Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=petite-virgin-teens.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://petite-virgin-teens.net/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: joojin.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 26 Dec 2014 12:44:54 GMT
Server: apache
Content-Type: text/html
X-Powered-By: PHP/4.3.1
GET / HTTP/1.1
Host: joojin.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 26 Dec 2014 12:44:54 GMT
Server: apache
Content-Type: text/html
X-Powered-By: PHP/4.3.1
Second query (visit from search engine):
GET / HTTP/1.1
Host: joojin.com
Referer: http://www.google.com/search?q=joojin.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: joojin.com
Referer: http://www.google.com/search?q=joojin.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://petite-virgin-teens.net/ | 200 OK Content-Length: 14350 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: lolataboo.com <html> <head> <title>Petite Virgin Teens</title> <link rel="canonical" href="http://petite-virgin-teens.net/"> <script type="text/javascript" src="http://ads.juicyads.com/jsclients/jam_min.js"></script> <script type="text/javascript">window.onload=check_mobile(4017,8378)</script> <meta name="norton-safeweb-site-verification" content="12-1jb8efz6zl6zhkxc9mz5padod-kf09dvtmh ...[4972 bytes skipped]... | ||
http://ads.juicyads.com/jsclients/jam_min.js | 200 OK Content-Length: 21397 Content-Type: application/x-javascript | clean |
http://ads.juicyads.com/jsclients/jac.js | 200 OK Content-Length: 91344 Content-Type: application/x-javascript | clean |
http://petite-virgin-teens.net/out.php?link=freegallery01 | HTTP/1.1 302 Found Connection: close Date: Thu, 11 Sep 2014 11:52:41 GMT Location: http://www.younglittlegirlies.com/ Server: Apache/2.2.25 (Unix) PHP/5.2.17 Content-Length: 0 Content-Type: text/html Set-Cookie: proton=MXwxfDE0MTA0MzYzNjF8MTQxMDQzNjM2MXwxO3lvdW5nbGl0dGxlZ2lybGllcy5jb20%3D; expires=Fri, 12-Sep-2014 11:52:41 GMT; path=/ Set-Cookie: ca=younglittlegirlies.com X-Powered-By: PHP/5.2.17 | clean |
http://www.younglittlegirlies.com/ | 200 OK Content-Length: 89045 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: lilholes.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <meta name="prVerify" content="1eb72b14f08064e6355fd68b2999d936" /> <title>:::::::: welcome to YLG +18yo ::::::::</title> <style type="tex ...[4443 bytes skipped]... | ||
http://mobile.plugrush.com/younglittlegirlies.com/52hv/52hv.js | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://mobile.plugrush.com/test404page.js | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://static.awempire.com/Scripts/AC_RunActiveContent.js | 200 OK Content-Length: 3359 Content-Type: text/javascript | clean |
http://petite-virgin-teens.net/out.php?link=freegallery02 | HTTP/1.1 302 Found Connection: close Date: Thu, 11 Sep 2014 11:52:44 GMT Location: http://nudistgirls.net/in.php?id=pvteens Server: Apache/2.2.25 (Unix) PHP/5.2.17 Content-Length: 0 Content-Type: text/html Set-Cookie: proton=MXwxfDE0MTA0MzYzNjR8MTQxMDQzNjM2NHwxO251ZGlzdGdpcmxzLm5ldA%3D%3D; expires=Fri, 12-Sep-2014 11:52:44 GMT; path=/ Set-Cookie: ca=nudistgirls.net X-Powered-By: PHP/5.2.17 | clean |
http://nudistgirls.net/in.php?id=pvteens | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 11 Sep 2014 11:52:44 GMT Location: http://nudistgirls.net/index.php?pvteens Server: Apache Content-Length: 0 Content-Type: text/html Set-Cookie: Username=pvteens; expires=Thu, 11-Sep-2014 11:54:44 GMT; path=/ Set-Cookie: Session=6d40d655230649993d12dc680b102603; expires=Thu, 11-Sep-2014 11:54:44 GMT; path=/ Set-Cookie: Time=1410436364.81; expires=Thu, 11-Sep-2014 11:54:44 GMT; path=/ X-Powered-By: PHP/5.3.28 | clean |
