Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=sexfreeway.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://sexfreeway.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://sexfreeway.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Sep 2014 16:11:24 GMT Location: http://www.sexfreeway.com/ Server: nginx Content-Length: 178 Content-Type: text/html | clean |
http://www.sexfreeway.com/ | 200 OK Content-Length: 36663 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: static.nowgoo.com <!doctype html> <html lang="en"> <head> <meta charset="utf-8"> <title>Sex Freeway - Index</title> <meta name="description" content=""> <link rel="stylesheet" href="http://static.nowgoo.com/sexfreeway.com/style.css"> <link rel="canonical" href="http://www.sexfreeway.com/"> <link rel="dns-prefetch" href="//et0.xhamster.com/"> <link rel="dns-prefetch" href="//et1.xhamster.com/"> <link rel="dns-prefetch" href="//et2.xhamster.com/"> <link rel="dns-prefetch" href="//et3.xhamster.com/"> <link rel="dns-prefetch" href="//et4.xhamster.com/"> <link rel="dns ...[4128 bytes skipped]... | ||
http://static.nowgoo.com/blazy.min.js | 200 OK Content-Length: 3064 Content-Type: application/x-javascript | clean |
http://s1.slimtrade.com/s6616.js | 200 OK Content-Length: 8856 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: www.nowgoo.com eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('e u=B 1a("2w 2y (23)","2Z q (14)","2W q (14)","q 2N (5)","T 2U (5)","T 2T (4)","q 2R (1)","q 3f (1)","q 3d (0)","q 2G (0)","T 2v (0)");e z=B 1a("g://k.2u.f","g://k.2t.f","g://k.2q.f","g://k.2r.f","g://k.2s.f","g://k.2z.f","g://k.2F.f","g:/ ...[3574 bytes skipped]... Decoded script: var stTrName=new Array("now Goo (23)","Anon Porn (14)","Loco Porn (14)","Porn Myths (5)","Sex Rope (5)","Sex Nuke (4)","Porn Boner (1)","Porn Troika (1)","Porn Chili (0)","Porn Vortex (0)","Sex Dust (0)");var stTrUrl=new Array("http://www.nowgoo.com","http://www.anonporn.com","http://www.locoporn.com","http://www.pornmyths.com","http://www.sexrope.com","http://www.sexnuke.com","http://www.pornboner.com","http://www.porntroika.com","http://www.pornchili.com","http://www.pornvortex.com","http://www.sexdust.com");var stTrValues=new Array("11,87,73","17,66,55","41,52,34","42,59,23","23,34,16","14,42,16","12,43,16","4,15,11","4,21,8","4,18,7","1,8,6","12,28,6","1,15,3","3,10,2","2,15,2"," ...[16534 bytes skipped]... | ||
http://adspaces.ero-advertising.com/adspace/301959.js | 200 OK Content-Length: 1547 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/302020.js | 200 OK Content-Length: 18589 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/302019.js | 200 OK Content-Length: 2431 Content-Type: application/javascript | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js | 200 OK Content-Length: 95786 Content-Type: text/javascript | clean |
http://sexfreeway.com/Teens/c2/p1/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Sep 2014 16:11:28 GMT Location: http://www.sexfreeway.com/Teens/c2/p1/ Server: nginx Content-Length: 178 Content-Type: text/html | clean |
http://www.sexfreeway.com/teens/c2/p1/ | 200 OK Content-Length: 144020 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: static.nowgoo.com <!doctype html> <html lang="en"> <head> <meta charset="utf-8"> <title>teens - Page 1</title> <meta name="description" content=""> <link rel="stylesheet" href="http://static.nowgoo.com/sexfreeway.com/style.css"> <link rel="canonical" href="http://www.sexfreeway.com/teens/c2/p1/"> <link rel="dns-prefetch" href="//et0.xhamster.com/"> <link rel="dns-prefetch" href="//et1.xhamster.com/"> <link rel="dns-prefetch" href="//et2.xhamster.com/"> <link rel="dns-prefetch" href="//et3.xhamster.com/"> <link rel="dns-prefetch" href="//et4.xhamster.com/"> <l ...[4233 bytes skipped]... | ||
http://adspaces.ero-advertising.com/adspace/301958.js | 200 OK Content-Length: 1548 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/301957.js | 200 OK Content-Length: 1558 Content-Type: application/javascript | clean |
http://sexfreeway.com/teens/c2/p1/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Sep 2014 16:11:30 GMT Location: http://www.sexfreeway.com/teens/c2/p1/ Server: nginx Content-Length: 178 Content-Type: text/html | clean |
