Scanned pages/files
Request | Server response | Status |
http://theberkeleyfoundation.com/ | HTTP/1.1 301 Moved Permanently Cache-Control: no-cache Date: Thu, 21 Aug 2014 08:53:01 GMT Pragma: no-cache Location: http://www.theberkeleyfoundation.com/ Server: Microsoft-IIS/6.0 Content-Length: 173 Content-Type: text/html | clean |
http://www.theberkeleyfoundation.com/ | HTTP/1.1 302 Redirect Date: Thu, 21 Aug 2014 08:53:14 GMT Location: http://www.berkeleygroup.co.uk/about-berkeley/the-berkeley-foundation Server: Microsoft-IIS/7.5 Content-Length: 192 Content-Type: text/html; charset=UTF-8 X-Powered-By: ASP.NET X-UA-Compatible: IE=EmulateIE9 | clean |
http://www.berkeleygroup.co.uk/about-berkeley/the-berkeley-foundation | HTTP/1.1 301 Moved Permanently Date: Thu, 21 Aug 2014 08:53:14 GMT Location: http://www.berkeleygroup.co.uk/berkeley-foundation Server: Microsoft-IIS/7.5 Content-Type: text/html; charset=UTF-8 Set-Cookie: CFID=1202672; HttpOnly;expires=Sat, 13-Aug-2044 08:53:14 GMT;path=/ Set-Cookie: CFTOKEN=d82c2bb3e14fd34f-ADB2402E-C98F-3189-FBD61604F540AC01; HttpOnly;expires=Sat, 13-Aug-2044 08:53:14 GMT;path=/ Set-Cookie: JSESSIONID=2630bb7035aa67639b623b584b5bc3d5c396;path=/; HttpOnly Set-Cookie: CFGLOBALS=urltoken%3DCFID%23%3D1202672%26CFTOKEN%23%3Dd82c2bb3e14fd34f%2DADB2402E%2DC98F%2D3189%2DFBD61604F540AC01%26jsessionid%23%3D2630bb7035aa67639b623b584b5bc3d5c396%23lastvisit%3D%7Bts%20%272014%2D08%2D21%2009%3A53%3A14%27%7D%23timecreated%3D%7Bts%20%272014%2D08%2D21%2009%3A53%3A14%27%7D%23hitcount%3D2%23cftoken%3Dd82c2bb3e14fd34f%2DADB2402E%2DC98F%2D3189%2DFBD61604F540AC01%23cfid%3D1202672%23; HttpOnly;expires=Sat, 13-Aug-2044 08:53:14 GMT;path=/ X-UA-Compatible: IE=EmulateIE9 | clean |
http://www.berkeleygroup.co.uk/berkeley-foundation | HTTP/1.1 301 Moved Permanently Date: Thu, 21 Aug 2014 08:53:15 GMT Location: http://www.berkeleygroup.co.uk/about-berkeley-group/berkeley-foundation Server: Microsoft-IIS/7.5 Content-Type: text/html; charset=UTF-8 Set-Cookie: CFID=1202674; HttpOnly;expires=Sat, 13-Aug-2044 08:53:15 GMT;path=/ Set-Cookie: CFTOKEN=f7089907937a67e2-ADB248D7-B542-658C-D3719ABE001A4B2D; HttpOnly;expires=Sat, 13-Aug-2044 08:53:15 GMT;path=/ Set-Cookie: JSESSIONID=263038820f7822a08b167136185938b603a1;path=/; HttpOnly Set-Cookie: CFGLOBALS=urltoken%3DCFID%23%3D1202674%26CFTOKEN%23%3Df7089907937a67e2%2DADB248D7%2DB542%2D658C%2DD3719ABE001A4B2D%26jsessionid%23%3D263038820f7822a08b167136185938b603a1%23lastvisit%3D%7Bts%20%272014%2D08%2D21%2009%3A53%3A15%27%7D%23timecreated%3D%7Bts%20%272014%2D08%2D21%2009%3A53%3A15%27%7D%23hitcount%3D2%23cftoken%3Df7089907937a67e2%2DADB248D7%2DB542%2D658C%2DD3719ABE001A4B2D%23cfid%3D1202674%23; HttpOnly;expires=Sat, 13-Aug-2044 08:53:15 GMT;path=/ X-UA-Compatible: IE=EmulateIE9 | clean |
http://www.berkeleygroup.co.uk/about-berkeley-group/berkeley-foundation | 200 OK Content-Length: 30240 Content-Type: text/html | clean |
http://www.berkeleygroup.co.uk//use.typekit.net/rdc6tvl.js/ | 404 Not Found Content-Length: 23043 Content-Type: text/html | clean |
http://www.berkeleygroup.co.uk/assets/js/modernizr-2.6.2.min.js | 200 OK Content-Length: 15414 Content-Type: application/x-javascript | clean |
http://www.berkeleygroup.co.uk/assets/js/jquery.min.js | 200 OK Content-Length: 92631 Content-Type: application/x-javascript | clean |
