Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=privatepornfilms.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://privatepornfilms.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: thewritersgroup.com.au
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 20 Dec 2014 12:10:03 GMT
Age: 0
Vary: Accept-Encoding, User-Agent
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ss3gl85plm8nbhb46kb55us2p6; path=/
X-Backend: wpaas_web_133
X-Cache: cached
X-Cacheable: NO:Not Cacheable
X-Pingback: http://thewritersgroup.com.au/xmlrpc.php
X-Port: port_10732
GET / HTTP/1.1
Host: thewritersgroup.com.au
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 20 Dec 2014 12:10:03 GMT
Age: 0
Vary: Accept-Encoding, User-Agent
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=ss3gl85plm8nbhb46kb55us2p6; path=/
X-Backend: wpaas_web_133
X-Cache: cached
X-Cacheable: NO:Not Cacheable
X-Pingback: http://thewritersgroup.com.au/xmlrpc.php
X-Port: port_10732
Second query (visit from search engine):
GET / HTTP/1.1
Host: thewritersgroup.com.au
Referer: http://www.google.com/search?q=thewritersgroup.com.au
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: thewritersgroup.com.au
Referer: http://www.google.com/search?q=thewritersgroup.com.au
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://privatepornfilms.com/ | 200 OK Content-Length: 204235 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.streamsexclips.com ...[388 bytes skipped]... lt;td align="center" valign="top" width="245"> <table border=0><tr><td align=left> <span>00.</span><a href="http://www.freefuckvidz.com">Free Porn</a><br> <span>01.</span><a href="/cgi-bin/a2/out.cgi?id=318&u=http://www.x-ho.com/">X-Ho Porn Hoes</a><br> <span>02.</span><a href="/cgi-bin/a2/out.cgi?id=185&u=http://www.streamsexclips.com/">Stream Sex Clips</a><br> <span>03.</span><a href="/cgi-bin/a2/out.cgi?id=460&u=http://video-one.com">Video One</a><br> <span>04.</span><a href="/cgi-bin/a2/out.cgi?id=513&u=http://www.bat9.com">Bat 9</a><br> <span>05.</span><a href="/cgi-bin/a2/out.cgi?id=294&u=http://www.smashmoms.com/">Smash Moms</a><br> <span>06.</span><a ...[3966 bytes skipped]... | ||
http://privatepornfilms.com/jsa/CNbAyPKzKD72.js | 200 OK Content-Length: 78 Content-Type: application/x-javascript | clean |
http://privatepornfilms.com/cgi-bin/a2/out.cgi?id=318&u=http://www.x-ho.com/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 17 Sep 2014 21:41:24 GMT Location: http://www.x-ho.com/ Server: nginx/1.6.1 | clean |
http://www.x-ho.com/ | 200 OK Content-Length: 31621 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: gfporntube.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html lang="en-us" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-us"> <head> <meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type"/> <meta name="Keywords" content="videos, porno, Hardcore, Big Ass, Blowjob, Anal, Redhead, Brunette, Blonde, Interracial, Cums ...[4280 bytes skipped]... | ||
http://www.x-ho.com/medias/jquery-1.3.2.min.js | 200 OK Content-Length: 57254 Content-Type: application/x-javascript | clean |
http://privatepornfilms.com/medias/slideshow.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 17 Sep 2014 21:41:25 GMT Location: http://41tube.com/redir.html Server: nginx/1.6.1 Content-Length: 160 Content-Type: text/html | clean |
http://41tube.com/redir.html | 200 OK Content-Length: 344 Content-Type: text/html | clean |
http://41tube.com/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 17 Sep 2014 21:41:25 GMT Location: http://41tube.com/redir.html Server: nginx/1.6.1 Content-Length: 160 Content-Type: text/html | clean |
http://privatepornfilms.com/medias/links.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 17 Sep 2014 21:41:25 GMT Location: http://41tube.com/redir.html Server: nginx/1.6.1 Content-Length: 160 Content-Type: text/html | clean |
http://privatepornfilms.com/medias/keywords.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 17 Sep 2014 21:41:26 GMT Location: http://41tube.com/redir.html Server: nginx/1.6.1 Content-Length: 160 Content-Type: text/html | clean |
http://privatepornfilms.com/cgi-bin/a2/out.cgi?id=185&u=http://www.streamsexclips.com/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 17 Sep 2014 21:41:26 GMT Location: http://www.streamsexclips.com/ Server: nginx/1.6.1 | malicious |
http://www.streamsexclips.com/ | 200 OK Content-Length: 244066 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: gustoporntube.com </div> <form action="/" class="s_search"> <input type="text" class="s_input" name="search" id="keywords" placeholder="Search ..." autocomplete="off"/> <input type="hidden" name="order" value="ctr" /> <input type="image" class="s_submit" src="/images/s_but.png" name="action" value="Search" /> <ul id="suggestion" name="suggestion" onClick="stopBlur();"/> &l ...[4813 bytes skipped]... | ||
http://syndication.exoclick.com/ads.php?type=300x250&login=vids&cat=2&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=242160&idsite=96412 | 200 OK Content-Length: 640 Content-Type: text/javascript | clean |
http://syndication.exoclick.com/ads.php?type=300x250&login=vids&cat=2&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=242162&idsite=96412 | 200 OK Content-Length: 640 Content-Type: text/javascript | clean |
http://syndication.exoclick.com/ads.php?type=300x250&login=vids&cat=2&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=&text_only=0&show_thumb=&idzone=242164&idsite=96412 | 200 OK Content-Length: 640 Content-Type: text/javascript | clean |
http://ads.adxpansion.com/public/js/showads.php?zone_id=133874&ver=1 | 200 OK Content-Length: 2762 Content-Type: text/javascript | clean |
http://syndication.exoclick.com/splash.php?cat=2&idsite=96412&idzone=178813&login=vids&type=4 | 200 OK Content-Length: 4207 Content-Type: text/html | clean |
http://privatepornfilms.com/cgi-bin/a2/out.cgi?id=460&u=http://video-one.com | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 17 Sep 2014 21:41:27 GMT Location: http://video-one.com Server: nginx/1.6.1 | clean |
http://video-one.com/ | 200 OK Content-Length: 223293 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: xhamsterhq.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <meta name="redtube-domain-validation" content="8f60a1833c501ac6" /> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <title>Video One - fr ...[4285 bytes skipped]... | ||
http://m.8-d.com/prein | 200 OK Content-Length: 16 Content-Type: text/javascript | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.js | 200 OK Content-Length: 163855 Content-Type: text/javascript | clean |
http://static.8-d.com/js/ajaxsearch.js | 200 OK Content-Length: 1423 Content-Type: application/x-javascript | clean |