Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=vipxxx.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://vipxxx.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 19 Sep 2014 07:00:31 GMT Location: http://www.vipxxx.com/tube/ Server: nginx Content-Length: 360 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.vipxxx.com/tube/ | 200 OK Content-Length: 100188 Content-Type: text/html | clean |
http://www.vipxxx.com/tube/js/KernelTeamVideoSharingSystem.js?v=3.4.2 | 200 OK Content-Length: 7810 Content-Type: application/x-javascript | clean |
http://www.vipxxx.com/tube/js/KernelTeamImageRotator.js?v=3.4.2 | 200 OK Content-Length: 3004 Content-Type: application/x-javascript | clean |
http://w.sharethis.com/button/buttons.js | 200 OK Content-Length: 145774 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(typeof(stlib)=="undefined"){var stlib={}}if(!stlib.functions){stlib.functions=[];stlib.functionCount=0}stlib.global={};stlib.global.hash=document.location.href.split("#");stlib.global.hash.shift();stlib.global.hash=stlib.global.hash.join("#");stlib.dynamicOn=true;stlib.debugOn=false;stlib.debug={count:0,messages:[],debug:function(b,a){if(a&&(typeof console)!="undefined"){console.log(b)}stlib.debug.messages.push(b)},show:function(a){for(message in stlib.debug.messages){if((typeof conso Antivirus reports:
| ||
http://s.sharethis.com/loader.js | 200 OK Content-Length: 15748 Content-Type: application/x-javascript | clean |
https://ads.exoclick.com/ads.js | 200 OK Content-Length: 401 Content-Type: text/javascript | clean |
http://vipxxx.com/tube/latest-updates/2/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 19 Sep 2014 07:00:33 GMT Location: http://www.vipxxx.com/tube/latest-updates/2/ Server: nginx Content-Length: 377 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.vipxxx.com/tube/latest-updates/2/ | 200 OK Content-Length: 92716 Content-Type: text/html | clean |
http://www.vipxxx.com/tube/signup.php | 200 OK Content-Length: 13481 Content-Type: text/html | clean |
http://www.vipxxx.com/tube/js/KernelTeamVideoSharingForms.js?v=3.4.2 | 200 OK Content-Length: 21198 Content-Type: application/x-javascript | clean |
http://www.vipxxx.com/tube/login.php | 200 OK Content-Length: 11048 Content-Type: text/html | clean |
http://www.vipxxx.com/tube/login.php?action=not_allowed | 200 OK Content-Length: 11191 Content-Type: text/html | clean |
http://www.vipxxx.com/tube/latest-updates/ | 200 OK Content-Length: 93314 Content-Type: text/html | clean |
http://www.vipxxx.com/tube/top-rated/ | 200 OK Content-Length: 92865 Content-Type: text/html | clean |
http://www.vipxxx.com/tube/most-popular/ | 200 OK Content-Length: 93406 Content-Type: text/html | clean |
http://www.vipxxx.com/tube/categories/ | 200 OK Content-Length: 41871 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: vipxxx.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 19 Sep 2014 07:00:31 GMT
Location: http://www.vipxxx.com/tube/
Server: nginx
Content-Length: 360
Content-Type: text/html; charset=iso-8859-1
...360 bytes of data.
GET / HTTP/1.1
Host: vipxxx.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 19 Sep 2014 07:00:31 GMT
Location: http://www.vipxxx.com/tube/
Server: nginx
Content-Length: 360
Content-Type: text/html; charset=iso-8859-1
...360 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: vipxxx.com
Referer: http://www.google.com/search?q=vipxxx.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: vipxxx.com
Referer: http://www.google.com/search?q=vipxxx.com
Result:
The result is similar to the first query. There are no suspicious redirects found.