Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=votzen-tube.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://votzen-tube.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://votzen-tube.com/ | 200 OK Content-Length: 27322 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: px.pornorio.com ...[1118 bytes skipped]... <meta name="ero_verify" content="58f8246bf3ece6747e1df9b72fda60e9" /> <link rel="stylesheet" href="/media/css/main.css" type="text/css" media="screen" /> <script type="text/javascript" src="http://s1x.slimtrade.com/s3111.js"></script> <script type="text/javascript" src="/media/js/global.js"></script> <script type="text/javascript" src="http://px.pornorio.com/paref.js?s=3111"></script> <script type="text/javascript">var STRADE_ID=3111;var STRADE_GALLERY=50;var SRADE_OUT;var stLinkNoFollow=true;var stNewWindow=true;</script> </head> <body onunload="anti();"> <div id="wrapper"> <div id="header"> <div id="header_content"> <div id="logo"> <a href="http://votzen-tube.com" title="Votzen Filme"><img a ...[2542 bytes skipped]... | ||
http://s1x.slimtrade.com/s3111.js | 200 OK Content-Length: 5962 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: badjojo-porno.com eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('e m=w I("2M 1s (5)","2L 1s (3)","2K 2I (0)","2J (0)","2N 2O (0)","2S 2R (0)");e u=w I("k://2Q-X.p","k://2P-X.p","k://2H-2G.p","k://2y.p","k://2x-2w.2u","k://2v-2z.p");e L=w I("46,33,10","6,10,4","1,2,1","1,8,0","1,1,0","2,0,0","1,2,0","1,1, ...[3589 bytes skipped]... Decoded script: var stTrName=new Array("Xtube Porno (5)","Badjojo Porno (3)","Gratis Muschis (0)","Inzestmuschis (0)","Mutter Tochter (0)","Xvideo Deutsch (0)");var stTrUrl=new Array("http://xtube-porno.com","http://badjojo-porno.com","http://gratis-muschis.com","http://inzestmuschis.com","http://mutter-tochter.net","http://xvideo-deutsch.com");var stTrValues=new Array("46,33,10","6,10,4","1,2,1","1,8,0","1,1,0","2,0,0","1,2,0","1,1,0","1,1,0","2,1,0","1,2,0","3,1,0","2,1,0","3,2,0","1,2,0","1,1,0","19,20,9","15,23,61","8,7,1","7,6,6","7,7,1","6,4,0","4,20,0","4,4,0","2,3,1","2,1,0","2,1,0","2,1,1","1,9,0","1,1,0","1,2,0","1,10,1","66,135,155","28,109,146","40,103,1 ...[10952 bytes skipped]... | ||
http://votzen-tube.com/media/js/global.js | 200 OK Content-Length: 107423 Content-Type: application/javascript | clean |
http://px.pornorio.com/paref.js?s=3111 | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://px.pornorio.com/test404page.js | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://spaces.slimspots.com/slimspace/200.js | 200 OK Content-Length: 1340 Content-Type: text/javascript | clean |
http://adspaces.ero-advertising.com/adspace/209965.js | 200 OK Content-Length: 1290 Content-Type: application/javascript | clean |
http://spaces.slimspots.com/slimspace/361.js | 200 OK Content-Length: 44 Content-Type: text/html | clean |
http://spaces.slimspots.com/slimspace/202.js | 200 OK Content-Length: 2904 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: votzen-tube.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 21 Sep 2014 07:41:27 GMT
Pragma: no-cache
Server: lighttpd/1.4.31
Content-Type: text/html
Expires: Tue, 21 Oct 2014 07:41:27 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=qtgv0assob11g7bcamuimkdd71; path=/
Set-Cookie: ck=1; expires=Wed, 16-Sep-2015 07:41:27 GMT; path=/; domain=votzen-tube.com
X-Powered-By: PHP/5.4.4-14
GET / HTTP/1.1
Host: votzen-tube.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 21 Sep 2014 07:41:27 GMT
Pragma: no-cache
Server: lighttpd/1.4.31
Content-Type: text/html
Expires: Tue, 21 Oct 2014 07:41:27 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=qtgv0assob11g7bcamuimkdd71; path=/
Set-Cookie: ck=1; expires=Wed, 16-Sep-2015 07:41:27 GMT; path=/; domain=votzen-tube.com
X-Powered-By: PHP/5.4.4-14
Second query (visit from search engine):
GET / HTTP/1.1
Host: votzen-tube.com
Referer: http://www.google.com/search?q=votzen-tube.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: votzen-tube.com
Referer: http://www.google.com/search?q=votzen-tube.com
Result:
The result is similar to the first query. There are no suspicious redirects found.