Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=sextropa.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: settline.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 14 Dec 2014 19:53:09 GMT
Accept-Ranges: bytes
ETag: "53562619-264"
Server: nginx
Content-Length: 612
Content-Type: text/html; charset=utf-8
Last-Modified: Tue, 22 Apr 2014 08:19:37 GMT
...612 bytes of data.
GET / HTTP/1.1
Host: settline.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 14 Dec 2014 19:53:09 GMT
Accept-Ranges: bytes
ETag: "53562619-264"
Server: nginx
Content-Length: 612
Content-Type: text/html; charset=utf-8
Last-Modified: Tue, 22 Apr 2014 08:19:37 GMT
...612 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: settline.com
Referer: http://www.google.com/search?q=settline.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: settline.com
Referer: http://www.google.com/search?q=settline.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://www.sextropa.com/ | 200 OK Content-Length: 19431 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: seksshara.net <html>
<head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1251"> <title>Ñåêñ Òðîïà - Áåñïëàòíîå ïîðíî âèäåî</title> <base target="_blank"> <style type="text/css"> .top1{ color:#FFFFFF; font-weight:bold; font-size:18pt; } .top2 { border: 1px solid #4949CC;background-color:#5F5FFF; } .tn:link{ color:#FCFF00; font-weight:bo ...[4499 bytes skipped]... | ||
http://mobapeople.com/60gzd6bhtlo5xnq3y1qz3088m8t0x0nwh69406kw4 | 200 OK Content-Length: 7974 Content-Type: text/javascript | clean |
http://www.sextropa.com/gallery.php?l=r.0.0.0.163005 | HTTP/1.1 302 Found Connection: close Date: Wed, 27 Aug 2014 02:42:29 GMT Location: http://seksshara.net/?id=sextropa.com Server: Apache/2.2.23 (CentOS) Content-Length: 0 Content-Type: text/html; charset=WINDOWS-1251 Set-Cookie: v=60; expires=Thu, 28-Aug-2014 02:42:29 GMT Set-Cookie: lv=60; expires=Thu, 28-Aug-2014 02:42:29 GMT Set-Cookie: c=1; expires=Thu, 28-Aug-2014 02:42:29 GMT Set-Cookie: rc=1 X-Powered-By: PHP/5.2.17 | malicious |
http://seksshara.net/?id=sextropa.com | 200 OK Content-Length: 19368 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: sextropa.com <html>
<head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1251"> <title>Ñåêñ Øàðà - Áåñïëàòíîå ïîðíî âèäåî</title> <base target="_blank"> <style type="text/css"> .top1{ color:#C19D30; font-weight:bold; font-size:18pt; } .top2 { border: 1px solid #484848;background-color:#0F073A; } .tn:link{ color:#FF850D; font-weight:bol ...[4499 bytes skipped]... | ||
http://seksshara.net/gallery.php?l=r.0.0.0.150410 | HTTP/1.1 302 Found Connection: close Date: Wed, 27 Aug 2014 02:42:32 GMT Location: http://adulttube.ws/?seksshara.net Server: Apache/2.2.23 (CentOS) Content-Length: 0 Content-Type: text/html; charset=WINDOWS-1251 Set-Cookie: v=181; expires=Thu, 28-Aug-2014 02:42:32 GMT Set-Cookie: lv=181; expires=Thu, 28-Aug-2014 02:42:32 GMT Set-Cookie: c=1; expires=Thu, 28-Aug-2014 02:42:32 GMT Set-Cookie: rc=1 X-Powered-By: PHP/5.2.17 | clean |
http://adulttube.ws/?seksshara.net | 200 OK Content-Length: 49645 Content-Type: text/html | clean |