http://nudistgirls.net/index.php?pvteens | 200 OK Content-Length: 52074 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: nudistteen.net ...[1414 bytes skipped]... family: Verdana, Arial, Helvetica, sans-serif; font-size: 18px; color: #06789E; text-decoration: none; } .style1 a:hover { color: red } --> </style></head> <BODY BACKGROUND="" BGCOLOR="#EEEDC1" TEXT="#505050" LINK="#0000FF" VLINK="#0000FF" ALINK="#0000FF"> <center> <!-- <a href="http://nudistgirls.net/out.php?id=free&url=http%3A%2F%2Fnudistteen.net%2Fse.php" target="_blank"> <img src="http://nudistteen.net/links/se_1.jpg" alt="" width="800" height="196" border="1"><br></a> <br>--> <div class=layer1><font face="Arial" color="#646464">Nudist Girls</font></div> <div class=layer2><font face="Arial" color="White">Nudist Girls</font></div> <div class=layer3><font face="Arial" color="#C9C9C9">Nudist Girls</font></di ...[2524 bytes skipped]... | ||
http://nudistgirls.net/out.php?id=ts18&url=http%3A%2F%2Fgo.trafficshop.com%2Fab194cdb%2F%3Fbu%3Dhttp%3A%2F%2Fnudistgirls.net%2Ftop.php | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 11 Sep 2014 11:52:46 GMT Location: http://go.trafficshop.com/ab194cdb/?bu=http://nudistgirls.net/top.php Server: Apache Content-Length: 0 Content-Type: text/html X-Pad: avoid browser bug X-Powered-By: PHP/5.3.28 | malicious |
http://go.trafficshop.com/ab194cdb/?bu=http://nudistgirls.net/top.php | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, must-revalidate Connection: close Date: Thu, 11 Sep 2014 11:52:46 GMT Pragma: no-cache Location: http://go.trafficshop.com/outz/?hash=a34aea64d793555fdf27572da2ec7bbf&js=1 Server: nginx Content-Type: text/html Expires: Sun, 1 Jan 2012 00:00:01 GMT Set-Cookie: u=NEN1S1FVX5Jpmmymrre8ipec06eo47nxw8bW3RDj6CL7%2BgQFEBohHicqLzk%2BR0pTWWNfb2s%3D; expires=Fri, 11-Sep-2015 11:52:46 GMT; path=/; domain=.trafficshop.com Set-Cookie: c=NENASUxRW2BpbHV7hYKRjZGZnaWpsbW9wcnN1dnh5e3x%2Bf0FCREVHSEqLTU5QUVNUVldZWlxdX2BiY2VmaE%3D; expires=Fri, 11-Sep-2015 11:52:46 GMT; path=/; domain=.trafficshop.com Set-Cookie: hello=bye; path=/; domain=go.trafficshop.com X-Frame-Options: DENY | clean |
http://go.trafficshop.com/outz/?hash=a34aea64d793555fdf27572da2ec7bbf&js=1 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 11 Sep 2014 11:52:46 GMT Location: http://nudistgirls.net/top.php Server: nginx Content-Type: text/html X-Frame-Options: DENY | clean |
http://nudistgirls.net/top.php | 200 OK Content-Length: 7313 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: petite-virgin-teens.net ...[2024 bytes skipped]... rial, Helvetica, sans-serif; color: #e0e0e0; font-size: 11px; } </style> <script type='text/javascript'> function navigateWithReferrer(url) { var fakeLink = document.createElement('a'); if (typeof(fakeLink.click) == 'undefined') location.style1"> <a href="http://nudistgirls.net/out.php?id=pvteens&url=http%3A%2F%2Fpetite-virgin-teens.net%2F" target="_blank"><b>Petite Virgin Teens</b></a><br>Free links to a lot of real 18yo petite girls</td> <!--<td align="right" class="style3">40/88</td>--> </tr> <tr valign="top"> <td class="style3">352.</td> <td align="left" class="style1"> <a href="http://nudistgirls.net/out.php?id=purenud&url=http%3A%2F%2Fpure-nudist.com" target="_blank"><b>Pure Young Nu ...[2118 bytes skipped]... | ||
