|Posted by:||Virus Guy (Viru…@Guy. com)|
|Date:||Mon, 17 Feb 2014|
The following link was contained in a spam email. It probably tries to
trigger a browser exploit of some sort, so handle this with care:
The server responds with this:
Just in case the above would have executed for some readers, I replaced
this news server a "line too long" error, so I broke the line after the
";" in various locations (if it matters).
What does that script decode to, or try to do?
above and given some sort of report or decoded result?
VT URL scan gives 2 / 53 in terms of detection as a malicious site
(based on IP / domain of URL and not on contents or files returned?)
VT scan on "sensors.php" returns 2 / 50:
Avast JS:Redirector-BOX [Trj]
Another URL from another recent spam: