Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=hardconia.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://hardconia.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://hardconia.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 20 Sep 2014 19:28:29 GMT Location: http://www.hardconia.com/ Server: Apache Content-Length: 233 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.hardconia.com/ | 200 OK Content-Length: 21838 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.flickgang.com ...[1235 bytes skipped]... "brand_left"><div align="right"><div class="thumb_i_b5"></div></div></div> <div id="brand_right" class="brand_right"><div align="left"><div class="thumb_i_b6"></div></div></div> <div class="header"><div class="net"><img src="http://198.50.240.222/s/t/7/h1.png" width="171" height="27" alt="topsites" /><ul> <li><a href="http://www.flickgang.com/" target="_blank" title="Sex Adult Video">Sex Adult Video</a></li> <li><a href="http://www.cliptemple.com/" target="_blank" title="Adult XXX Movie">Adult XXX Movie</a></li> <li><a href="http://www.sexulus.com/" target="_blank" title="Free Tube">Free Tube</a></li> <li><a href="http://www.insidertube.com/" target="_blank" title="Adult Sexy Video">Adult Sexy Video</a></li> <li&g ...[2407 bytes skipped]... | ||
http://198.50.240.222/s/main_tube.js | 200 OK Content-Length: 10007 Content-Type: application/x-javascript | clean |
http://hardconia.com//s7.addthis.com/js/300/addthis_widget.js/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 20 Sep 2014 19:28:30 GMT Location: http://www.hardconia.com/s7.addthis.com/js/300/addthis_widget.js/ Server: Apache Content-Length: 273 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.hardconia.com/s7.addthis.com/js/300/addthis_widget.js/ | HTTP/1.1 302 Found Connection: close Date: Sat, 20 Sep 2014 19:28:30 GMT Location: http://www.vivaxxx.com/404.php Server: Apache Content-Length: 214 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.vivaxxx.com/404.php | HTTP/1.1 302 Found Connection: close Date: Sat, 20 Sep 2014 19:28:31 GMT Location: http://www.sexulus.com/mom-mature-dad-daughter-search-page-1 Server: Apache Content-Length: 0 Content-Type: text/html; charset=utf-8 | clean |
http://www.sexulus.com/mom-mature-dad-daughter-search-page-1 | 200 OK Content-Length: 31968 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.tubeclan.com ...[1134 bytes skipped]... "brand_left"><div align="right"><div class="thumb_i_b5"></div></div></div> <div id="brand_right" class="brand_right"><div align="left"><div class="thumb_i_b6"></div></div></div> <div class="header"><div class="net"><img src="http://198.50.240.222/s/t/15/h1.png" width="171" height="27" alt="topsites" /><ul> <li><a href="http://www.tubeclan.com/" target="_blank" title="Tube Sexy XXX">Tube Sexy XXX</a></li> <li><a href="http://www.swooptube.com/" target="_blank" title="Video Porn Clip">Video Porn Clip</a></li> <li><a href="http://www.hardconia.com/" target="_blank" title="Free Video Porn">Free Video Porn</a></li> <li><a href="http://www.xtwist.com/" target="_blank" title="Videos Porn XXX">Videos Porn XXX</a></li> <li& ...[2513 bytes skipped]... Decoded script: (function(){var v=false;var z=undefined;var x=undefined;function k(){z=document.createElement('iframe');x=document.createElement('img');z.id='zd';z.src='/2ta4/index.php/adhandler/';z.style.display='block';z.style.border='none';x.id='xd';x.src='/ads/banner.jpg?ad_height=300&adzone=100&adserver=1&adType=32';x.style.width=z.style.width='1px';x.style.height=z.style.height='1px';x.style.top=z.style.top='-1951px';x.style.left=z.style.left='-1 ...[5796 bytes skipped]... | ||
http://www.sexulus.com//s7.addthis.com/js/300/addthis_widget.js/ | HTTP/1.1 302 Found Connection: close Date: Sat, 20 Sep 2014 19:28:31 GMT Location: http://www.vivaxxx.com/404.php Server: Apache Content-Length: 214 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.vivaxxx.com/test404page.js | HTTP/1.1 302 Found Connection: close Date: Sat, 20 Sep 2014 19:28:32 GMT Location: http://www.sexulus.com/mom-mature-dad-daughter-search-page-1 Server: Apache Content-Length: 0 Content-Type: text/html; charset=utf-8 | clean |
http://www.sexulus.com/test404page.js | HTTP/1.1 302 Found Cache-Control: max-age=31104000 Connection: close Date: Sat, 20 Sep 2014 19:28:32 GMT Location: http://www.vivaxxx.com/404.php Server: Apache Content-Length: 214 Content-Type: text/html; charset=iso-8859-1 Expires: Tue, 15 Sep 2015 19:28:32 GMT | clean |
http://198.50.240.222/s/pp.js | 200 OK Content-Length: 2619 Content-Type: application/x-javascript | suspicious |
Page code contains blacklisted domain: www.yourxxxvids.com ...[2123 bytes skipped]... on stagedAttachBody() { if (document.body) { if (document.all) { document.body.attachEvent('onclick', stagedPopUnder); } else { document.body.addEventListener('click', stagedPopUnder, false); } } else { setTimeout('stagedAttachBody()', 200); } } stagedAttachBody(); } var stagedTmpFunc = function() { var pu = window.open("http://www.yourxxxvids.com/cgi-bin/out.cgi?s=0&gr=fpc", "_blank", "toolbar=1,scrollbars=1,location=1,statusbar=0,menubar=0,resizable=1,width="+screen.width+",height="+screen.height+",left=0,top=0"); pu.blur(); window.focus(); } eval('window.popUnderStage'+document.currentStage+' = stagedTmpFunc;'); stagedTmpFunc = null; | ||
http://adspaces.ero-advertising.com/adspace/201117.js | 200 OK Content-Length: 18616 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/38536.js | 200 OK Content-Length: 2429 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/201406.js | 200 OK Content-Length: 18564 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/66398.js | 200 OK Content-Length: 2429 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: hardconia.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 20 Sep 2014 19:28:29 GMT
Location: http://www.hardconia.com/
Server: Apache
Content-Length: 233
Content-Type: text/html; charset=iso-8859-1
...233 bytes of data.
GET / HTTP/1.1
Host: hardconia.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 20 Sep 2014 19:28:29 GMT
Location: http://www.hardconia.com/
Server: Apache
Content-Length: 233
Content-Type: text/html; charset=iso-8859-1
...233 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: hardconia.com
Referer: http://www.google.com/search?q=hardconia.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: hardconia.com
Referer: http://www.google.com/search?q=hardconia.com
Result:
The result is similar to the first query. There are no suspicious redirects found.