Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=retrotube.in
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://retrotube.in/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: roadgritting.co.uk
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 14 Jan 2015 05:57:41 GMT
Location: http://www.roadgritting.co.uk/
Server: Apache
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.roadgritting.co.uk/xmlrpc.php
X-Powered-By: PHP/5.2.17
...0 bytes of data.
GET / HTTP/1.1
Host: roadgritting.co.uk
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 14 Jan 2015 05:57:41 GMT
Location: http://www.roadgritting.co.uk/
Server: Apache
Content-Length: 0
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.roadgritting.co.uk/xmlrpc.php
X-Powered-By: PHP/5.2.17
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: roadgritting.co.uk
Referer: http://www.google.com/search?q=roadgritting.co.uk
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: roadgritting.co.uk
Referer: http://www.google.com/search?q=roadgritting.co.uk
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://retrotube.in/ | 200 OK Content-Length: 238929 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: maturedtube.com <div class="title_bl"><h2>More Retro Tube Videos on:</h2></div> <div class="clear"></div> <!--top free start--><!--top free start--> <table width="994" border="0" cellpadding="0" cellspacing="0" class="ot"> <tr> <td height="50" colspan="2" align="center"> <table border=0 cellpadding=0 cellspacing=0 class="top topc"> <tr>< ...[4706 bytes skipped]... | ||
http://retrotube.in/jsa/xD9tRayPtJwk.js | 200 OK Content-Length: 69 Content-Type: application/x-javascript | clean |
http://retrotube.in/cgi-bin/at3/out.cgi?id=90&trade=http://yourtube.xxx/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 21 Sep 2014 06:32:32 GMT Location: http://yourtube.xxx/ Server: nginx/1.6.1 Set-Cookie: atexc=90,$#; path=/; | clean |
http://yourtube.xxx/ | 200 OK Content-Length: 220727 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.xnxxhdsex.com ...[209 bytes skipped]... table width="994" border="0" cellpadding="0" cellspacing="0" class="ot"> <tr> <td height="50" colspan="2" align="center"> <table border=0 cellpadding=0 cellspacing=0 class="top topc"> <tr><td align="center" valign="top" width="245"> <table border=0><tr><td align=left> <span>01.</span><a href="/cgi-bin/at3/out.cgi?id=856&trade=http://www.xnxxhdsex.com/">XNXX HD sex</a><br> <span>02.</span><a href="/cgi-bin/at3/out.cgi?id=699&trade=http://maturedtube.com">Mature XXX Tube</a><br> <span>03.</span><a href="/cgi-bin/at3/out.cgi?id=1001&trade=http://www.69xxxtube.com/">69 XXX Tube</a><br> <span>04.</span><a href="/cgi-bin/at3/out.cgi?id=675&trade=http://www.24x7tube.com/">24x7 porn tube</a><br> &l ...[4067 bytes skipped]... | ||
http://yourtube.xxx/jsa/lsmALtxoCVHe.js | 200 OK Content-Length: 68 Content-Type: application/x-javascript | clean |
http://retrotube.in/cgi-bin/at3/out.cgi?id=856&trade=http://www.xnxxhdsex.com/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 21 Sep 2014 06:32:40 GMT Location: http://www.xnxxhdsex.com/ Server: nginx/1.6.1 Set-Cookie: atexc=856,$#; path=/; | malicious |
http://www.xnxxhdsex.com/ | 200 OK Content-Length: 167319 Content-Type: text/html | clean |
http://www.xnxxhdsex.com//ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js/ | 404 Not Found Content-Length: 14728 Content-Type: text/html | clean |
http://html5shim.googlecode.com/svn/trunk/html5.js | 200 OK Content-Length: 2429 Content-Type: text/javascript | clean |
http://www.xnxxhdsex.com/templates/xnxx/assets/js/common.mini.js | 200 OK Content-Length: 702 Content-Type: application/x-javascript | clean |
http://www.xnxxhdsex.com//s7.addthis.com/js/300/addthis_widget.js/ | 404 Not Found Content-Length: 14728 Content-Type: text/html | clean |
http://www.xnxxhdsex.com/latest/ | 200 OK Content-Length: 270868 Content-Type: text/html | clean |
http://www.xnxxhdsex.com/longest/ | 200 OK Content-Length: 249107 Content-Type: text/html | clean |
http://www.xnxxhdsex.com/popular/ | 200 OK Content-Length: 263939 Content-Type: text/html | clean |
http://www.xnxxhdsex.com/ftt2/o.php?u=http://beeg.com/1044226?i=lucky7 | HTTP/1.1 302 Found Cache-Control: no-store, no-cache, must-revalidate Connection: close Date: Sun, 21 Sep 2014 06:32:44 GMT Pragma: no-cache Location: http://beeg.com/1044226?i=lucky7 Server: nginx Content-Length: 0 Content-Type: text/html Set-Cookie: ftt2=YTo1OntzOjI6ImlwIjtpOjEzMTg5ODA1Nzg7czoxOiJmIjtzOjE6IjAiO3M6MToicyI7czo1OiJub3JlZiI7czoxOiJ2IjthOjA6e31zOjI6ImNjIjtpOjE7fQ%3D%3D; expires=Mon, 22-Sep-2014 06:32:44 GMT; path=/; domain=.xnxxhdsex.com | clean |
http://beeg.com/1044226?i=lucky7 | HTTP/1.1 301 Moved Permanently Connection: close Date: Sun, 21 Sep 2014 06:33:11 GMT Location: http://beeg.com/1044226 Server: nginx/1.6.1 Content-Length: 184 Content-Type: text/html Set-Cookie: seller_id=lucky7;domain=beeg.com;Max-Age=1800 | clean |
http://beeg.com/1044226 | 200 OK Content-Length: 27377 Content-Type: text/html | clean |
http://beeg.com//ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js/ | HTTP/1.1 404 Not Found Connection: close Date: Sun, 21 Sep 2014 06:33:12 GMT Server: nginx/1.6.1 Vary: Accept-Encoding Content-Type: text/html Set-Cookie: uniqid=twHoo0h; expires=Wed, 16-Sep-2015 06:33:12 GMT; path=/; domain=beeg.com Set-Cookie: firsttime=1411281192; expires=Wed, 16-Sep-2015 06:33:12 GMT; path=/; domain=beeg.com Set-Cookie: firsttimeref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=beeg.com Set-Cookie: lasttime=1411281192; expires=Wed, 16-Sep-2015 06:33:12 GMT; path=/; domain=beeg.com Set-Cookie: pageview=1; expires=Wed, 16-Sep-2015 06:33:12 GMT; path=/; domain=beeg.com Set-Cookie: geo=LT; expires=Wed, 16-Sep-2015 06:33:12 GMT; path=/; domain=beeg.com Set-Cookie: mob=0; expires=Wed, 16-Sep-2015 06:33:12 GMT; path=/; domain=beeg.com Set-Cookie: mob=0; expires=Wed, 16-Sep-2015 06:33:12 GMT; path=/; domain=beeg.com X-ALL-KEY: beeg.com-main_-//ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js/-mainEUhttp X-Powered-By: PHP/5.4.5 | clean |
http://beeg.com/ | 200 OK Content-Length: 45448 Content-Type: text/html | clean |
http://beeg.com//staticloads.com/js/global.js?v=2013.09.27/ | 404 Not Found Content-Length: 570 Content-Type: text/html | clean |