Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=teddy-sex.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://teddy-sex.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://teddy-sex.com/ | 200 OK Content-Length: 29109 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: px.pornorio.com ...[1084 bytes skipped]... <meta name="ero_verify" content="fe6763aa0433b3500bb4abb31dbb777f" /> <link rel="stylesheet" href="/media/css/main.css" type="text/css" media="screen" /> <script type="text/javascript" src="http://s1x.slimtrade.com/s3108.js"></script> <script type="text/javascript" src="/media/js/global.js"></script> <script type="text/javascript" src="http://px.pornorio.com/paref.js?s=3108"></script> <script type="text/javascript">var STRADE_ID=3108;var STRADE_GALLERY=50;var SRADE_OUT;var stLinkNoFollow=true;var stNewWindow=true;</script> </head> <body onunload="anti();"> <div id="wrapper_aussen"> <div id="wrapper"> <h1 id="site_title">Teddysex die Porno Seite für die besten Teen Pornos</h1> <div id="header ...[2610 bytes skipped]... | ||
http://s1x.slimtrade.com/s3108.js | 200 OK Content-Length: 8214 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: glamourfick.com eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('e p=y O("3q 1w (19)","3r 1w (5)","1A.j (5)","3p 3o (2)","3l 1F (1)","3m 1S (0)","3n 1F (0)","3s 1S (0)","3t 3z (0)","3A 3y (0)");e x=y O("i://3x-1C.j","i://3u-1C.j","i://1A.j","i://3v.j","i://3w-1E.j","i://3k-1J.1M","i://3j-1E.1M","i://2Y- ...[3574 bytes skipped]... Decoded script: var stTrName=new Array("Tube8 Italiano (19)","Youjizz Italiano (5)","glamourfick.com (5)","Fruehreife Teenfotzen (2)","Mehrsprachige Pornos (1)","Natursekt Porno (0)","Vagosex Pornos (0)","Xtube Porno (0)","Xvideo Deutsch (0)","Blowjob Arena (0)");var stTrUrl=new Array("http://tube8-italiano.com","http://youjizz-italiano.com","http://glamourfick.com","http://fruehreif.com","http://mehrsprachige-pornos.com","http://natursekt-porno.net","http://vagosex-pornos.net","http://xtube-porno.com","http://xvideo-deutsch.com","http: ...[15208 bytes skipped]... | ||
http://teddy-sex.com/media/js/global.js | 200 OK Content-Length: 107423 Content-Type: application/javascript | clean |
http://px.pornorio.com/paref.js?s=3108 | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://px.pornorio.com/test404page.js | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://spaces.slimspots.com/slimspace/185.js | 200 OK Content-Length: 1340 Content-Type: text/javascript | clean |
http://adspaces.ero-advertising.com/adspace/210988.js | 200 OK Content-Length: 1292 Content-Type: application/javascript | clean |
http://spaces.slimspots.com/slimspace/356.js | 200 OK Content-Length: 44 Content-Type: text/html | clean |
http://spaces.slimspots.com/slimspace/187.js | 200 OK Content-Length: 2904 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: teddy-sex.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 21 Sep 2014 03:27:30 GMT
Pragma: no-cache
Server: lighttpd/1.4.31
Content-Type: text/html
Expires: Tue, 21 Oct 2014 03:27:30 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=odv8qk1fj97e5dpbcuibrb9tu3; path=/
Set-Cookie: ck=1; expires=Wed, 16-Sep-2015 03:27:30 GMT; path=/; domain=teddy-sex.com
X-Powered-By: PHP/5.4.4-14
GET / HTTP/1.1
Host: teddy-sex.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 21 Sep 2014 03:27:30 GMT
Pragma: no-cache
Server: lighttpd/1.4.31
Content-Type: text/html
Expires: Tue, 21 Oct 2014 03:27:30 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=odv8qk1fj97e5dpbcuibrb9tu3; path=/
Set-Cookie: ck=1; expires=Wed, 16-Sep-2015 03:27:30 GMT; path=/; domain=teddy-sex.com
X-Powered-By: PHP/5.4.4-14
Second query (visit from search engine):
GET / HTTP/1.1
Host: teddy-sex.com
Referer: http://www.google.com/search?q=teddy-sex.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: teddy-sex.com
Referer: http://www.google.com/search?q=teddy-sex.com
Result:
The result is similar to the first query. There are no suspicious redirects found.