Malware Scanner report for workerscompinsurance.info

http://workerscompinsurance.info/

HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Thu, 25 Sep 2014 23:00:30 GMT
Location: http://www.libertymutual.com/business
Server: Apache-Coyote/1.1
Content-Length: 0

http://www.libertymutual.com/business

HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache="set-cookie, set-cookie2"
Connection: close
Date: Thu, 25 Sep 2014 23:00:32 GMT
Location: http://www.libertymutualgroup.com/business-insurance
Content-Language: en-US
Content-Length: 0
Content-Type: text/html
Expires: Thu, 01 Dec 1994 16:00:00 GMT
P3P: policyref="http://libertymutual.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAIi PSA PSDi IVDi CONo HIS TELo OUR LEG UNI PHY ONL PUR FIN COM NAV INT DEM CNT STA POL HEA GOV"
Set-Cookie: JSESSIONID_LMCOM=0001bOBLhFdDnFCX7HLgnSx5NKe:17te9ibg9; Path=/; Domain=libertymutual.com; HttpOnly
Set-Cookie: oam.Flash.RENDERMAP.TOKEN=ciadyra8i; Path=/; HttpOnly
Set-Cookie: LMPersonalization=bOBLhFdDnFCX7HLgnSx5NKe; Expires=Fri, 25-Sep-15 23:00:31 GMT; Path=/; Domain=.libertymutual.com
Set-Cookie: BIGipServerwww-origin.pdc.libertymutual.com=rd2240o00000000000000000000ffff0a506034o8004; expires=Fri, 26-Sep-2014 01:00:31 GMT; path=/
Set-Cookie: TS998304=aa90d66595b126155aabcbc2951a3abfb6ed4b47f17905c454249e8f; Path=/; HTTPOnly
X-Frame-Options: DENY
X-Powered-By: Servlet/3.0
X-UA-Compatible: IE=Edge,chrome=1

http://www.libertymutualgroup.com/business-insurance

200 OK
Content-Length: 53326
Content-Type: text/html

Malicious code - confirmed by antiviruses (see below)


Antivirus reports:


Hidden iFrame found.
size: 1x1     style: hidden
src: http://3447791.fls.doubleclick.net/activityi;src=3447791;type=comme865;cat=lmgro538;ord=


Hidden iFrame found.
size: 1x1     style: hidden
src: http://3447791.fls.doubleclick.net/activityi;src=3447791;type=comme865;cat=lmgro538;ord=1?

http://www.libertymutualgroup.com/omapps/ContentServer?pagename=common/Omniture/lmg2Omniture_SCode

200 OK
Content-Length: 68768
Content-Type: text/html

http://www.libertymutualgroup.com/test404page.js

200 OK
Content-Length: 29085
Content-Type: text/html

http://www.libertymutualgroup.com/omapps/ContentServer?pagename=LMGroup2/JS/lmg2JSJQueryMin

200 OK
Content-Length: 93029
Content-Type: text/javascript

http://www.libertymutualgroup.com/omapps/ContentServer?pagename=LMGroup2/JS/lmg2JSJQueryUIMin

200 OK
Content-Length: 40027
Content-Type: text/javascript

http://www.libertymutualgroup.com/omapps/ContentServer?pagename=LMGroup2/JS/lmg2JSColorboxMin

200 OK
Content-Length: 11098
Content-Type: text/javascript

http://www.libertymutualgroup.com/omapps/ContentServer?pagename=LMGroup2/JS/lmg2JSCyclePack

200 OK
Content-Length: 21675
Content-Type: text/javascript

http://www.libertymutualgroup.com/omapps/ContentServer?pagename=LMGroup2/JS/lmg2JSQtipMin

200 OK
Content-Length: 33478
Content-Type: text/javascript

http://www.libertymutualgroup.com/omapps/ContentServer?pagename=LMGroup2/JS/lmg2JSUniformMin

200 OK
Content-Length: 8318
Content-Type: text/javascript

http://www.libertymutualgroup.com/omapps/ContentServer?pagename=LMGroup2/JS/lmg2JSJQueryCookieMin

200 OK
Content-Length: 1469
Content-Type: text/javascript

http://www.libertymutualgroup.com/omapps/ContentServer?pagename=LMGroup2/JS/lmg2JSAddThisMin

200 OK
Content-Length: 2486
Content-Type: text/javascript

http://www.libertymutualgroup.com/omapps/ContentServer?pagename=LMGroup2/JS/lmg2JSMediaElementAndPlayerMin

200 OK
Content-Length: 71676
Content-Type: text/javascript

http://www.libertymutualgroup.com//ajax.aspnetcdn.com/ajax/jquery.validate/1.11.1/jquery.validate.min.js/

200 OK
Content-Length: 29089
Content-Type: text/html

http://www.libertymutualgroup.com/omapps/ContentServer?pagename=LMGroup2/JS/lmg2JSOmnitureVideoTag

200 OK
Content-Length: 3102
Content-Type: text/javascript

http://www.libertymutualgroup.com/omapps/ContentServer?pagename=LMGroup2/JS/lmg2JSLM

200 OK
Content-Length: 7981
Content-Type: text/javascript