Scanned pages/files
Request | Server response | Status |
http://tubundas.net/ | 200 OK Content-Length: 67619 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var puShown = false; function doOpen(url) { if ( puShown == true ) { return true; } win = window.open(url, 'ljPu', 'toolbar,status,resizable,scrollbars,menubar,location,height=760,width=800'); if ( win ) { win.blur(); puShown = true; } { document.addEventListener( 'click', checkTarget, false ); } } function checkTarget(e) { if ( !getCookie('popundr') ) { var e = e || window.event; var win = doOpen('http://www.pornofalke.info/tgp/'); setCookie('popundr', 1, 24*60*60*1000); } } initPu(); Antivirus reports:
| ||
http://www.tubundas.net/mobile_detect.js | 200 OK Content-Length: 4164 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/204207.js | 200 OK Content-Length: 1210 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/98702.js | 200 OK Content-Length: 14927 Content-Type: application/javascript | clean |
http://fx.gtop.ro/js/gTOP.js?v=2 | 200 OK Content-Length: 6853 Content-Type: application/x-javascript | clean |
http://tubundas.net/track.js | 200 OK Content-Length: 1005 Content-Type: application/javascript | clean |
http://tubundas.net/index.php | 200 OK Content-Length: 67793 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var puShown = false; function doOpen(url) { if ( puShown == true ) { return true; } win = window.open(url, 'ljPu', 'toolbar,status,resizable,scrollbars,menubar,location,height=760,width=800'); if ( win ) { win.blur(); puShown = true; } { document.addEventListener( 'click', checkTarget, false ); } } function checkTarget(e) { if ( !getCookie('popundr') ) { var e = e || window.event; var win = doOpen('http://www.pornofalke.info/tgp/'); setCookie('popundr', 1, 24*60*60*1000); } } initPu(); Antivirus reports:
| ||
http://tubundas.net/tubundas-eve-angel-foursome--foursome.html | 200 OK Content-Length: 14793 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var puShown = false; function doOpen(url) { if ( puShown == true ) { return true; } win = window.open(url, 'ljPu', 'toolbar,status,resizable,scrollbars,menubar,location,height=760,width=800'); if ( win ) { win.blur(); puShown = true; } { document.addEventListener( 'click', checkTarget, false ); } } function checkTarget(e) { if ( !getCookie('popundr') ) { var e = e || window.event; var win = doOpen('http://www.pornofalke.info/tgp/'); setCookie('popundr', 1, 24*60*60*1000); } } initPu(); Antivirus reports:
| ||
http://tubundas.net/tubundas.htm | 200 OK Content-Length: 13762 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var puShown = false; function doOpen(url) { if ( puShown == true ) { return true; } win = window.open(url, 'ljPu', 'toolbar,status,resizable,scrollbars,menubar,location,height=760,width=800'); if ( win ) { win.blur(); puShown = true; } { document.addEventListener( 'click', checkTarget, false ); } } function checkTarget(e) { if ( !getCookie('popundr') ) { var e = e || window.event; var win = doOpen('http://www.pornofalke.info/tgp/'); setCookie('popundr', 1, 24*60*60*1000); } } initPu(); Antivirus reports:
| ||
http://tubundas.net/asian.htm | 200 OK Content-Length: 13689 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var puShown = false; function doOpen(url) { if ( puShown == true ) { return true; } win = window.open(url, 'ljPu', 'toolbar,status,resizable,scrollbars,menubar,location,height=760,width=800'); if ( win ) { win.blur(); puShown = true; } { document.addEventListener( 'click', checkTarget, false ); } } function checkTarget(e) { if ( !getCookie('popundr') ) { var e = e || window.event; var win = doOpen('http://www.pornofalke.info/tgp/'); setCookie('popundr', 1, 24*60*60*1000); } } initPu(); Antivirus reports:
| ||
http://tubundas.net/pantyhose.htm | 200 OK Content-Length: 13899 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var puShown = false; function doOpen(url) { if ( puShown == true ) { return true; } win = window.open(url, 'ljPu', 'toolbar,status,resizable,scrollbars,menubar,location,height=760,width=800'); if ( win ) { win.blur(); puShown = true; } { document.addEventListener( 'click', checkTarget, false ); } } function checkTarget(e) { if ( !getCookie('popundr') ) { var e = e || window.event; var win = doOpen('http://www.pornofalke.info/tgp/'); setCookie('popundr', 1, 24*60*60*1000); } } initPu(); Antivirus reports:
| ||
http://tubundas.net/fetish.htm | 200 OK Content-Length: 13788 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var puShown = false; function doOpen(url) { if ( puShown == true ) { return true; } win = window.open(url, 'ljPu', 'toolbar,status,resizable,scrollbars,menubar,location,height=760,width=800'); if ( win ) { win.blur(); puShown = true; } { document.addEventListener( 'click', checkTarget, false ); } } function checkTarget(e) { if ( !getCookie('popundr') ) { var e = e || window.event; var win = doOpen('http://www.pornofalke.info/tgp/'); setCookie('popundr', 1, 24*60*60*1000); } } initPu(); Antivirus reports:
| ||
http://tubundas.net/outdoors.htm | 200 OK Content-Length: 13501 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var puShown = false; function doOpen(url) { if ( puShown == true ) { return true; } win = window.open(url, 'ljPu', 'toolbar,status,resizable,scrollbars,menubar,location,height=760,width=800'); if ( win ) { win.blur(); puShown = true; } { document.addEventListener( 'click', checkTarget, false ); } } function checkTarget(e) { if ( !getCookie('popundr') ) { var e = e || window.event; var win = doOpen('http://www.pornofalke.info/tgp/'); setCookie('popundr', 1, 24*60*60*1000); } } initPu(); Antivirus reports:
| ||
http://tubundas.net/nothing.htm | 200 OK Content-Length: 13833 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var puShown = false; function doOpen(url) { if ( puShown == true ) { return true; } win = window.open(url, 'ljPu', 'toolbar,status,resizable,scrollbars,menubar,location,height=760,width=800'); if ( win ) { win.blur(); puShown = true; } { document.addEventListener( 'click', checkTarget, false ); } } function checkTarget(e) { if ( !getCookie('popundr') ) { var e = e || window.event; var win = doOpen('http://www.pornofalke.info/tgp/'); setCookie('popundr', 1, 24*60*60*1000); } } initPu(); Antivirus reports:
| ||
http://tubundas.net/sissies.htm | 200 OK Content-Length: 13405 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var puShown = false; function doOpen(url) { if ( puShown == true ) { return true; } win = window.open(url, 'ljPu', 'toolbar,status,resizable,scrollbars,menubar,location,height=760,width=800'); if ( win ) { win.blur(); puShown = true; } { document.addEventListener( 'click', checkTarget, false ); } } function checkTarget(e) { if ( !getCookie('popundr') ) { var e = e || window.event; var win = doOpen('http://www.pornofalke.info/tgp/'); setCookie('popundr', 1, 24*60*60*1000); } } initPu(); Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tubundas.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 09 Oct 2014 22:24:45 GMT
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: tubundas.net
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 09 Oct 2014 22:24:45 GMT
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: tubundas.net
Referer: http://www.google.com/search?q=tubundas.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tubundas.net
Referer: http://www.google.com/search?q=tubundas.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tubundas.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://tubundas.net/
Result: tubundas.net is not infected or malware details are not published yet.
Result: tubundas.net is not infected or malware details are not published yet.