Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=hardcoredumper.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://hardcoredumper.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://www.hardcoredumper.com/ | 200 OK Content-Length: 94107 Content-Type: text/html | malicious |
Page code contains blacklisted domain: pornoberza.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Hardcore tube, Anal Fuck, Mature Sex Videos, Creampie movies, Amateur Homemade clips :: Home</title> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <meta name="title" content="Ha ...[4322 bytes skipped]... Malicious iFrame found. size: 305x255 src: http://hardcoredumper.com/hcdthumbad.php This URL is marked by Yandex as suspicious <iframe src ="http://hardcoredumper.com/hcdthumbad.php" width="305" height="255" frameborder="0" marginheight="0" marginwidth="0" scrolling="no" style="margin: 0; text-align: center;"> Malicious iFrame found. size: 300x250 src: http://hardcoredumper.com/suplje/banned_ads_01.php This URL is marked by Yandex as suspicious <iframe src="http://hardcoredumper.com/suplje/banned_ads_01.php" width="300" height="250" frameborder="0" marginheight="0" marginwidth="0" scrolling="no" style="margin: 0; text-align: center;"> | ||
http://hardcoredumper.com/webmasters/mootools.svn.js | 200 OK Content-Length: 183653 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var MooTools = { version: '1.11' }; function $defined(obj){ return (obj != undefined); }; function $type(obj){ if (!$defined(obj)) return false; if (obj.htmlElement) return 'element'; var type = typeof obj; if (type == 'object' && obj.nodeName){ switch(obj.nodeType){ case 1: return 'element'; case 3: return (/\S/).test(obj.nodeValue) ? 'textnode' : 'whitespace'; } } if (type == 'object' || type == 'functio this.elements.each(function(el, i){ obj[i] = {}; var hide = (i != index) || (this.options.alwaysHide && (el.offsetHeight > 0)); this.fireEvent(hide ? 'onBackground' : 'onActive', [this.togglers[i], el]); for (var fx in this.effects) obj[i][fx] = hide ? 0 : el[this.effects[fx]]; }, this); return this.start(obj); }, showThisHideOpen: function(index){return this.display(index);} }); Fx.Accordion = Accordion; Antivirus reports:
| ||
http://hardcoredumper.com/pop1zombi.js | 200 OK Content-Length: 2617 Content-Type: application/javascript | clean |
http://hardcoredumper.com/pop2berza.js | 200 OK Content-Length: 2621 Content-Type: application/javascript | clean |
http://ads.adxpansion.com/public/js/showads.php?zone_id=47008&ver=1 | 200 OK Content-Length: 2735 Content-Type: text/javascript | clean |
http://adspaces.ero-advertising.com/adspace/97117.js | 200 OK Content-Length: 1827 Content-Type: application/javascript | clean |
http://ads.adxpansion.com/public/js/showads.php?zone_id=67466&ver=1 | 200 OK Content-Length: 2736 Content-Type: text/javascript | clean |
http://syndication.exoclick.com/ads.php?type=120x600&login=milos31&cat=97&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=0&text_only=0&show_thumb=0&idzone=32899&idsite=39286 | 200 OK Content-Length: 645 Content-Type: text/javascript | clean |
http://ads.adxpansion.com/public/js/showads.php?zone_id=7477&ver=1 | 200 OK Content-Length: 2710 Content-Type: text/javascript | clean |
http://syndication.exoclick.com/ads.php?type=300x250&login=milos31&cat=97&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=0&text_only=0&show_thumb=0&idzone=35941&idsite=39286 | 200 OK Content-Length: 645 Content-Type: text/javascript | clean |
http://widgets.amung.us/classic.js | 200 OK Content-Length: 9043 Content-Type: application/x-javascript | clean |
http://www.alexa-xxx.com/rank.php?url=hardcoredumper.com&bg=ffffff&txt=000080 | 200 (OK) Content-Length: 1397 Content-Type: text/html | clean |
http://www.alexa-xxx.com/test404page.js | 200 (OK) Content-Length: 1403 Content-Type: text/html | clean |
http://ads.adxpansion.com/public/js/showads.php?zone_id=18555&ver=1&type=imbox&style=green02 | 200 OK Content-Length: 7696 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: hardcoredumper.com
Result:
GET / HTTP/1.1
Host: hardcoredumper.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: hardcoredumper.com
Referer: http://www.google.com/search?q=hardcoredumper.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: hardcoredumper.com
Referer: http://www.google.com/search?q=hardcoredumper.com
Result:
The result is similar to the first query. There are no suspicious redirects found.