New scan:

Malware Scanner report for tour.hellfiresex.com

Malicious/Suspicious/Total urls checked
0/0/21
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: tour.hellfiresex.com

Result:
HTTP/1.1 200 OK
Cache-Control: max-age=315360000
Connection: close
Date: Fri, 03 Oct 2014 20:21:43 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 31 Dec 2037 23:55:55 GMT
X-Powered-By: PHP/5.3.8-pl0-gentoo
Second query (visit from search engine):
GET / HTTP/1.1
Host: tour.hellfiresex.com
Referer: http://www.google.com/search?q=tour.hellfiresex.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Scanned pages/files

RequestServer responseStatus
http://tour.hellfiresex.com/
HTTP/1.1 200 OK
Cache-Control: max-age=315360000
Connection: close
Date: Fri, 03 Oct 2014 20:21:43 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 31 Dec 2037 23:55:55 GMT
X-Powered-By: PHP/5.3.8-pl0-gentoo
clean
http://tour.meatmembers.com/a/index1.php
HTTP/1.1 302 Found
Cache-Control: max-age=315360000
Connection: close
Date: Fri, 03 Oct 2014 20:21:43 GMT
Location: http://advidi.optimuum.com/292f0126855ebddf/cd?aff_id=853&aff_sub=
Server: nginx
Content-Length: 0
Content-Type: text/html
Expires: Thu, 31 Dec 2037 23:55:55 GMT
clean
http://advidi.optimuum.com/292f0126855ebddf/cd?aff_id=853&aff_sub=
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Fri, 03 Oct 2014 20:21:43 GMT
Location: http://www1.advidi.optimuum.com/292f0126855ebddf/cd?aff_id=853&aff_sub=
Server: nginx
Content-Length: 154
Content-Type: text/html
X-Who: www1
clean
http://www1.advidi.optimuum.com/292f0126855ebddf/cd?aff_id=853&aff_sub=
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Fri, 03 Oct 2014 20:21:44 GMT
Location: http://insanetrack.com/?c=3856&a=853&s1=&s5=VID-onx%2FmcEAblCUuG1J6iKH3w%3D%3D-OaX8AKOIjDDm3Okm84RZFg%3D%3D-1412367704
Server: nginx
Content-Length: 0
Content-Type: text/html;charset=utf-8
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Who: www1
X-XSS-Protection: 1; mode=block
clean
http://insanetrack.com/?c=3856&a=853&s1=&s5=vid-onx%2fmceablcuug1j6ikh3w%3d%3d-oax8akoijddm3okm84rzfg%3d%3d-1412367704
HTTP/1.1 302 Found
Cache-Control: private
Date: Fri, 03 Oct 2014 20:21:40 GMT
Location: http://www.fling.com/enter.php?prg=1&t=zgffling3&id=advidi&cmp=120617663&ad_id=853
Server: Microsoft-IIS/8.0
Content-Length: 215
Content-Type: text/html; charset=utf-8
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: .sess=ypsp1kmopq1zr2mxycm2ytvz; path=/; HttpOnly
Set-Cookie: sid=BnM72zxkxveHQguTNDZqkPjaYOqLIo4Lk7bOViSDj8/f6eFryJ3XIg==; domain=.insanetrack.com; path=/; HttpOnly
Set-Cookie: trk=SD2V7sOnOfRpGfvoAunzlXrM9s4H1iqivoEaUcMzUlKaS9Q+m3IAtw==; domain=.insanetrack.com; expires=Thu, 03-Oct-2019 20:21:41 GMT; path=/; HttpOnly
Set-Cookie: c4=BnM72zxkxvc7U39e/gqjRn7GXSjUJwyN1irBf7YP9Zmr4AaRmzbZlQ==; domain=.insanetrack.com; expires=Sun, 02-Nov-2014 21:21:41 GMT; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
clean
http://www.fling.com/enter.php?prg=1&t=zgffling3&id=advidi&cmp=120617663&ad_id=853
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 03 Oct 2014 20:21:44 GMT
Location: /tour/zgffling3/?prg=1&id=advidi&tour=zgffling3&ot=zgffling3&cmp=120617663&ad_id=853&utm_source=advidi&utm_medium=120617663&utm_content=853&utm_campaign=zgffling3
Server: nginx
Content-Type: text/html; charset=utf-8
Set-Cookie: l10n_lang=en; expires=Fri, 31-Oct-2014 20:21:44 GMT; path=/; domain=.fling.com
Set-Cookie: ps7_crumb=W1siMSIsImFkdmlkaSIsIjIwMTQtMTAtMDMiLCI4NTMiLCIxMjA2MTc2NjMiXV0%3D; expires=Sat, 03-Oct-2015 20:21:44 GMT; path=/; domain=.fling.com
Set-Cookie: mobile_settings=a%3A1%3A%7Bs%3A6%3A%22isipad%22%3Bb%3A0%3B%7D; path=/; domain=.fling.com
Set-Cookie: mobile_settings=a%3A1%3A%7Bs%3A11%3A%22isandroidos%22%3Bb%3A0%3B%7D; path=/; domain=.fling.com
Set-Cookie: mobile_settings=a%3A1%3A%7Bs%3A7%3A%22default%22%3Bb%3A0%3B%7D; path=/; domain=.fling.com
Set-Cookie: fl_ref_url=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.fling.com
clean
http://www.fling.com/test404page.js
200 OK
Content-Length: 49870
Content-Type: text/html
clean
http://cachewp.fling.com/js/1400260746/index_page.js
200 OK
Content-Length: 6896
Content-Type: application/x-javascript
clean
http://www.fling.com/js/jquery.js
200 OK
Content-Length: 96837
Content-Type: application/x-javascript
clean
http://cachewp.fling.com/js/1405672159/public.js
200 OK
Content-Length: 98576
Content-Type: application/x-javascript
clean
http://www.fling.com/tour/js/jquery.colorbox.js
200 OK
Content-Length: 27813
Content-Type: application/x-javascript
clean
http://cachewp.fling.com/tour/js/jquery.cycle.all.js
200 OK
Content-Length: 36449
Content-Type: application/x-javascript
clean
https://mpsnare.iesnare.com/snare.js
200 OK
Content-Length: 35712
Content-Type: text/javascript
clean
http://www.fling.com/js/static_wdp.js
200 OK
Content-Length: 30899
Content-Type: application/x-javascript
clean
http://www.fling.com/iojs/4.1.1/dyn_wdp.js
201 Created
Content-Length: 1085
Content-Type: text/javascript
clean
http://www.fling.com/
200 OK
Content-Length: 49888
Content-Type: text/html
clean
http://www.fling.com/main.php?a=user.forgotpassword
200 OK
Content-Length: 12928
Content-Type: text/html
clean
http://www.fling.com/members/user/register
200 OK
Content-Length: 14644
Content-Type: text/html
clean
http://cachewp.fling.com/js/1405672159/registration.js
200 OK
Content-Length: 105439
Content-Type: application/x-javascript
clean
http://www.fling.com/main.php?a=user.login
200 OK
Content-Length: 12798
Content-Type: text/html
clean
http://www.fling.com/members/user/register?p=home
200 OK
Content-Length: 14553
Content-Type: text/html
clean

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=tour.hellfiresex.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tour.hellfiresex.com/

Result: tour.hellfiresex.com is not infected or malware details are not published yet.