http://s7.addthis.com/js/250/addthis_widget.js | 200 OK Content-Length: 6875 Content-Type: text/javascript | clean |
http://visitweb.com/v/76748 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 27 Aug 2014 02:42:33 GMT Location: http://v.gfhdkse.com/v?bid=76748 Server: nginx Content-Length: 154 Content-Type: text/html | clean |
http://v.gfhdkse.com/v?bid=76748 | 200 OK Content-Length: 61579 Content-Type: text/javascript | clean |
http://seksshara.net/471.shtml | 404 Not Found Content-Length: 286 Content-Type: text/html | clean |
http://seksshara.net/test404page.js | 404 Not Found Content-Length: 291 Content-Type: text/html | clean |
http://seksshara.net/../18_USC_2257.php | 400 Bad Request Content-Length: 305 Content-Type: text/html | clean |
http://www.sextropa.com/gallery.php?l=r.0.1.0.130267 | HTTP/1.1 302 Found Connection: close Date: Wed, 27 Aug 2014 02:42:34 GMT Location: http://pornonasos.tv Server: Apache/2.2.23 (CentOS) Content-Length: 0 Content-Type: text/html; charset=WINDOWS-1251 Set-Cookie: v=29; expires=Thu, 28-Aug-2014 02:42:34 GMT Set-Cookie: lv=29; expires=Thu, 28-Aug-2014 02:42:34 GMT Set-Cookie: c=1; expires=Thu, 28-Aug-2014 02:42:34 GMT Set-Cookie: rc=1 X-Powered-By: PHP/5.2.17 | clean |
http://pornonasos.tv/ | 200 OK Content-Length: 43867 Content-Type: text/html | clean |
http://s7.addthis.com/js/152/addthis_widget.js | 200 OK Content-Length: 7921 Content-Type: text/javascript | clean |
http://rtbweb.com/static/bc.js?p=215152&b=498550 | 200 OK Content-Length: 24667 Content-Type: application/javascript | clean |
http://www.sextropa.com/?p=nextpage | 200 OK Content-Length: 19431 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: seksshara.net <html>
<head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1251"> <title>Ñåêñ Òðîïà - Áåñïëàòíîå ïîðíî âèäåî</title> <base target="_blank"> <style type="text/css"> .top1{ color:#FFFFFF; font-weight:bold; font-size:18pt; } .top2 { border: 1px solid #4949CC;background-color:#5F5FFF; } .tn:link{ color:#FCFF00; font-weight:bo ...[4499 bytes skipped]... | ||
http://www.sextropa.com/gallery.php?l=r.0.0.0.163027 | HTTP/1.1 302 Found Connection: close Date: Wed, 27 Aug 2014 02:42:38 GMT Location: http://pupok.in Server: Apache/2.2.23 (CentOS) Content-Length: 0 Content-Type: text/html; charset=WINDOWS-1251 Set-Cookie: v=31; expires=Thu, 28-Aug-2014 02:42:38 GMT Set-Cookie: lv=31; expires=Thu, 28-Aug-2014 02:42:38 GMT Set-Cookie: c=1; expires=Thu, 28-Aug-2014 02:42:38 GMT Set-Cookie: rc=1 X-Powered-By: PHP/5.2.17 | clean |
http://pupok.in/ | 200 OK Content-Length: 34448 Content-Type: text/html | suspicious |
Suspicious code found <!-- FTT2 -->
<script type='text/javascript'> document.cookie='ftt2=YTo2OntzOjI6ImlwIjtpOjEzMTg5ODA1Nzg7czoxOiJmIjtpOjA7czoxOiJzIjtzOjU6Im5vcmVmIjtzOjE6InYiO2E6MDp7fXM6MjoiY2MiO2k6MDtzOjI6ImluIjtpOjE7fQ==; expires=Wednesday, 27-Aug-14 22:42:38 UTC; domain=.pupok.in; path=/'; var ftt_check = new Image(); var ftt_random=Math.floor(Math.random()*1000000); ftt_check.src='http://pupok.in/ftt2/check.php?t=1409107358&check=99159bd35de7c8660c351cd1e3c72d09&rand='+ftt_random; </script> | ||
http://urlrtb.com/static/bc.js?p=215151&b=498219 | 200 OK Content-Length: 24667 Content-Type: application/javascript | clean |