http://www.sexfreeway.com/test404page.js | 404 Not Found Content-Length: 564 Content-Type: text/html | clean |
http://sexfreeway.com/teens/c2/p2/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 18 Sep 2014 16:11:31 GMT Location: http://www.sexfreeway.com/teens/c2/p2/ Server: nginx Content-Length: 178 Content-Type: text/html | clean |
http://www.sexfreeway.com/teens/c2/p2/ | 200 OK Content-Length: 144258 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: static.nowgoo.com <!doctype html> <html lang="en"> <head> <meta charset="utf-8"> <title>teens - Page 2</title> <meta name="description" content=""> <link rel="stylesheet" href="http://static.nowgoo.com/sexfreeway.com/style.css"> <link rel="canonical" href="http://www.sexfreeway.com/teens/c2/p2/"> <link rel="dns-prefetch" href="//et0.xhamster.com/"> <link rel="dns-prefetch" href="//et1.xhamster.com/"> <link rel="dns-prefetch" href="//et2.xhamster.com/"> <link rel="dns-prefetch" href="//et3.xhamster.com/"> <link rel="dns-prefetch" href="//et4.xhamster.com/"> <l ...[4239 bytes skipped]... | ||
http://www.sexfreeway.com/teens/c2/p3/ | 200 OK Content-Length: 144999 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: static.nowgoo.com <!doctype html> <html lang="en"> <head> <meta charset="utf-8"> <title>teens - Page 3</title> <meta name="description" content=""> <link rel="stylesheet" href="http://static.nowgoo.com/sexfreeway.com/style.css"> <link rel="canonical" href="http://www.sexfreeway.com/teens/c2/p3/"> <link rel="dns-prefetch" href="//et0.xhamster.com/"> <link rel="dns-prefetch" href="//et1.xhamster.com/"> <link rel="dns-prefetch" href="//et2.xhamster.com/"> <link rel="dns-prefetch" href="//et3.xhamster.com/"> <link rel="dns-prefetch" href="//et4.xhamster.com/"> <l ...[4239 bytes skipped]... | ||
http://www.sexfreeway.com/teens/c2/p4/ | 200 OK Content-Length: 144329 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: static.nowgoo.com <!doctype html> <html lang="en"> <head> <meta charset="utf-8"> <title>teens - Page 4</title> <meta name="description" content=""> <link rel="stylesheet" href="http://static.nowgoo.com/sexfreeway.com/style.css"> <link rel="canonical" href="http://www.sexfreeway.com/teens/c2/p4/"> <link rel="dns-prefetch" href="//et0.xhamster.com/"> <link rel="dns-prefetch" href="//et1.xhamster.com/"> <link rel="dns-prefetch" href="//et2.xhamster.com/"> <link rel="dns-prefetch" href="//et3.xhamster.com/"> <link rel="dns-prefetch" href="//et4.xhamster.com/"> <l ...[4239 bytes skipped]... | ||
http://www.sexfreeway.com/teens/c2/p5/ | 200 OK Content-Length: 142831 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: static.nowgoo.com <!doctype html> <html lang="en"> <head> <meta charset="utf-8"> <title>teens - Page 5</title> <meta name="description" content=""> <link rel="stylesheet" href="http://static.nowgoo.com/sexfreeway.com/style.css"> <link rel="canonical" href="http://www.sexfreeway.com/teens/c2/p5/"> <link rel="dns-prefetch" href="//et0.xhamster.com/"> <link rel="dns-prefetch" href="//et1.xhamster.com/"> <link rel="dns-prefetch" href="//et2.xhamster.com/"> <link rel="dns-prefetch" href="//et3.xhamster.com/"> <link rel="dns-prefetch" href="//et4.xhamster.com/"> <l ...[4239 bytes skipped]... |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: sexfreeway.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 18 Sep 2014 16:11:24 GMT
Location: http://www.sexfreeway.com/
Server: nginx
Content-Length: 178
Content-Type: text/html
...178 bytes of data.
GET / HTTP/1.1
Host: sexfreeway.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 18 Sep 2014 16:11:24 GMT
Location: http://www.sexfreeway.com/
Server: nginx
Content-Length: 178
Content-Type: text/html
...178 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: sexfreeway.com
Referer: http://www.google.com/search?q=sexfreeway.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: sexfreeway.com
Referer: http://www.google.com/search?q=sexfreeway.com
Result:
The result is similar to the first query. There are no suspicious redirects found.