Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=xvideo-deutsch.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://xvideo-deutsch.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://xvideo-deutsch.com/ | 200 OK Content-Length: 32447 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: images.pornorio.com <!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title>Xvideo Pornos auf deutsch</title> <meta name="keywords" content="xvideo, pornos, deutsch" /> <meta name="description" content="Xvideo Pornos auf deutsch gratis schauen oder runterladen. Xvideo deutsch ist die erste deutsch ...[4195 bytes skipped]... | ||
http://s1x.slimtrade.com/s2799.js | 200 OK Content-Length: 8939 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: zwei.in eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('g p=w P("3E.T (N)","2I 1J (N)","3A L (55)","4b K (46)","4a 3Z (33)","4s 1q (27)","4A 1J (24)","4E 4t (24)","4x 4R 3X! (17)","3W 1r 3R (14)","3Q (11)","3S.3T (10)","1B 1t (9)","3V K (8)","3U 4d (7)","4m L (7)","1B 4l (6)","4n (6)","4o ( ...[3554 bytes skipped]... Decoded script: var stTrName=new Array("zwei.in (86)","Xtube Porno (86)","Tini porn (55)","Inzest Tube (46)","Sunporno German (33)","Jovencitas Gratis (27)","Badjojo Porno (24)","Empflix Pornoflme (24)","Fuck me Son! (17)","Vater fickt Tochter (14)","Entjungfert (11)","MyDirtyPorn.To (10)","Japanese Porn (9)","Geile Tube (8)","Cliti TV (7)","Xvideo porn (7)","Japanese Sex (6)","Tinipornos (6)","Japansex (5)","xxx videos br (5)","Gratis Muschis (4)","Fuq Pornos (4)","SPICY AMATEUR PORN (4) ...[16957 bytes skipped]... | ||
http://xvideo-deutsch.com/media/js/global.js | 200 OK Content-Length: 108097 Content-Type: application/javascript | clean |
http://adspaces.ero-advertising.com/adspace/203943.js | 200 OK Content-Length: 1281 Content-Type: application/javascript | clean |
http://spaces.slimspots.com/slimspace/308.js | 200 OK Content-Length: 1340 Content-Type: text/javascript | clean |
http://adspaces.ero-advertising.com/adspace/203944.js | 200 OK Content-Length: 1292 Content-Type: application/javascript | clean |
http://spaces.slimspots.com/slimspace/330.js | 200 OK Content-Length: 44 Content-Type: text/html | clean |
http://spaces.slimspots.com/test404page.js | 404 Not Found Content-Length: 345 Content-Type: text/html | clean |
http://spaces.slimspots.com/slimspace/125.js | 200 OK Content-Length: 2903 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: xvideo-deutsch.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 21 Sep 2014 05:33:24 GMT
Pragma: no-cache
Server: lighttpd/1.4.28
Content-Type: text/html
Expires: Tue, 21 Oct 2014 05:33:24 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=tldbhb2gemgq4fb6kurvt3ih95; path=/
Set-Cookie: ck=1; expires=Wed, 16-Sep-2015 05:33:24 GMT; path=/; domain=xvideo-deutsch.com
X-Powered-By: PHP/5.3.3-7+squeeze14
GET / HTTP/1.1
Host: xvideo-deutsch.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 21 Sep 2014 05:33:24 GMT
Pragma: no-cache
Server: lighttpd/1.4.28
Content-Type: text/html
Expires: Tue, 21 Oct 2014 05:33:24 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=tldbhb2gemgq4fb6kurvt3ih95; path=/
Set-Cookie: ck=1; expires=Wed, 16-Sep-2015 05:33:24 GMT; path=/; domain=xvideo-deutsch.com
X-Powered-By: PHP/5.3.3-7+squeeze14
Second query (visit from search engine):
GET / HTTP/1.1
Host: xvideo-deutsch.com
Referer: http://www.google.com/search?q=xvideo-deutsch.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: xvideo-deutsch.com
Referer: http://www.google.com/search?q=xvideo-deutsch.com
Result:
The result is similar to the first query. There are no suspicious redirects found.