Scanned pages/files
Request | Server response | Status |
http://it.xhamster3.com/ | 200 OK Content-Length: 12715 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var puShown = false; function doOpen(url) { if ( puShown == true ) { return true; } win = window.open(url, 'ljPu', 'toolbar,status,resizable,scrollbars,menubar,location,height=760,width=800'); if ( win ) { win.blur(); puShown = true; { document.addEventListener( 'click', checkTarget, false ); } } function checkTarget(e) { if ( !getCookie('popundr') ) { var e = e || window.event; var win = doOpen('http://www.porncome.mobi'); setCookie('popundr', 1, 24*60*60*1000); } } initPu(); Antivirus reports:
| ||
http://it.xhamster3.com/jquery.js | 200 OK Content-Length: 134911 Content-Type: application/x-javascript | clean |
http://it.xhamster3.com/js/jquery-1.5.2.min.js | 200 OK Content-Length: 85925 Content-Type: application/x-javascript | clean |
http://it.xhamster3.com/js/preview.js | 200 OK Content-Length: 478 Content-Type: application/x-javascript | clean |
http://it.xhamster3.com/jquery.cookie.js | 200 OK Content-Length: 832 Content-Type: application/x-javascript | clean |
http://it.xhamster3.com/popup.js | 200 OK Content-Length: 1216 Content-Type: application/x-javascript | clean |
http://adspaces.ero-advertising.com/adspace/178394.js | 200 OK Content-Length: 767 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/178396.js | 200 OK Content-Length: 1826 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/178395.js | 200 OK Content-Length: 1829 Content-Type: application/javascript | clean |
http://www.statcounter.com/counter/counter.js | 200 OK Content-Length: 9028 Content-Type: application/x-javascript | clean |
http://it.xhamster3.com/rss.xml | 200 OK Content-Length: 429 Content-Type: text/xml | clean |
http://it.xhamster3.com/test404page.js | HTTP/1.1 302 Found Cache-Control: public, max-age=86400 Connection: close Date: Wed, 09 Apr 2014 04:13:43 GMT Location: http://it.xhamster3.com/404.php Server: cloudflare-nginx Content-Type: text/html; charset=iso-8859-1 Expires: Thu, 10 Apr 2014 04:13:43 GMT CF-Cache-Status: MISS CF-RAY: 1183dfa6dd210325-MIA Set-Cookie: __cfduid=dd8606943984e1a79ca1cf2b3c63fb1271397016822856; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.xhamster3.com; HttpOnly | clean |
http://it.xhamster3.com/404.php | 200 OK Content-Length: 10827 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var puShown = false; function doOpen(url) { if ( puShown == true ) { return true; } win = window.open(url, 'ljPu', 'toolbar,status,resizable,scrollbars,menubar,location,height=760,width=800'); if ( win ) { win.blur(); puShown = true; { document.addEventListener( 'click', checkTarget, false ); } } function checkTarget(e) { if ( !getCookie('popundr') ) { var e = e || window.event; var win = doOpen('http://www.porncome.mobi'); setCookie('popundr', 1, 24*60*60*1000); } } initPu(); Antivirus reports:
| ||
http://it.xhamster3.com/contact form.php | 200 OK Content-Length: 13841 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var puShown = false; function doOpen(url) { if ( puShown == true ) { return true; } win = window.open(url, 'ljPu', 'toolbar,status,resizable,scrollbars,menubar,location,height=760,width=800'); if ( win ) { win.blur(); puShown = true; { document.addEventListener( 'click', checkTarget, false ); } } function checkTarget(e) { if ( !getCookie('popundr') ) { var e = e || window.event; var win = doOpen('http://www.porncome.mobi'); setCookie('popundr', 1, 24*60*60*1000); } } initPu(); Antivirus reports:
| ||
http://it.xhamster3.com/casuali-videos.html | 200 OK Content-Length: 10771 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var puShown = false; function doOpen(url) { if ( puShown == true ) { return true; } win = window.open(url, 'ljPu', 'toolbar,status,resizable,scrollbars,menubar,location,height=760,width=800'); if ( win ) { win.blur(); puShown = true; { document.addEventListener( 'click', checkTarget, false ); } } function checkTarget(e) { if ( !getCookie('popundr') ) { var e = e || window.event; var win = doOpen('http://www.porncome.mobi'); setCookie('popundr', 1, 24*60*60*1000); } } initPu(); Antivirus reports:
| ||
http://it.xhamster3.com/top-videos.html | 200 OK Content-Length: 10792 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var puShown = false; function doOpen(url) { if ( puShown == true ) { return true; } win = window.open(url, 'ljPu', 'toolbar,status,resizable,scrollbars,menubar,location,height=760,width=800'); if ( win ) { win.blur(); puShown = true; { document.addEventListener( 'click', checkTarget, false ); } } function checkTarget(e) { if ( !getCookie('popundr') ) { var e = e || window.event; var win = doOpen('http://www.porncome.mobi'); setCookie('popundr', 1, 24*60*60*1000); } } initPu(); Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: it.xhamster3.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 09 Apr 2014 04:13:36 GMT
Server: cloudflare-nginx
Vary: Accept-Encoding
Content-Type: text/html
CF-RAY: 1183df79b8d20325-MIA
Set-Cookie: __cfduid=dbb363e07bcd68025b02d71133dee5b471397016815638; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.xhamster3.com; HttpOnly
X-Cache: HIT from Backend
X-Powered-By: PHP/5.3.25
GET / HTTP/1.1
Host: it.xhamster3.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 09 Apr 2014 04:13:36 GMT
Server: cloudflare-nginx
Vary: Accept-Encoding
Content-Type: text/html
CF-RAY: 1183df79b8d20325-MIA
Set-Cookie: __cfduid=dbb363e07bcd68025b02d71133dee5b471397016815638; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.xhamster3.com; HttpOnly
X-Cache: HIT from Backend
X-Powered-By: PHP/5.3.25
Second query (visit from search engine):
GET / HTTP/1.1
Host: it.xhamster3.com
Referer: http://www.google.com/search?q=it.xhamster3.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: it.xhamster3.com
Referer: http://www.google.com/search?q=it.xhamster3.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=it.xhamster3.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://it.xhamster3.com/
Result: it.xhamster3.com is not infected or malware details are not published yet.
Result: it.xhamster3.com is not infected or malware details are not published yet.