Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=free-xxx.biz
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: free-xxx.biz
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Connection: close
Date: Mon, 15 Sep 2014 21:07:25 GMT
Pragma: no-cache
Server: nginx/1.1.19
Vary: Accept-Encoding
Content-Type: text/html
Set-Cookie: yaw=ODlmZDFlZDNlYjhiNmM0OWZiMTM4NmNiNjY5Nzk1Mjd8MHwwfDE0MTA4MTUyNDV8MXx8MQ%3D%3D; path=/; domain=.free-xxx.biz
Set-Cookie: faceN=0; expires=Thu, 18-Sep-2014 21:07:25 GMT
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: free-xxx.biz
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate
Connection: close
Date: Mon, 15 Sep 2014 21:07:25 GMT
Pragma: no-cache
Server: nginx/1.1.19
Vary: Accept-Encoding
Content-Type: text/html
Set-Cookie: yaw=ODlmZDFlZDNlYjhiNmM0OWZiMTM4NmNiNjY5Nzk1Mjd8MHwwfDE0MTA4MTUyNDV8MXx8MQ%3D%3D; path=/; domain=.free-xxx.biz
Set-Cookie: faceN=0; expires=Thu, 18-Sep-2014 21:07:25 GMT
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: free-xxx.biz
Referer: http://www.google.com/search?q=free-xxx.biz
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: free-xxx.biz
Referer: http://www.google.com/search?q=free-xxx.biz
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://free-xxx.biz/ | 200 OK Content-Length: 75946 Content-Type: text/html | clean |
http://syndication.exoclick.com/ads.php?type=300x250&login=wbd&cat=139&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=852976&idsite=275192 | 200 OK Content-Length: 642 Content-Type: text/javascript | clean |
http://adspaces.ero-advertising.com/adspace/289715.js | 200 OK Content-Length: 1571 Content-Type: application/javascript | clean |
https://ads.exoclick.com/ads.js | 200 OK Content-Length: 401 Content-Type: text/javascript | clean |
http://adspaces.ero-advertising.com/adspace/289716.js | 200 OK Content-Length: 1569 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/289813.js | 200 OK Content-Length: 1814 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/289718.js | 200 OK Content-Length: 1578 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/296437.js | 200 OK Content-Length: 1816 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/296438.js | 200 OK Content-Length: 1822 Content-Type: application/javascript | clean |
http://free-xxx.biz/link.php?g=69913&cu=aHR0cDovL2dhbGxlcmllczIuYWR1bHQtZW1waXJlLmNvbS85MzQ4LzY1NjI3MS8zMzIvaW5kZXgucGhw&l=block1 | HTTP/1.1 302 Found Connection: close Date: Mon, 15 Sep 2014 21:07:26 GMT Location: http://galleries2.adult-empire.com/9348/656271/332/index.php Server: nginx/1.1.19 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Set-Cookie: yaw=ZTE1OTYyYTNiZThjZmY3MzBjODE2ZTVlYjFkOGE2N2F8MXwwfDE0MTA4MTUyNDZ8fHw%3D; path=/; domain=.free-xxx.biz X-Powered-By: PHP/5.2.17 | clean |
http://galleries2.adult-empire.com/9348/656271/332/index.php | 200 OK Content-Length: 11725 Content-Type: text/html | clean |
http://galleries2.adult-empire.com/93/9348//aug2012/016/originalimages/nerd_girlfriends_240.jpg | 200 OK Content-Length: 54274 Content-Type: image/jpeg | clean |
http://galleries2.adult-empire.com/test404page.js | 404 Not Found Content-Length: 13 Content-Type: text/html | clean |
http://free-xxx.biz/link.php?g=109925&cu=aHR0cDovL3JlZGlyZWN0LmVyby1hZHZlcnRpc2luZy5jb20vc3BlZWRjbGlja3MvaW4ucGhwP3BpZD01OTM5OSZzcGFjZWlkPTI4OTcyMCZyZXR1cm51cmw9aHR0cDovL21vbS1zZXgubmV0Lw==&l=block1 | HTTP/1.1 302 Found Connection: close Date: Mon, 15 Sep 2014 21:07:28 GMT Location: http://redirect.ero-advertising.com/speedclicks/in.php?pid=59399&spaceid=289720&returnurl=http://mom-sex.net/ Server: nginx/1.1.19 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Set-Cookie: yaw=MWI2YjNjZDhjZWZkYWU0YThkNGU0MjRlYWZjZGZlNmZ8MXwwfDE0MTA4MTUyNDh8fHw%3D; path=/; domain=.free-xxx.biz X-Powered-By: PHP/5.2.17 | clean |
http://redirect.ero-advertising.com/speedclicks/in.php?pid=59399&spaceid=289720&returnurl=http://mom-sex.net/ | 200 OK Content-Length: 829 Content-Type: text/html | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js | 200 OK Content-Length: 78601 Content-Type: text/javascript | clean |
http://free-xxx.biz/link.php?g=80471&cu=aHR0cDovL2dhbGxlcmllczIuYWR1bHQtZW1waXJlLmNvbS85NjI4LzUzMTA3My8zMzIvaW5kZXgucGhw&l=block1 | HTTP/1.1 302 Found Connection: close Date: Mon, 15 Sep 2014 21:07:29 GMT Location: http://galleries2.adult-empire.com/9628/531073/332/index.php Server: nginx/1.1.19 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html Set-Cookie: yaw=N2ZkMGYzMzY0MjdjNDdhNjg3OTA2YWI5ZTZkZGQ2YTF8MXwwfDE0MTA4MTUyNDl8fHw%3D; path=/; domain=.free-xxx.biz X-Powered-By: PHP/5.2.17 | clean |
http://galleries2.adult-empire.com/9628/531073/332/index.php | 200 OK Content-Length: 6906 Content-Type: text/html | clean |