http://nudistgirls.net/out.php?id=myjsis&url=http%3A%2F%2Fmy-junior-sister.net%2F | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 11 Sep 2014 11:52:47 GMT Location: http://my-junior-sister.net/ Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.28 | clean |
http://my-junior-sister.net/ | 200 OK Content-Length: 42780 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: i11egalpussy.com <html>
<head> <TITLE>Spying on my sister</TITLE> <link rel="stylesheet" type="text/css" href="style.css" /> </style> <base target="_blank"> <script language="javascript" type="text/javascript"> <!-- document.cookie='proton=MXwwfDE0MTA0MzYzNjh8MTQxMDQzNjM2OHwwO25vcmVmX2lu; expires=Fri, 12 Sep 2014 11:52:48 GMT; path=/;'; document.cookie='fav=1410436368; expires= ...[5057 bytes skipped]... | ||
http://mobile.juicyads.com/js/jam_min.js | 200 OK Content-Length: 21397 Content-Type: application/x-javascript | clean |
http://xapi.juicyads.com/js/jac.js | 200 OK Content-Length: 91344 Content-Type: application/x-javascript | clean |
http://s7.addthis.com/js/250/addthis_widget.js | 200 OK Content-Length: 6875 Content-Type: text/javascript | clean |
http://nudistgirls.net/out.php?link=young_daisy | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 11 Sep 2014 11:52:49 GMT Location: http://nudistgirls.net/index.php Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.28 | clean |
http://nudistgirls.net/index.php | 200 OK Content-Length: 52074 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: nudistteen.net ...[1414 bytes skipped]... family: Verdana, Arial, Helvetica, sans-serif; font-size: 18px; color: #06789E; text-decoration: none; } .style1 a:hover { color: red } --> </style></head> <BODY BACKGROUND="" BGCOLOR="#EEEDC1" TEXT="#505050" LINK="#0000FF" VLINK="#0000FF" ALINK="#0000FF"> <center> <!-- <a href="http://nudistgirls.net/out.php?id=free&url=http%3A%2F%2Fnudistteen.net%2Fse.php" target="_blank"> <img src="http://nudistteen.net/links/se_1.jpg" alt="" width="800" height="196" border="1"><br></a> <br>--> <div class=layer1><font face="Arial" color="#646464">Nudist Girls</font></div> <div class=layer2><font face="Arial" color="White">Nudist Girls</font></div> <div class=layer3><font face="Arial" color="#C9C9C9">Nudist Girls</font></di ...[2524 bytes skipped]... | ||
http://nudistgirls.net/out.php?id=ts02&url=http%3A%2F%2Fgo.trafficshop.com%2Fab194cdb%2F%3Fbu%3Dhttp%3A%2F%2Fnudistgirls.net%2Ftop.php | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 11 Sep 2014 11:52:51 GMT Location: http://go.trafficshop.com/ab194cdb/?bu=http://nudistgirls.net/top.php Server: Apache Content-Length: 0 Content-Type: text/html X-Pad: avoid browser bug X-Powered-By: PHP/5.3.28 | malicious |
http://nudistgirls.net/out.php?id=avatraff&url=http%3A%2F%2Fgo.trafficshop.com%2Fab194cdb%2F%3Fbu%3Dhttp%3A%2F%2Fnudistgirls.net%2Ftop.php | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 11 Sep 2014 11:52:51 GMT Location: http://go.trafficshop.com/ab194cdb/?bu=http://nudistgirls.net/top.php Server: Apache Content-Length: 0 Content-Type: text/html X-Pad: avoid browser bug X-Powered-By: PHP/5.3.28 | malicious |
http://nudistgirls.net/out.php?id=nudism&url=http%3A%2F%2Fnudistteen.net%2Fsites.php%3Fng | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 11 Sep 2014 11:52:51 GMT Location: http://nudistteen.net/sites.php?ng Server: Apache Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.28 | malicious |
http://nudistteen.net/sites.php?ng | 200 OK Content-Length: 38370 Content-Type: text/html | clean |