Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=heutesex.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://heutesex.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://heutesex.com/ | 200 OK Content-Length: 46535 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: morgensex.com ...[3157 bytes skipped]... fen, wenn es um <b>Erotikfilme</b> geht. <b>Deutsche Fickfilme ohne Anmeldung</b> lassen dich praktisch in das Haus deines Nachbarn sehen, wo es so richtig ohne Tabus und unzensiert abgeht. Als Wichsvorlage kannst du zu jederzeit jede Art von <b>freie Pornofilme</b> genieÃen. Wenn du heute Sex willst, dann bleibe hier, wenn du aber lieber Morgen Sex haben möchtest, dann klicke hier: <a href="http://morgensex.com" title="Morgen Sex">Sex am Morgen</a> </div> </span> <center></center> </div> </div> <script type="text/javascript" src="http://slimspread.com/adspace.php?a=pu&n=0"></script> <script type="text/javascript" src="http://slimspread.com/adspace.php?a=pu&n=1"></script> <script type="text/javascript"> ...[548 bytes skipped]... | ||
http://s1x.slimtrade.com/s572.js | 200 OK Content-Length: 3162 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: toplist.traffic-hits.com eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('e p=w N("P 2w 1s (H)","2v 2A 2t (1b)","2s (X)","2k-2q (Y)","2p 2G (26)","2Y 2U 2Z! (9)","P 1s (7)","2N 2R (7)","2Q (6)","3b (6)","25 V 1x (6)","1B 1z (4)","1w (0)","1v 1u 1C V (0)");e z=w N("f://1W.g","f://1X.1F-27.g","f://2d-I.g","f://2c-2b.Z" ...[2720 bytes skipped]... Decoded script: var stTrName=new Array("Gratis Deutsche Pornos (71)","Wicked XXX Top (69)","Tube8 (67)","Xhamster-Porn (59)","Xvideo Deutsch (26)","Fuck me Son! (9)","Gratis Pornos (7)","Uncensored Films (7)","Youjizz (6)","Schweinkram (6)","Nana Incest Book (6)","Horny Girlz (4)","Morgensex (0)","Young And Old Incest (0)");var stTrUrl=new Array("http://gratisdeutschepornos.com","http://toplist.traffic-hits.com","http://tube8-porno.com","http://xhamster-porn.info","http://xvideo-deutsch.com","http://fuckmeson.com","http://gratis-porno-videos.com","http://uncensored-films.com","http://youjizz-porno.com","http://ferkelseite.com","http://nanabook.com","http://www.hornygirlz.info","http://morgensex.com","http://young-and-old.com");var stTrValues=new Array("8,10,0","26,89,42","46,33,19","54,30,14","12,12,7","10,14,5","19,16,3","3,5,0","8,29,32", ...[5672 bytes skipped]... | ||
http://heutesex.com/media/js/jquery-1.5.2.min.js | 200 OK Content-Length: 85939 Content-Type: application/javascript | clean |
http://www.google.com/recaptcha/api/js/recaptcha_ajax.js | 200 OK Content-Length: 115874 Content-Type: text/javascript | clean |
http://heutesex.com/media/js/global.js?t=228530 | 200 OK Content-Length: 21012 Content-Type: application/javascript | clean |
http://slimspread.com/adspace.php?a=b945x100&n=0 | 200 OK Content-Length: 39 Content-Type: text/html | clean |
http://slimspread.com/test404page.js | 404 Not Found Content-Length: 345 Content-Type: text/html | clean |
http://timteen.com/parx/parx.php?s=572 | 200 OK Content-Length: 333 Content-Type: text/javascript | clean |
http://slimspread.com/adspace.php?a=b160x600&n=0 | 200 OK Content-Length: 39 Content-Type: text/html | clean |
http://slimspread.com/adspace.php?a=pu&n=0 | 200 OK Content-Length: 39 Content-Type: text/html | clean |
http://slimspread.com/adspace.php?a=pu&n=1 | 200 OK Content-Length: 39 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: heutesex.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 17 Sep 2014 19:10:24 GMT
Pragma: no-cache
Server: lighttpd/1.4.19
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=556f4c8b818fcc59a83d24773e06d08c; path=/
X-Powered-By: PHP/5.2.6-1+lenny13
GET / HTTP/1.1
Host: heutesex.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Wed, 17 Sep 2014 19:10:24 GMT
Pragma: no-cache
Server: lighttpd/1.4.19
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=556f4c8b818fcc59a83d24773e06d08c; path=/
X-Powered-By: PHP/5.2.6-1+lenny13
Second query (visit from search engine):
GET / HTTP/1.1
Host: heutesex.com
Referer: http://www.google.com/search?q=heutesex.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: heutesex.com
Referer: http://www.google.com/search?q=heutesex.com
Result:
The result is similar to the first query. There are no suspicious redirects found.