New scan:

Malware Scanner report for tubundas.net

Malicious/Suspicious/Total urls checked
10/0/15
10 pages have malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://tubundas.net/
200 OK
Content-Length: 67619
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var puShown = false;
function doOpen(url)
{
if ( puShown == true )
{
return true;
}
win = window.open(url, 'ljPu', 'toolbar,status,resizable,scrollbars,menubar,location,height=760,width=800');
if ( win )
{
win.blur();
puShown = true;
}

... 1078 bytes are skipped ...
if ( document.addEventListener )
{
document.addEventListener( 'click', checkTarget, false );
}
}
function checkTarget(e)
{
if ( !getCookie('popundr') ) {
var e = e || window.event;
var win = doOpen('http://www.pornofalke.info/tgp/');
setCookie('popundr', 1, 24*60*60*1000);
}
}
initPu();

Antivirus reports:

Agnitum
JS.Pornpop.Gen

http://www.tubundas.net/mobile_detect.js
200 OK
Content-Length: 4164
Content-Type: application/javascript
clean
http://adspaces.ero-advertising.com/adspace/204207.js
200 OK
Content-Length: 1210
Content-Type: application/javascript
clean
http://adspaces.ero-advertising.com/adspace/98702.js
200 OK
Content-Length: 14927
Content-Type: application/javascript
clean
http://fx.gtop.ro/js/gTOP.js?v=2
200 OK
Content-Length: 6853
Content-Type: application/x-javascript
clean
http://tubundas.net/track.js
200 OK
Content-Length: 1005
Content-Type: application/javascript
clean
http://tubundas.net/index.php
200 OK
Content-Length: 67793
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var puShown = false;
function doOpen(url)
{
if ( puShown == true )
{
return true;
}
win = window.open(url, 'ljPu', 'toolbar,status,resizable,scrollbars,menubar,location,height=760,width=800');
if ( win )
{
win.blur();
puShown = true;
}

... 1078 bytes are skipped ...
if ( document.addEventListener )
{
document.addEventListener( 'click', checkTarget, false );
}
}
function checkTarget(e)
{
if ( !getCookie('popundr') ) {
var e = e || window.event;
var win = doOpen('http://www.pornofalke.info/tgp/');
setCookie('popundr', 1, 24*60*60*1000);
}
}
initPu();

Antivirus reports:

Agnitum
JS.Pornpop.Gen

http://tubundas.net/tubundas-eve-angel-foursome--foursome.html
200 OK
Content-Length: 14793
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var puShown = false;
function doOpen(url)
{
if ( puShown == true )
{
return true;
}
win = window.open(url, 'ljPu', 'toolbar,status,resizable,scrollbars,menubar,location,height=760,width=800');
if ( win )
{
win.blur();
puShown = true;
}

... 1078 bytes are skipped ...
if ( document.addEventListener )
{
document.addEventListener( 'click', checkTarget, false );
}
}
function checkTarget(e)
{
if ( !getCookie('popundr') ) {
var e = e || window.event;
var win = doOpen('http://www.pornofalke.info/tgp/');
setCookie('popundr', 1, 24*60*60*1000);
}
}
initPu();

Antivirus reports:

Agnitum
JS.Pornpop.Gen

http://tubundas.net/tubundas.htm
200 OK
Content-Length: 13762
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var puShown = false;
function doOpen(url)
{
if ( puShown == true )
{
return true;
}
win = window.open(url, 'ljPu', 'toolbar,status,resizable,scrollbars,menubar,location,height=760,width=800');
if ( win )
{
win.blur();
puShown = true;
}

... 1078 bytes are skipped ...
if ( document.addEventListener )
{
document.addEventListener( 'click', checkTarget, false );
}
}
function checkTarget(e)
{
if ( !getCookie('popundr') ) {
var e = e || window.event;
var win = doOpen('http://www.pornofalke.info/tgp/');
setCookie('popundr', 1, 24*60*60*1000);
}
}
initPu();

Antivirus reports:

Agnitum
JS.Pornpop.Gen

http://tubundas.net/asian.htm
200 OK
Content-Length: 13689
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var puShown = false;
function doOpen(url)
{
if ( puShown == true )
{
return true;
}
win = window.open(url, 'ljPu', 'toolbar,status,resizable,scrollbars,menubar,location,height=760,width=800');
if ( win )
{
win.blur();
puShown = true;
}

