Scanned pages/files
Request | Server response | Status |
http://www.bundcenter.com/ | HTTP/1.1 200 OK Cache-Control: private Date: Mon, 28 Apr 2014 02:29:10 GMT Server: Microsoft-IIS/6.0 Content-Length: 13250 Content-Type: text/html Set-Cookie: ASPSESSIONIDACDCTTRT=PEPBHLNCIPBGAOOBCKJEOLMJ; path=/ X-Powered-By: ASP.NET X-UA-Compatible: IE=EmulateIE7 | clean |
http://www.bundcenter.com/english/index.asp | 200 OK Content-Length: 31428 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function MM_reloadPage(init) { if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); function MM_swapImgRestore() { var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&a if(!x && d.getElementById) x=d.getElementById(n); return x; } function MM_swapImage() { var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3) if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];} } function MM_openBrWindow(theURL,winName,features) { window.open(theURL,winName,features); } Antivirus reports:
| ||
http://www.bundcenter.com/english/news/index.asp | 200 OK Content-Length: 31527 Content-Type: text/html | clean |
http://www.bundcenter.com/english/news/ | 200 OK Content-Length: 31527 Content-Type: text/html | clean |
http://www.bundcenter.com/english/news/../About_xiangxi.asp?ID=13 | 200 OK Content-Length: 28489 Content-Type: text/html | clean |
http://www.bundcenter.com/english/news/../index.asp | 200 OK Content-Length: 31428 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function MM_reloadPage(init) { if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); function MM_swapImgRestore() { var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&a if(!x && d.getElementById) x=d.getElementById(n); return x; } function MM_swapImage() { var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3) if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];} } function MM_openBrWindow(theURL,winName,features) { window.open(theURL,winName,features); } Antivirus reports:
| ||
http://www.bundcenter.com/english/news/../news/index.asp | 200 OK Content-Length: 31527 Content-Type: text/html | clean |
http://www.bundcenter.com/english/news/../news/ | 200 OK Content-Length: 31527 Content-Type: text/html | clean |
http://www.bundcenter.com/english/news/../news/../About_xiangxi.asp?ID=13 | 200 OK Content-Length: 28489 Content-Type: text/html | clean |
http://www.bundcenter.com/english/news/../news/../index.asp | 200 OK Content-Length: 31428 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function MM_reloadPage(init) { if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); function MM_swapImgRestore() { var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&a if(!x && d.getElementById) x=d.getElementById(n); return x; } function MM_swapImage() { var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3) if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];} } function MM_openBrWindow(theURL,winName,features) { window.open(theURL,winName,features); } Antivirus reports:
| ||
http://www.bundcenter.com/english/news/../news/../news/index.asp | 200 OK Content-Length: 31527 Content-Type: text/html | clean |
http://www.bundcenter.com/english/news/../news/../news/ | 200 OK Content-Length: 31527 Content-Type: text/html | clean |
http://www.bundcenter.com/english/news/../news/../news/../About_xiangxi.asp?ID=13 | 200 OK Content-Length: 28489 Content-Type: text/html | clean |
http://www.bundcenter.com/english/news/../news/../news/../index.asp | 200 OK Content-Length: 31428 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function MM_reloadPage(init) { if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) { document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload(); } MM_reloadPage(true); function MM_swapImgRestore() { var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&a if(!x && d.getElementById) x=d.getElementById(n); return x; } function MM_swapImage() { var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3) if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];} } function MM_openBrWindow(theURL,winName,features) { window.open(theURL,winName,features); } Antivirus reports:
| ||
http://www.bundcenter.com/english/news/../news/../news/../news/index.asp | 200 OK Content-Length: 31527 Content-Type: text/html | clean |
http://www.bundcenter.com/english/news/../news/../news/../news/ | 200 OK Content-Length: 31527 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: bundcenter.com
Result:
GET / HTTP/1.1
Host: bundcenter.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: bundcenter.com
Referer: http://www.google.com/search?q=bundcenter.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: bundcenter.com
Referer: http://www.google.com/search?q=bundcenter.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bundcenter.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bundcenter.com/
Result: bundcenter.com is not infected or malware details are not published yet.
Result: bundcenter.com is not infected or malware details are not published yet.