Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: xtube.net.co
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 09 May 2015 14:53:46 GMT
Location: http://www.xtube.net.co/
Server: cloudflare-nginx
Content-Type: text/html; charset=iso-8859-1
CF-RAY: 1e3e3c5a2df50a48-ARN
Set-Cookie: __cfduid=dfec9ed4ea82e24227c05e947ac5771231431183225; expires=Sun, 08-May-16 14:53:45 GMT; path=/; domain=.xtube.net.co; HttpOnly
X-Cache: HIT from Backend
GET / HTTP/1.1
Host: xtube.net.co
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 09 May 2015 14:53:46 GMT
Location: http://www.xtube.net.co/
Server: cloudflare-nginx
Content-Type: text/html; charset=iso-8859-1
CF-RAY: 1e3e3c5a2df50a48-ARN
Set-Cookie: __cfduid=dfec9ed4ea82e24227c05e947ac5771231431183225; expires=Sun, 08-May-16 14:53:45 GMT; path=/; domain=.xtube.net.co; HttpOnly
X-Cache: HIT from Backend
Second query (visit from search engine):
GET / HTTP/1.1
Host: xtube.net.co
Referer: http://www.google.com/search?q=xtube.net.co
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: xtube.net.co
Referer: http://www.google.com/search?q=xtube.net.co
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://xtube.net.co/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 09 May 2015 14:53:46 GMT Location: http://www.xtube.net.co/ Server: cloudflare-nginx Content-Type: text/html; charset=iso-8859-1 CF-RAY: 1e3e3c5a2df50a48-ARN Set-Cookie: __cfduid=dfec9ed4ea82e24227c05e947ac5771231431183225; expires=Sun, 08-May-16 14:53:45 GMT; path=/; domain=.xtube.net.co; HttpOnly X-Cache: HIT from Backend | clean |
http://www.xtube.net.co/ | 200 OK Content-Length: 66420 Content-Type: text/html | clean |
http://ads.juicyads.com/jsclients/jam_min.js | 200 OK Content-Length: 21397 Content-Type: application/x-javascript | clean |
http://www.xtube.net.co/js/html5.js | 200 OK Content-Length: 392 Content-Type: application/javascript | clean |
http://www.xtube.net.co/js/jquery-1.6.1.min.js | 200 OK Content-Length: 91342 Content-Type: application/javascript | clean |
http://www.xtube.net.co/js/jquery-ui-1.8.18.custom.min.js | 200 OK Content-Length: 210423 Content-Type: application/javascript | clean |
http://www.xtube.net.co/js/jquery.easing.min.js | 200 OK Content-Length: 8299 Content-Type: application/javascript | clean |
http://www.xtube.net.co/js/cbox/jquery.colorbox.js | 200 OK Content-Length: 12577 Content-Type: application/javascript | clean |
http://ads.juicyads.com/jsclients/jac.js | 200 OK Content-Length: 91344 Content-Type: application/x-javascript | clean |
http://www.xtube.net.co/js/mobile_detect.js | 200 OK Content-Length: 4174 Content-Type: application/javascript | clean |
http://xtube.net.co/page2.html | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 09 May 2015 14:53:52 GMT Location: http://www.xtube.net.co/page2.html Server: cloudflare-nginx Content-Type: text/html; charset=iso-8859-1 CF-RAY: 1e3e3c7ec6f50a60-ARN Set-Cookie: __cfduid=d38b871d2d33a2507c4868e635740e3c91431183231; expires=Sun, 08-May-16 14:53:51 GMT; path=/; domain=.xtube.net.co; HttpOnly | clean |
http://www.xtube.net.co/page2.html | 200 OK Content-Length: 64947 Content-Type: text/html | clean |
http://www.xtube.net.co/login | 200 OK Content-Length: 11639 Content-Type: text/html | clean |
http://www.xtube.net.co/signup | 200 OK Content-Length: 11847 Content-Type: text/html | clean |
http://www.xtube.net.co/most-recent/ | 200 OK Content-Length: 66730 Content-Type: text/html | clean |
http://www.xtube.net.co/most-viewed/ | 200 OK Content-Length: 65580 Content-Type: text/html | clean |
http://www.xtube.net.co/longest/ | 200 OK Content-Length: 62931 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=xtube.net.co
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://xtube.net.co/
Result: xtube.net.co is not infected or malware details are not published yet.
Result: xtube.net.co is not infected or malware details are not published yet.