Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=heavy-r.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://heavy-r.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://heavy-r.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 15 Sep 2014 11:59:28 GMT Location: http://www.heavy-r.com/ Server: cloudflare-nginx Content-Length: 0 Content-Type: application/octet-stream CF-RAY: 16a4a88bde8b0485-FRA Set-Cookie: __cfduid=d786225f8c135117d220043588dab538e1410782368618; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.heavy-r.com; HttpOnly | clean |
http://www.heavy-r.com/ | 200 OK Content-Length: 116392 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: cluster1a.heavy-r.com <!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"> <html> <head> <meta name="prVerify" content="d4a17c7084c497583f7545173522ec3f"/> <META http-equiv="Content-Type" content="text/html; charset=utf-8"> <base href="http://www.heavy-r.com/"/> <title>Free Porn Videos - Heavy-R.com</title> <meta name="description" content="Heavy-R.com is a free porn tube. Updated with th ...[4194 bytes skipped]... | ||
http://www.heavy-r.com//ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js/ | 404 Not Found Content-Length: 337 Content-Type: text/html | clean |
http://www.heavy-r.com/test404page.js | 404 Not Found Content-Length: 337 Content-Type: text/html | clean |
http://heavy-r.com/js/jquery.tools.min.js | HTTP/1.1 301 Moved Permanently Cache-Control: public, max-age=14400 Connection: close Date: Mon, 15 Sep 2014 11:59:30 GMT Location: http://www.heavy-r.com/js/jquery.tools.min.js Server: cloudflare-nginx Content-Length: 0 Content-Type: application/javascript Expires: Mon, 15 Sep 2014 15:59:30 GMT CF-Cache-Status: EXPIRED CF-RAY: 16a4a8978b700f57-FRA Set-Cookie: __cfduid=d1b4cde39271de62adbad93948da642151410782370480; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.heavy-r.com; HttpOnly | clean |
http://www.heavy-r.com/js/jquery.tools.min.js | 200 OK Content-Length: 6799 Content-Type: application/javascript | clean |
http://heavy-r.com/js/jquery.jcarousel.pack2.js | HTTP/1.1 301 Moved Permanently Cache-Control: public, max-age=14400 Connection: close Date: Mon, 15 Sep 2014 11:59:30 GMT Location: http://www.heavy-r.com/js/jquery.jcarousel.pack2.js Server: cloudflare-nginx Content-Type: application/javascript Expires: Mon, 15 Sep 2014 15:59:30 GMT CF-Cache-Status: EXPIRED CF-RAY: 16a4a899cd560f57-FRA Set-Cookie: __cfduid=d6c3490d79d0f0e4a252b3c2edadf50541410782370848; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.heavy-r.com; HttpOnly | clean |
http://www.heavy-r.com/js/jquery.jcarousel.pack2.js | 200 OK Content-Length: 8487 Content-Type: application/javascript | clean |
http://heavy-r.com/js/date.js | HTTP/1.1 301 Moved Permanently Cache-Control: public, max-age=14400 Connection: close Date: Mon, 15 Sep 2014 11:59:31 GMT Location: http://www.heavy-r.com/js/date.js Server: cloudflare-nginx Content-Type: application/javascript Expires: Mon, 15 Sep 2014 15:59:31 GMT CF-Cache-Status: EXPIRED CF-RAY: 16a4a89bf49a0f57-FRA Set-Cookie: __cfduid=deeff7a2fa49bfb3c1caee255f0d416961410782371193; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.heavy-r.com; HttpOnly | clean |
http://www.heavy-r.com/js/date.js | 200 OK Content-Length: 5834 Content-Type: application/javascript | clean |
http://www.heavy-r.com/js/CH_ThumbsPreview.js | 200 OK Content-Length: 2349 Content-Type: application/javascript | clean |
http://www.heavy-r.com/js/general.js | 200 OK Content-Length: 2480 Content-Type: application/javascript | clean |
http://www.heavy-r.com/js/zxml.js | 200 OK Content-Length: 6479 Content-Type: application/javascript | clean |
http://www.heavy-r.com/js/AC_RunActiveContent.js | 200 OK Content-Length: 2350 Content-Type: application/javascript | clean |
http://www.heavy-r.com/js/AC_ActiveX.js | 200 OK Content-Length: 1406 Content-Type: application/javascript | clean |
http://www.heavy-r.com/js/CH_HomePage.js | 200 OK Content-Length: 616 Content-Type: application/javascript | clean |
http://service.clicksvenue.com/get_embed.php?sid=427&spid=465&scid=10 | 200 OK Content-Length: 665 Content-Type: application/x-javascript | clean |
http://m.sancdn.net/imad/imad-san-v3.2.js?domain=camonster.com&tasktitle=&suffix=&p=HeavyRNetwork&v=3&AFNO=1-333338&UHNSMTY=303&volume=0&mute8= | 200 OK Content-Length: 21451 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: heavy-r.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 15 Sep 2014 11:59:28 GMT
Location: http://www.heavy-r.com/
Server: cloudflare-nginx
Content-Length: 0
Content-Type: application/octet-stream
CF-RAY: 16a4a88bde8b0485-FRA
Set-Cookie: __cfduid=d786225f8c135117d220043588dab538e1410782368618; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.heavy-r.com; HttpOnly
...0 bytes of data.
GET / HTTP/1.1
Host: heavy-r.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 15 Sep 2014 11:59:28 GMT
Location: http://www.heavy-r.com/
Server: cloudflare-nginx
Content-Length: 0
Content-Type: application/octet-stream
CF-RAY: 16a4a88bde8b0485-FRA
Set-Cookie: __cfduid=d786225f8c135117d220043588dab538e1410782368618; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.heavy-r.com; HttpOnly
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: heavy-r.com
Referer: http://www.google.com/search?q=heavy-r.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: heavy-r.com
Referer: http://www.google.com/search?q=heavy-r.com
Result:
The result is similar to the first query. There are no suspicious redirects found.