Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=badoo.net.br
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://badoo.net.br/
Result: The website is marked by Yandex as SMS-fraud resource. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as SMS-fraud resource. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://badoo.net.br/ | 200 OK Content-Length: 68346 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: corp.net.br <!DOCTYPE html> <html lang="lt" dir="ltr"> <meta http-equiv="Content-type" content="text/html;charset=utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"> <script> var $s={"auth":0,"country":"40","app_label":"badoo","page":null,"user_id":0,"version":1890,"deploy_info":"production","url":"http:\/\/badoo.com\/jss\/jinba.phtml","error_log_url":"http:\/\/badoo.com\/jss\/js_error.phtml"}; $s.fake_start=+new Date ...[3838 bytes skipped]... | ||
http://p1.badoocdn.com/aco/badoo.net.br/v2/-/-/js/base-lite.2122.js | 200 OK Content-Length: 182372 Content-Type: application/x-javascript | suspicious |
Page code contains blacklisted domain: badoo.net.br function $class(e,t){var n,i,r,o,s,a,l;if(s=e instanceof Function,t=t||!s&&e||{},e=s&&e||null,t.constructor!=Object.prototype.constructor?(n=t.constructor,delete t.constructor):n=e?function(){arguments.callee.$super.apply(this,arguments)}:function(){},e){i=function(){},r=i.prototype=e.prototype,o=n.prototype=new i,o.constructor=n,n.$super=e,r.constructor==Object.prototype.constructor&&(r.constructor=e);for(s in t)a=t[s],l=o[s], ...[3753 bytes skipped]... | ||
http://p1.badoocdn.com/aco/badoo.net.br/v2/lt/-/js/unauth/page.homepage.5.js | 200 OK Content-Length: 26839 Content-Type: application/x-javascript | suspicious |
Page code contains blacklisted domain: badoo.net.br if($u.scroll||($u.scroll=function(t,e,i){if(t||+t==t){var s=$el.scroll_top(),n=parseInt($el.style(document.body,"margin-top"),10),o=+t==t?t:t.getBoundingClientRect().top+s-n,l=Math.min(Math.max(o-(e?0:15),0),window.scrollMaxY||document.body.parentNode.scrollHeight);l!=s&&new $fx.effect({wait:!1,duration:300,onEnd:i,items:[new $fx.style({from:s,to:l,step:function(t,e){var i=this.fx(t,this.from,this.to,e);window.scroll(0,i)}})]})}}),B.AnimatedPa ...[3622 bytes skipped]... | ||
http://badoo.net.br/vk/authorize.phtml?rt=0dc50b | 200 OK Content-Length: 292 Content-Type: text/html | clean |
http://p1.badoocdn.com/aco/badoo.net.br/v2/lt/-/js/page.auth.5.js | 200 OK Content-Length: 2015 Content-Type: application/x-javascript | suspicious |
Page code contains blacklisted domain: badoo.net.br // page.auth.js [i.nazarov] var currentScript; if (document.currentScript) { currentScript = document.currentScript.src; } else { var scripts = document.getElementsByTagName('script'); currentScript = scripts[scripts.length-1].src; } try { if($vars['_OPENER_REDIRECT']) { opener.location.href=$vars['HTMLBLOCK_url']; } if($vars['_OPENER_RELOAD']) { opener.location.reload(); } if( ...[1821 bytes skipped]... | ||
http://badoo.net.br/test404page.js | 404 Not Found Content-Length: 40309 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: corp.net.br <!DOCTYPE html> <html lang="lt" dir="ltr" > <head > <meta http-equiv="Content-type" content="text/html;charset=utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"> <script> var $s={"auth":0,"country":"40","app_label":"badoo","page":null,"user_id":0,"version":1890,"deploy_info":"production","url":"http:\/\/badoo.com\/jss\/jinba.phtml","error_log_url":"http:\/\/badoo.com\/jss\/js_error.phtml"}; $s.fak ...[3826 bytes skipped]... | ||
http://p1.badoocdn.com/aco/badoo.net.br/v2/-/-/js/generic-app.23.js | 200 OK Content-Length: 8288 Content-Type: application/x-javascript | suspicious |
Page code contains blacklisted domain: badoo.net.br $u.error_tpl='<div class="input-error">{text}</div>',$u.handle_errors=function(e,r,t,o){t=t||"input-error",o=o||$u.error_tpl;var i=$el.select(e,".input-error");if(r){for(var s,n,l,a=e.elements,h=0,c=a.length;c>h;h++)if(s=a[h],n=null,"hidden"!=s.type&&s.name&&!s.disabled){for(var d=0,u=i.length;u>d;d++)if(i[d].parentNode==s.parentNode){n=i[d];break}s.name in r?(l=$u.tpl2el(o,{text:r[s.name]}),l.className=t,n?s.parentNo ...[3731 bytes skipped]... | ||
http://badoo.net.br/vk/authorize.phtml?rt=8460b6 | 200 OK Content-Length: 292 Content-Type: text/html | clean |
http://badoo.net.br/yandex/authorize.phtml?rt=8460b6 | 200 OK Content-Length: 292 Content-Type: text/html | clean |
http://badoo.net.br/ok/authorize.phtml?rt=8460b6 | 200 OK Content-Length: 292 Content-Type: text/html | clean |
http://badoo.net.br/facebook/authorize.phtml?rt=8460b6 | 200 OK Content-Length: 292 Content-Type: text/html | clean |
http://badoo.net.br/google/authorize.phtml?rt=8460b6 | 200 OK Content-Length: 292 Content-Type: text/html | clean |
http://badoo.net.br/msn/authorize.phtml?rt=8460b6 | 200 OK Content-Length: 292 Content-Type: text/html | clean |
http://badoo.net.br/ok/authorize.phtml?rt=0dc50b | 200 OK Content-Length: 292 Content-Type: text/html | clean |
http://badoo.net.br/yandex/authorize.phtml?rt=0dc50b | 200 OK Content-Length: 292 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: badoo.net.br
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Thu, 26 Feb 2015 01:53:18 GMT
Pragma: no-cache
Server: nginx
Content-Type: text/html; charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="http://badoo.com/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Set-Cookie: s2=5XfZiFUAvFaKpxXx0zRX2HeDh7.i_oC_G; path=/; domain=.badoo.com; httponly
Set-Cookie: has_secure_session=1; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=-1424915597; path=/; domain=.badoo.com
Set-Cookie: lvnp=0; expires=Wed, 25-Feb-2015 01:53:18 GMT; Max-Age=-86400; path=/; domain=.badoo.com
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
GET / HTTP/1.1
Host: badoo.net.br
Result:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Thu, 26 Feb 2015 01:53:18 GMT
Pragma: no-cache
Server: nginx
Content-Type: text/html; charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: policyref="http://badoo.com/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Set-Cookie: s2=5XfZiFUAvFaKpxXx0zRX2HeDh7.i_oC_G; path=/; domain=.badoo.com; httponly
Set-Cookie: has_secure_session=1; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=-1424915597; path=/; domain=.badoo.com
Set-Cookie: lvnp=0; expires=Wed, 25-Feb-2015 01:53:18 GMT; Max-Age=-86400; path=/; domain=.badoo.com
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Second query (visit from search engine):
GET / HTTP/1.1
Host: badoo.net.br
Referer: http://www.google.com/search?q=badoo.net.br
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: badoo.net.br
Referer: http://www.google.com/search?q=badoo.net.br
Result:
The result is similar to the first query. There are no suspicious redirects found.