Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=nudestar.su
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://nudestar.su/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://nudestar.su/ | 200 OK Content-Length: 73130 Content-Type: text/html | clean |
http://www.nudestar.su/js/thumbchange.js | 200 OK Content-Length: 1159 Content-Type: application/x-javascript | clean |
http://v.myads.ru/v/45082 | 200 OK Content-Length: 62441 Content-Type: text/javascript | clean |
http://v.visitweb.com/v/45097 | 200 OK Content-Length: 62441 Content-Type: text/javascript | clean |
http://gredinatib.info/viewt.js | 200 OK Content-Length: 20987 Content-Type: application/x-javascript | clean |
http://crateac.com/51pf0032/8ba283e61b | 200 OK Content-Length: 8226 Content-Type: application/javascript | clean |
http://www.znews.su/user/1752/nudestar.su_inf_1.php | 200 OK Content-Length: 4563 Content-Type: text/html | clean |
http://www.znews.su/go_slin.php?id=43297&sour=1752 | HTTP/1.1 302 Found Connection: close Date: Mon, 01 Sep 2014 13:17:21 GMT Location: /go_news.php?id=1752&news=43297 Server: nginx/1.1.19 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html X-Powered-By: PHP/5.3.10-1ubuntu3.7 | clean |
http://www.znews.su/go_news.php?id=1752&news=43297 | 200 OK Content-Length: 91060 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: v2mlbrown.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1251" /> <title>Ñàìîå ïîïóëÿðíûå íîâîñòè - ZNews</title> <meta name="description" content="Ñàìîå ïîïóëÿðíûå íîâîñòè - ZNews" /> <meta name="keywo ...[4423 bytes skipped]... | ||
http://www.znews.su/user/1787/znews.su_inf_2.php | 200 OK Content-Length: 1931 Content-Type: text/html | clean |
http://www.znews.su/go_news.php?id=1787&news=42792&no_x=1 | 200 OK Content-Length: 82880 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: v2mlbrown.com <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1251" /> <title>Ñàìîå ïîïóëÿðíûå íîâîñòè - ZNews</title> <meta name="description" content="Ñàìîå ïîïóëÿðíûå íîâîñòè - ZNews" /> <meta name="keywo ...[4423 bytes skipped]... | ||
http://bestevernews.com/viewt.js | 200 OK Content-Length: 20987 Content-Type: application/x-javascript | clean |
http://v2mlbrown.com/?acc=21197&waponly=yes&zona=0&landing=xcust | 200 OK Content-Length: 114 Content-Type: text/html | clean |
http://v2mlbrown.com/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://lookfornews.net/viewt.js | 200 OK Content-Length: 20987 Content-Type: application/x-javascript | clean |
http://www.znews.su/user/1787/znews.su_inf_4.php | 200 OK Content-Length: 9750 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: nudestar.su
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 01 Sep 2014 13:17:18 GMT
Server: nginx
Content-Type: text/html; charset=cp1251
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: nudestar.su
Result:
HTTP/1.1 200 OK
Connection: close
Date: Mon, 01 Sep 2014 13:17:18 GMT
Server: nginx
Content-Type: text/html; charset=cp1251
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: nudestar.su
Referer: http://www.google.com/search?q=nudestar.su
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: nudestar.su
Referer: http://www.google.com/search?q=nudestar.su
Result:
The result is similar to the first query. There are no suspicious redirects found.