... 1078 bytes are skipped ...
if ( document.addEventListener )
{
document.addEventListener( 'click', checkTarget, false );
}
}
function checkTarget(e)
{
if ( !getCookie('popundr') ) {
var e = e || window.event;
var win = doOpen('http://www.pornofalke.info/tgp/');
setCookie('popundr', 1, 24*60*60*1000);
}
}
initPu();

Antivirus reports:

Agnitum
JS.Pornpop.Gen

http://tubundas.net/pantyhose.htm
200 OK
Content-Length: 13899
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var puShown = false;
function doOpen(url)
{
if ( puShown == true )
{
return true;
}
win = window.open(url, 'ljPu', 'toolbar,status,resizable,scrollbars,menubar,location,height=760,width=800');
if ( win )
{
win.blur();
puShown = true;
}

... 1078 bytes are skipped ...
if ( document.addEventListener )
{
document.addEventListener( 'click', checkTarget, false );
}
}
function checkTarget(e)
{
if ( !getCookie('popundr') ) {
var e = e || window.event;
var win = doOpen('http://www.pornofalke.info/tgp/');
setCookie('popundr', 1, 24*60*60*1000);
}
}
initPu();

Antivirus reports:

Agnitum
JS.Pornpop.Gen

http://tubundas.net/fetish.htm
200 OK
Content-Length: 13788
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var puShown = false;
function doOpen(url)
{
if ( puShown == true )
{
return true;
}
win = window.open(url, 'ljPu', 'toolbar,status,resizable,scrollbars,menubar,location,height=760,width=800');
if ( win )
{
win.blur();
puShown = true;
}

... 1078 bytes are skipped ...
if ( document.addEventListener )
{
document.addEventListener( 'click', checkTarget, false );
}
}
function checkTarget(e)
{
if ( !getCookie('popundr') ) {
var e = e || window.event;
var win = doOpen('http://www.pornofalke.info/tgp/');
setCookie('popundr', 1, 24*60*60*1000);
}
}
initPu();

Antivirus reports:

Agnitum
JS.Pornpop.Gen

http://tubundas.net/outdoors.htm
200 OK
Content-Length: 13501
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var puShown = false;
function doOpen(url)
{
if ( puShown == true )
{
return true;
}
win = window.open(url, 'ljPu', 'toolbar,status,resizable,scrollbars,menubar,location,height=760,width=800');
if ( win )
{
win.blur();
puShown = true;
}

... 1078 bytes are skipped ...
if ( document.addEventListener )
{
document.addEventListener( 'click', checkTarget, false );
}
}
function checkTarget(e)
{
if ( !getCookie('popundr') ) {
var e = e || window.event;
var win = doOpen('http://www.pornofalke.info/tgp/');
setCookie('popundr', 1, 24*60*60*1000);
}
}
initPu();

Antivirus reports:

Agnitum
JS.Pornpop.Gen

http://tubundas.net/nothing.htm
200 OK
Content-Length: 13833
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var puShown = false;
function doOpen(url)
{
if ( puShown == true )
{
return true;
}
win = window.open(url, 'ljPu', 'toolbar,status,resizable,scrollbars,menubar,location,height=760,width=800');
if ( win )
{
win.blur();
puShown = true;
}

... 1078 bytes are skipped ...
if ( document.addEventListener )
{
document.addEventListener( 'click', checkTarget, false );
}
}
function checkTarget(e)
{
if ( !getCookie('popundr') ) {
var e = e || window.event;
var win = doOpen('http://www.pornofalke.info/tgp/');
setCookie('popundr', 1, 24*60*60*1000);
}
}
initPu();

Antivirus reports:

Agnitum
JS.Pornpop.Gen

http://tubundas.net/sissies.htm
200 OK
Content-Length: 13405
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)

var puShown = false;
function doOpen(url)
{
if ( puShown == true )
{
return true;
}
win = window.open(url, 'ljPu', 'toolbar,status,resizable,scrollbars,menubar,location,height=760,width=800');
if ( win )
{
win.blur();
puShown = true;
}

... 1078 bytes are skipped ...
if ( document.addEventListener )
{
document.addEventListener( 'click', checkTarget, false );
}
}
function checkTarget(e)
{
if ( !getCookie('popundr') ) {
var e = e || window.event;
var win = doOpen('http://www.pornofalke.info/tgp/');
setCookie('popundr', 1, 24*60*60*1000);
}
}
initPu();

Antivirus reports:

Agnitum
JS.Pornpop.Gen


Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: tubundas.net

Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 09 Oct 2014 22:24:45 GMT
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: tubundas.net
Referer: http://www.google.com/search?q=tubundas.net

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=tubundas.net

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tubundas.net/

Result: tubundas.net is not infected or malware details are not published yet.