Scanned pages/files
| Request | Server response | Status |
http://kinkyamateurtube.com/ | 200 OK Content-Length: 180977 Content-Type: text/html | suspicious |
Suspicious code found <div class="headercont"><!--headercont--> <h1 class="logo"><a href="http://kinkyamateurtube.com" title="Kinky Amateur Tube"> <img src="http://kinkyamateurtube.com/wp-content/uploads/2014/03/Fondo_Banner_Kinky-1220x75_1.jpg" alt="" /> </a> ...[1869 bytes skipped]... | ||
http://adspaces.ero-advertising.com/adspace/306779.js | 200 OK Content-Length: 758 Content-Type: application/javascript | clean |
http://toplist.raidrush.ws/js/popup.php?sid=4675 | 200 OK Content-Length: 1885 Content-Type: text/html | clean |
http://toplist.raidrush.ws/test404page.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 16 Sep 2014 01:33:26 GMT Location: http://toplist.raidrush.ws/ Server: nginx Content-Type: text/html | clean |
http://toplist.raidrush.ws/ | 200 OK Content-Length: 35562 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: zwei.in <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="de-DE"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <meta http-equiv="Content-Language" content="de" /> <meta name="description" content="Die Raid-Rush Topliste ist ein kostenloses und ...[4608 bytes skipped]... | ||
http://toplist.raidrush.ws/js/effekt.js | 200 OK Content-Length: 464 Content-Type: application/x-javascript | clean |
http://raidrush.ws/ticker/ticker.js | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 16 Sep 2014 01:33:21 GMT Location: http://www.raidrush.ws/ticker/ticker.js Server: Apache Vary: Accept-Encoding Content-Length: 247 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.raidrush.ws/ticker/ticker.js | 200 OK Content-Length: 2887 Content-Type: application/javascript | clean |
http://ads.raidrush.org/banner.php?w=468&h=60&t=sfw&s=rrws | 200 OK Content-Length: 281 Content-Type: text/html | clean |
http://ads.raidrush.org/test404page.js | 404 Not Found Content-Length: 564 Content-Type: text/html | clean |
http://toplist.raidrush.ws/rand.php?t=js&cid=&lim=1 | 200 OK Content-Length: 518 Content-Type: text/html | clean |
http://toplist.raidrush.ws/out/3748/ | HTTP/1.1 307 Temporary Redirect Connection: close Date: Tue, 16 Sep 2014 01:33:28 GMT Location: http://mlcboard.com Server: nginx Content-Type: text/html | clean |
http://mlcboard.com/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Tue, 16 Sep 2014 01:33:30 GMT Location: http://mlcboard.com/forum/index.php Server: cloudflare-nginx Content-Type: text/html CF-RAY: 16a950f7f20e0f57-FRA Set-Cookie: __cfduid=d575ce7cdfa4016d45decc4c4497e59461410831210239; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.mlcboard.com; HttpOnly | clean |
http://mlcboard.com/forum/index.php | 200 OK Content-Length: 475 Content-Type: text/html | clean |
http://ads.raidrush.org/banner.php?w=160&h=600&t=sfw&s=rrtop | 200 OK Content-Length: 284 Content-Type: text/html | clean |
http://ads.raidrush.org/c.php?x=0 | HTTP/1.1 307 Temporary Redirect Cache-Control: no-store, no-cache, must-revalidate Connection: close Date: Tue, 16 Sep 2014 01:33:29 GMT Location: http://buxflow.com/xref.php?ref=ok&dref=go Server: nginx Content-Type: text/javascript; charset=iso-8859-1 | clean |
http://buxflow.com/xref.php?ref=ok&dref=go | 200 OK Content-Length: 1522 Content-Type: text/javascript | suspicious |
Suspicious code. Script contains iFrame. function set2xcc(url,id) { var ccment = document.getElementById(id); if(id=="img2x"){ccment.src = url;}else{try{ccment.contentWindow.location.replace(url);}catch(e){ccment.src = url;}} return true;}var x2img = "<di"+"v style=\"display:no"+"ne;\"><im"+"g src=\"\" id=\"img2x\" /></d"+"iv>";var x2frame = "<di"+"v st"+"yle=\"display:no"+"ne;\"><ifr"+"ame src=\"\" id=\"f2x\" name=\"f2x\"></ifr"+"ame></d"+"iv>";v ...[1142 bytes skipped]... Decoded script: ...[1372 bytes skipped]... "f2x"); }, 19500 */ function () { set2xcc("http://youspacko.com/com/ad.php?http://www.firstload.de/affiliate/log.php?log=45671", "f2x"); } /*** called setTimeout with function () { set2xcc("http://youspacko.com/com/ad.php?http://www.firstload.de/affiliate/log.php?log=45671", "f2x"); }, 100 */ <div style="display:none;"><img src="" id="img2x" /></div><div style="display:none;"><iframe src="" id="f2x" name="f2x"></iframe></div><div style="display:none;"><iframe src="" id="f3x" name="f3x"></iframe></div><div style="display:none;"><iframe src="" id="f4x" name="f4x"></iframe></div> | ||
http://kinkyamateurtube.com//s7.addthis.com/js/300/addthis_widget.js/ | 404 Not Found Content-Length: 11138 Content-Type: text/html | suspicious |
Suspicious code found <div id="content"><!--content--> <div class="contentbg"> <div class="contenttop"> <div class="contentbtm"> <div class="postcont" style="width:1020px"><!--postcont--> <div class="entry"><!--entry--> <div class="nopost">Sorry, but you are looking for something that isn't here.</div&g ...[463 bytes skipped]... | ||
http://kinkyamateurtube.com/wp-content/plugins/wp-postratings/postratings-js.js?ver=1.79 | 200 OK Content-Length: 3329 Content-Type: application/x-javascript | clean |
http://kinkyamateurtube.com/category/anal/ | 200 OK Content-Length: 180473 Content-Type: text/html | suspicious |
Suspicious code found <div class="headercont"><!--headercont--> <h1 class="logo"><a href="http://kinkyamateurtube.com" title="Kinky Amateur Tube"> <img src="http://kinkyamateurtube.com/wp-content/uploads/2014/03/Fondo_Banner_Kinky-1220x75_1.jpg" alt="" /> </a> ...[1869 bytes skipped]... | ||
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: kinkyamateurtube.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 16 Sep 2014 01:33:27 GMT
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Pingback: http://kinkyamateurtube.com/xmlrpc.php
X-Powered-By: PHP/5.3.28
GET / HTTP/1.1
Host: kinkyamateurtube.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 16 Sep 2014 01:33:27 GMT
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Pingback: http://kinkyamateurtube.com/xmlrpc.php
X-Powered-By: PHP/5.3.28
Second query (visit from search engine):
GET / HTTP/1.1
Host: kinkyamateurtube.com
Referer: http://www.google.com/search?q=kinkyamateurtube.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: kinkyamateurtube.com
Referer: http://www.google.com/search?q=kinkyamateurtube.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=kinkyamateurtube.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://kinkyamateurtube.com/
Result: kinkyamateurtube.com is not infected or malware details are not published yet.
Result: kinkyamateurtube.com is not infected or malware details are not published yet.