See Trojans detected:
Object: htxp://ipzljz.fo.ru/
SHA1: 2e86338002706ea9f2f5d44b5ee22991044ca8d7
Name: TrojWare.JS.Agent.JL
Only Kaspersky flags: https://www.virustotal.com/en/url/43b0a7719f92334e71c91b3f412b166b0344497af59fc543a8ae60e4a16a7632/analysis/
See: System Details:
Running on: nginx/1.4.0
Outdated Web Server Nginx Found: nginx/1.4.0

Included script flagged: Suspect - please check list for unknown includes

htXp://am15.net/sb.php?s=45130

Suspicious Script:
-ipzljz.fo.ru//common/mlp/js/anonymous.lib.js?11788
.ru/market"; }, applets_content: function() { if($(‘#tp_applets_content’).length){ $(‘#tp_applets_content’).toggle();

I also added two tracker tracker reports - one for website and one for external links -
do not open links in a common browser - results given as a txt file for research purposes only.

polonus

External link flagged: https://www.virustotal.com/en/domain/liveinternet.ru/information/
Detected trojan spy by Avast as Win32:Malware-gen.

polonus

ipzljz.fo.ru.htm
https://www.virustotal.com/en/file/7d6d717d3425b72c962c15b61afbf45b4f2d2f872dfeeefa8ecb144a157af2f6/analysis/1426443799/

Hi Pondus,

This is LONG OVERDUE! malware: http://support.clean-mx.de/clean-mx/viruses.php?virusname=HTML/Amifaif.A&sort=id%20DESC or http://www.virusign.com/details.php?hash=25ba54e791ac3bc7f3ed77a1128954c79e6bbd157f647671769811315844c2b0
Avast does not detect or in PUP-mode?

polonus

Also consider the vuln. here: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fipzljz.fo.ru%2F%2Fcommon%2Fmlp%2Fjs%2Fanonymous.lib.js

8 vulnerable uri’s given with location.href and name.

polonus