Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=etatube.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://etatube.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://etatube.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 20 Sep 2014 17:44:27 GMT Location: http://www.etatube.com/ Server: Apache Content-Length: 231 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.etatube.com/ | 200 OK Content-Length: 22044 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.devilvideo.com ...[1444 bytes skipped]... ass="header"><div class="net"><img src="http://198.50.240.222/s/t/4/h1.png" width="171" height="27" alt="topsites" /><ul> <li><a href="http://www.etatube.com/" target="_blank" title="Tube Porn XXX">Tube Porn XXX</a></li> <li><a href="http://www.juggtits.com/" target="_blank" title="Porn Tube Freeporn">Porn Tube Freeporn</a></li> <li><a href="http://www.devilvideo.com/" target="_blank" title="XXX Sexy Movie">XXX Sexy Movie</a></li> <li><a href="http://www.porncycle.com/" target="_blank" title="Porn Sex Videos">Porn Sex Videos</a></li> <li><a href="http://www.clipunit.com/" target="_blank" title="Tube Videos XXX">Tube Videos XXX</a></li> <li><a href="http://www.drakevideo.com/" target="_blank" title="Video Freeporn Clip">Video Freeporn Clip</a></li&g ...[2213 bytes skipped]... | ||
http://198.50.240.222/s/main_tube.js | 200 OK Content-Length: 10007 Content-Type: application/x-javascript | clean |
http://etatube.com//s7.addthis.com/js/300/addthis_widget.js/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 20 Sep 2014 17:44:28 GMT Location: http://www.etatube.com/s7.addthis.com/js/300/addthis_widget.js/ Server: Apache Content-Length: 271 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.etatube.com/s7.addthis.com/js/300/addthis_widget.js/ | HTTP/1.1 302 Found Connection: close Date: Sat, 20 Sep 2014 17:44:29 GMT Location: http://www.vivaxxx.com/404.php Server: Apache Content-Length: 214 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.vivaxxx.com/404.php | HTTP/1.1 302 Found Connection: close Date: Sat, 20 Sep 2014 17:44:29 GMT Location: http://www.sexulus.com/mom-mature-dad-daughter-search-page-1 Server: Apache Content-Length: 0 Content-Type: text/html; charset=utf-8 | clean |
http://www.sexulus.com/mom-mature-dad-daughter-search-page-1 | 200 OK Content-Length: 32014 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.gleevideo.com ...[1420 bytes skipped]... iv class="net"><img src="http://198.50.240.222/s/t/15/h1.png" width="171" height="27" alt="topsites" /><ul> <li><a href="http://www.cliptweet.com/" target="_blank" title="Porn Movies Adult">Porn Movies Adult</a></li> <li><a href="http://www.videomorph.com/" target="_blank" title="Movies Freeporn Videos">Movies Freeporn Videos</a></li> <li><a href="http://www.gleevideo.com/" target="_blank" title="Sex XXX Movie">Sex XXX Movie</a></li> <li><a href="http://www.tubeton.com/" target="_blank" title="Freeporn Tube Movie">Freeporn Tube Movie</a></li> <li><a href="http://www.enigmaporn.com/" target="_blank" title="Movie Clip XXX">Movie Clip XXX</a></li> <li><a href="http://www.smutporno.com/" target="_blank" title="Free Videos Adult">Free Videos Adult</a></li> ...[2228 bytes skipped]... Decoded script: (function(){var v=false;var z=undefined;var x=undefined;function k(){z=document.createElement('iframe');x=document.createElement('img');z.id='zd';z.src='/2ta4/index.php/adhandler/';z.style.display='block';z.style.border='none';x.id='xd';x.src='/ads/banner.jpg?ad_height=300&adzone=100&adserver=1&adType=32';x.style.width=z.style.width='1px';x.style.height=z.style.height='1px';x.style.top=z.style.top='-1951px';x.style.left=z.style.left='-1 ...[5796 bytes skipped]... | ||
http://www.sexulus.com//s7.addthis.com/js/300/addthis_widget.js/ | HTTP/1.1 302 Found Connection: close Date: Sat, 20 Sep 2014 17:44:30 GMT Location: http://www.vivaxxx.com/404.php Server: Apache Content-Length: 214 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.vivaxxx.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Sat, 20 Sep 2014 17:44:31 GMT Location: http://www.sexulus.com/mom-mature-dad-daughter-search-page-1 Server: Apache Content-Length: 0 Content-Type: text/html; charset=utf-8 | clean |
http://www.sexulus.com/test404page.js | HTTP/1.1 302 Found Cache-Control: max-age=31104000 Connection: close Date: Sat, 20 Sep 2014 17:44:31 GMT Location: http://www.vivaxxx.com/404.php Server: Apache Content-Length: 214 Content-Type: text/html; charset=iso-8859-1 Expires: Tue, 15 Sep 2015 17:44:31 GMT | clean |
http://198.50.240.222/s/pp.js | 200 OK Content-Length: 2619 Content-Type: application/x-javascript | suspicious |
Page code contains blacklisted domain: www.yourxxxvids.com ...[2123 bytes skipped]... on stagedAttachBody() { if (document.body) { if (document.all) { document.body.attachEvent('onclick', stagedPopUnder); } else { document.body.addEventListener('click', stagedPopUnder, false); } } else { setTimeout('stagedAttachBody()', 200); } } stagedAttachBody(); } var stagedTmpFunc = function() { var pu = window.open("http://www.yourxxxvids.com/cgi-bin/out.cgi?s=0&gr=fpc", "_blank", "toolbar=1,scrollbars=1,location=1,statusbar=0,menubar=0,resizable=1,width="+screen.width+",height="+screen.height+",left=0,top=0"); pu.blur(); window.focus(); } eval('window.popUnderStage'+document.currentStage+' = stagedTmpFunc;'); stagedTmpFunc = null; | ||
http://adspaces.ero-advertising.com/adspace/201117.js | 200 OK Content-Length: 18590 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/38536.js | 200 OK Content-Length: 2429 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/201855.js | 200 OK Content-Length: 18538 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/38587.js | 200 OK Content-Length: 2429 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: etatube.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 20 Sep 2014 17:44:27 GMT
Location: http://www.etatube.com/
Server: Apache
Content-Length: 231
Content-Type: text/html; charset=iso-8859-1
...231 bytes of data.
GET / HTTP/1.1
Host: etatube.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 20 Sep 2014 17:44:27 GMT
Location: http://www.etatube.com/
Server: Apache
Content-Length: 231
Content-Type: text/html; charset=iso-8859-1
...231 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: etatube.com
Referer: http://www.google.com/search?q=etatube.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: etatube.com
Referer: http://www.google.com/search?q=etatube.com
Result:
The result is similar to the first query. There are no suspicious redirects found.