Jump to content

Checking if a website is malicious


enquire

Recommended Posts

I have an interesting real-life situation here.  First of all, I don't want to do anything illegal here. So please don't suggest any aggressive hacks.

 

There is some outfit that has been spamming Periscope with hard-core porn and trying to lure people back to their site (some sort of honey-trap scheme). They have various urls they use. These get redirected a few times and, as far as I can tell, eventually end up on the same landing page. I'm faily sure this site either collects credentials, loads malware, or does something else nefarious.

I have reported this to periscope a number times but only recieve a "thankyou for contacting us" message.

So, I want to confirm what this site does. If it is doing something bad I can report it to the FBI, CERT, or whoever investigates cybercrime.

Can anyone give me some pointers on seeing what a site does in the background when you visit it?

Is Burpsuite the way to go?

Again, nothing illegal. I just want to view the way it interacts with me (the end user).

 

Link to comment
Share on other sites

Everything you report suggests the site is not on the up and up.  I would report it to the FBI, no harm in it. They can figure out what is going on.  ISP's and government agencies do not necessarily respond with what they are doing in response.   It doesn't hurt to tell more people.   Without probing and doing things that might be considered illegal - i doubt there is much of a way to determine specifically what is going on behind the scenes. However, the FBI has those means and can get that authority.

Link to comment
Share on other sites

Try loading it in virustotal or googles safe browsing search - https://transparencyreport.google.com/safe-browsing/search

If it is malicious, virustotal might be able to detect some stuff, or it may already be listed as unsafe, but you can also report sites that are unsafe if you have proof :

https://safebrowsing.google.com/safebrowsing/report_badware/

Link to comment
Share on other sites

On 12/13/2017 at 7:50 PM, digip said:

#dontclickshit and you shouldn't have any issues(for the most part).

I totally agree. However, this was being pushed out to an app that kids use.

I gathered some basic "publicly accessible" data and forwarded it to the FBI.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...