Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=filmssexe.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://filmssexe.net/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: filmssexe.net
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Connection: close
Date: Thu, 18 Sep 2014 21:59:35 GMT
Pragma: no-cache
Server: nginx/1.1.19
Vary: Accept-Encoding
Content-Type: text/html
Set-Cookie: av=Nzg1OTI3Y2FhZTM4NDgxZTlkNmE3MGEzZGI4ZTBmNzN8MHwwfDE0MTEwNzc1NzV8MXx8MQ%3D%3D; path=/
Set-Cookie: faceN=0; expires=Sun, 21-Sep-2014 21:59:35 GMT
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: filmssexe.net
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Connection: close
Date: Thu, 18 Sep 2014 21:59:35 GMT
Pragma: no-cache
Server: nginx/1.1.19
Vary: Accept-Encoding
Content-Type: text/html
Set-Cookie: av=Nzg1OTI3Y2FhZTM4NDgxZTlkNmE3MGEzZGI4ZTBmNzN8MHwwfDE0MTEwNzc1NzV8MXx8MQ%3D%3D; path=/
Set-Cookie: faceN=0; expires=Sun, 21-Sep-2014 21:59:35 GMT
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: filmssexe.net
Referer: http://www.google.com/search?q=filmssexe.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: filmssexe.net
Referer: http://www.google.com/search?q=filmssexe.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://filmssexe.net/ | 200 OK Content-Length: 70075 Content-Type: text/html | clean |
http://adspaces.ero-advertising.com/adspace/312121.js | 200 OK Content-Length: 1550 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/312114.js | 200 OK Content-Length: 1551 Content-Type: application/javascript | clean |
https://ads.exoclick.com/ads.js | 200 OK Content-Length: 401 Content-Type: text/javascript | clean |
http://adspaces.ero-advertising.com/adspace/312115.js | 200 OK Content-Length: 1561 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/312122.js | 200 OK Content-Length: 1554 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/312116.js | 200 OK Content-Length: 1553 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/312117.js | 200 OK Content-Length: 1555 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/312123.js | 200 OK Content-Length: 1554 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/312118.js | 200 OK Content-Length: 1547 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/312119.js | 200 OK Content-Length: 1555 Content-Type: application/javascript | clean |
http://filmssexe.net/link.php?g=3280&cu=aHR0cDovL3ZpZGVvNC50ZWVuZG9yZi5jb20vMDE3LzAwMS8/bmF0cz1zYW5pb2s7MTI3MDpyc2g6dGVlbmRvcmYsMCwwLDAsMjI4MDg=&l=block1 | HTTP/1.1 302 Found Connection: close Date: Thu, 18 Sep 2014 21:59:37 GMT Location: http://video4.teendorf.com/017/001/?nats=saniok;1270:rsh:teendorf,0,0,0,22808 Server: nginx/1.1.19 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Set-Cookie: av=NDA4ZDJlMWU5ZTdkMmNiYmRlY2JiYWRhMjYwOWRjNjF8MXwwfDE0MTEwNzc1Nzd8fHw%3D; path=/ Set-Cookie: avarc=4c1c1411077577cr; expires=Fri, 19-Sep-2014 21:59:37 GMT; path=/ X-Powered-By: PHP/5.2.17 | clean |
http://video4.teendorf.com/017/001/?nats=saniok;1270:rsh:teendorf,0,0,0,22808 | HTTP/1.1 302 Found Connection: close Date: Thu, 18 Sep 2014 21:59:37 GMT Location: http://google.com?nats=saniok%3b1270:rsh:teendorf,0,0,0,22808 Server: nginx Content-Type: text/html; charset=iso-8859-1 | clean |
http://google.com?nats=saniok%3b1270:rsh:teendorf,0,0,0,22808/ | HTTP/1.1 302 Found Cache-Control: private Connection: close Date: Thu, 18 Sep 2014 21:59:37 GMT Location: http://www.google.lt/?gws_rd=cr&ei=yVUbVPi5LcmYPY63gOgN Server: gws Content-Length: 256 Content-Type: text/html; charset=UTF-8 Alternate-Protocol: 80:quic,p=0.002 P3P: CP="This is not a P3P policy! See http://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info." Set-Cookie: PREF=ID=47f4f0226f090b88:FF=0:TM=1411077577:LM=1411077577:S=eK2-9AxAQTZtfBsC; expires=Sat, 17-Sep-2016 21:59:37 GMT; path=/; domain=.google.com Set-Cookie: NID=67=Kh4kF3qmgsvm34uzffO5KEyl957Diyg_dgxYKJzO8GGDSVWBJvChfSunnWK0syD82hTxY_184NUTDF9FRepd5q77HdRL6Nfkh6BYguBqYD0WIv2-vIgwDZb9kRnrRpZK; expires=Fri, 20-Mar-2015 21:59:37 GMT; path=/; domain=.google.com; HttpOnly X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block | clean |
http://www.google.lt/?gws_rd=cr&ei=yvubvpi5lcmypy63gogn | 200 OK Content-Length: 51368 Content-Type: text/html | clean |
https://www.google.lt/webhp?tab=ww | 200 OK Content-Length: 63664 Content-Type: text/html | clean |
https://www.google.lt/imghp?hl=lt&tab=wi | 200 OK Content-Length: 57451 Content-Type: text/html | clean |
https://www.google.lt/webhp?hl=lt&tab=iw | 200 OK Content-Length: 63737 Content-Type: text/html | clean |