http://www.berkeleygroup.co.uk/assets/js/jquery-ui.min.js | 200 OK Content-Length: 235150 Content-Type: application/x-javascript | clean |
http://www.berkeleygroup.co.uk/assets/js/mmenu/jquery.mmenu.min.all.js | 200 OK Content-Length: 19944 Content-Type: application/x-javascript | clean |
http://www.berkeleygroup.co.uk/assets/js/hammer.min.js | 200 OK Content-Length: 13007 Content-Type: application/x-javascript | clean |
http://www.berkeleygroup.co.uk/assets/js/jquery.facebox.min.js | 200 OK Content-Length: 4684 Content-Type: application/x-javascript | clean |
http://www.berkeleygroup.co.uk/assets/js/krpano.min.js | 200 OK Content-Length: 92315 Content-Type: application/x-javascript | clean |
http://www.berkeleygroup.co.uk/assets/js/mediaelement-and-player.min.js | 200 OK Content-Length: 73112 Content-Type: application/x-javascript | clean |
http://www.berkeleygroup.co.uk/assets/js/bootstrap.min.js | 200 OK Content-Length: 28631 Content-Type: application/x-javascript | clean |
http://www.berkeleygroup.co.uk/assets/js/masonry.min.js | 200 OK Content-Length: 24682 Content-Type: application/x-javascript | clean |
http://www.berkeleygroup.co.uk/assets/js/imagesloaded.pkgd.min.js | 200 OK Content-Length: 6569 Content-Type: application/x-javascript | clean |
http://www.berkeleygroup.co.uk/assets/js/plugins.min.js | 200 OK Content-Length: 7017 Content-Type: application/x-javascript | clean |
http://www.berkeleygroup.co.uk/assets/js/PluginDetect_Flash.js | 200 OK Content-Length: 14396 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var PluginDetect={version:"0.8.6",name:"PluginDetect",openTag:"<",isDefined:function(b){return typeof b!="undefined"},isArray:function(b){return(/array/i).test(Object.prototype.toString.call(b))},isFunc:function(b){return typeof b=="function"},isString:function(b){return typeof b=="string"},isNum:function(b){return typeof b=="number"},isStrNum:function(b){return(typeof b=="string"&&(/\d/).test(b))},getNumRegx:/[\d][\d\.\_,\-]*/,splitNumRegx:/[\.\_,\-]/g,getNum:function(b,c){var d=this Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: theberkeleyfoundation.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache
Date: Thu, 21 Aug 2014 08:53:01 GMT
Pragma: no-cache
Location: http://www.theberkeleyfoundation.com/
Server: Microsoft-IIS/6.0
Content-Length: 173
Content-Type: text/html
...173 bytes of data.
GET / HTTP/1.1
Host: theberkeleyfoundation.com
Result:
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache
Date: Thu, 21 Aug 2014 08:53:01 GMT
Pragma: no-cache
Location: http://www.theberkeleyfoundation.com/
Server: Microsoft-IIS/6.0
Content-Length: 173
Content-Type: text/html
...173 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: theberkeleyfoundation.com
Referer: http://www.google.com/search?q=theberkeleyfoundation.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: theberkeleyfoundation.com
Referer: http://www.google.com/search?q=theberkeleyfoundation.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=theberkeleyfoundation.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://theberkeleyfoundation.com/
Result: theberkeleyfoundation.com is not infected or malware details are not published yet.
Result: theberkeleyfoundation.com is not infected or malware details are not published yet.