean |
http://moviemo.com/fx_html/amateur_3.html | 200 OK Content-Length: 170970 Content-Type: text/html | clean |
http://moviemo.com/fx_html/amateur_4.html | 200 OK Content-Length: 190912 Content-Type: text/html | clean |
http://moviemo.com/fx_html/amateur_5.html | 200 OK Content-Length: 197390 Content-Type: text/html | clean |
http://moviemo.com/fx_html/amateur_6.html | 200 OK Content-Length: 199027 Content-Type: text/html | clean |
http://moviemo.com/fx_html/amateur_7.html | 200 OK Content-Length: 202930 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: dirtyxxxtube.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 08 Jan 2015 05:11:32 GMT
Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny3 with Suhosin-Patch
Vary: Accept-Encoding
Content-Type: text/html
X-Powered-By: PHP/5.2.6-1+lenny3
GET / HTTP/1.1
Host: dirtyxxxtube.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 08 Jan 2015 05:11:32 GMT
Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny3 with Suhosin-Patch
Vary: Accept-Encoding
Content-Type: text/html
X-Powered-By: PHP/5.2.6-1+lenny3
Second query (visit from search engine):
GET / HTTP/1.1
Host: dirtyxxxtube.com
Referer: http://www.google.com/search?q=dirtyxxxtube.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: dirtyxxxtube.com
Referer: http://www.google.com/search?q=dirtyxxxtube.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=dirtyxxxtube.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://dirtyxxxtube.com/
Result: dirtyxxxtube.com is not infected or malware details are not published yet.
Result: dirtyxxxtube.com is not infected or malware details are not published yet.