Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=lakeledeng.dodocat.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://lakeledeng.dodocat.com/ | 200 OK Content-Length: 15233 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var save_layer = null; function layer_view(link_id, menu_id, opt, x, y) { var link = document.getElementById(link_id); var menu = document.getElementById(menu_id); if (save_layer != null) { save_layer.style.display = "none"; selectBoxVisible(); } if (link_id == '') return; if (opt == 'hide') { menu.style.display = 'none'; selectBoxVisible(); } else { x = parseInt(x); y = parseInt(y); menu.style.left = x; menu.style.top = y; menu.style.display = 'block'; } save_layer = menu; } Antivirus reports:
| ||
http://lakeledeng.dodocat.com/./js/jquery-1.4.2.min.js | 200 OK Content-Length: 72328 Content-Type: application/x-javascript | clean |
http://lakeledeng.dodocat.com/./js/common.js | 200 OK Content-Length: 17053 Content-Type: application/x-javascript | clean |
http://lakeledeng.dodocat.com/./js/menu.js | 200 OK Content-Length: 3467 Content-Type: application/x-javascript | clean |
http://lakeledeng.dodocat.com/./js/sidebanner.js | 200 OK Content-Length: 1470 Content-Type: application/x-javascript | clean |
http://lakeledeng.dodocat.com/./js/sideview.js | 200 OK Content-Length: 10926 Content-Type: application/x-javascript | clean |
http://lakeledeng.dodocat.com/./skin/latest/gallery_lakeled/latest.skin.js | 200 OK Content-Length: 4432 Content-Type: application/x-javascript | clean |
http://lakeledeng.dodocat.com/./js/wrest.js | 200 OK Content-Length: 14782 Content-Type: application/x-javascript | clean |
http://lakeledeng.dodocat.com/. | 200 OK Content-Length: 15234 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var save_layer = null; function layer_view(link_id, menu_id, opt, x, y) { var link = document.getElementById(link_id); var menu = document.getElementById(menu_id); if (save_layer != null) { save_layer.style.display = "none"; selectBoxVisible(); } if (link_id == '') return; if (opt == 'hide') { menu.style.display = 'none'; selectBoxVisible(); } else { x = parseInt(x); y = parseInt(y); menu.style.left = x; menu.style.top = y; menu.style.display = 'block'; } save_layer = menu; } Antivirus reports:
| ||
http://lakeledeng.dodocat.com/./bbs/login.php?url=%2F. | 200 OK Content-Length: 17285 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var save_layer = null; function layer_view(link_id, menu_id, opt, x, y) { var link = document.getElementById(link_id); var menu = document.getElementById(menu_id); if (save_layer != null) { save_layer.style.display = "none"; selectBoxVisible(); } if (link_id == '') return; if (opt == 'hide') { menu.style.display = 'none'; selectBoxVisible(); } else { x = parseInt(x); y = parseInt(y); menu.style.left = x; menu.style.top = y; menu.style.display = 'block'; } save_layer = menu; } Antivirus reports:
| ||
http://lakeledeng.dodocat.com/./bbs/../js/jquery-1.4.2.min.js | 200 OK Content-Length: 72328 Content-Type: application/x-javascript | clean |
http://lakeledeng.dodocat.com/./bbs/../js/common.js | 200 OK Content-Length: 17053 Content-Type: application/x-javascript | clean |
http://lakeledeng.dodocat.com/./bbs/../js/menu.js | 200 OK Content-Length: 3467 Content-Type: application/x-javascript | clean |
http://lakeledeng.dodocat.com/./bbs/../js/sidebanner.js | 200 OK Content-Length: 1470 Content-Type: application/x-javascript | clean |
http://lakeledeng.dodocat.com/./bbs/../js/sideview.js | 200 OK Content-Length: 10926 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: lakeledeng.dodocat.com
Result:
HTTP/1.1 200 OK
Cache-Control: pre-check=0, post-check=0, max-age=0
Connection: close
Date: Sat, 20 Dec 2014 17:24:28 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=euc-kr
Expires: 0
Last-Modified: Sat, 20 Dec 2014 17:24:28 GMT
P3P: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Set-Cookie: PHPSESSID=4b95dbf085efe290082195ecc7211970; path=/
Set-Cookie: f33d2ed86bd82d4c22123c9da444d8ab=MTQxOTA5NjI2OA%3D%3D; expires=Sun, 20-Dec-2015 17:24:28 GMT; path=/
Set-Cookie: 96b28b766b7e0699aa91c9ff3d890663=deleted; expires=Fri, 20-Dec-2013 17:24:27 GMT; path=/
Set-Cookie: 2a0d2363701f23f8a75028924a3af643=NzguMTU4LjExLjIyNg%3D%3D; expires=Sun, 21-Dec-2014 17:24:28 GMT; path=/
X-Powered-By: PHP/5.2.8
GET / HTTP/1.1
Host: lakeledeng.dodocat.com
Result:
HTTP/1.1 200 OK
Cache-Control: pre-check=0, post-check=0, max-age=0
Connection: close
Date: Sat, 20 Dec 2014 17:24:28 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=euc-kr
Expires: 0
Last-Modified: Sat, 20 Dec 2014 17:24:28 GMT
P3P: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Set-Cookie: PHPSESSID=4b95dbf085efe290082195ecc7211970; path=/
Set-Cookie: f33d2ed86bd82d4c22123c9da444d8ab=MTQxOTA5NjI2OA%3D%3D; expires=Sun, 20-Dec-2015 17:24:28 GMT; path=/
Set-Cookie: 96b28b766b7e0699aa91c9ff3d890663=deleted; expires=Fri, 20-Dec-2013 17:24:27 GMT; path=/
Set-Cookie: 2a0d2363701f23f8a75028924a3af643=NzguMTU4LjExLjIyNg%3D%3D; expires=Sun, 21-Dec-2014 17:24:28 GMT; path=/
X-Powered-By: PHP/5.2.8
Second query (visit from search engine):
GET / HTTP/1.1
Host: lakeledeng.dodocat.com
Referer: http://www.google.com/search?q=lakeledeng.dodocat.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: lakeledeng.dodocat.com
Referer: http://www.google.com/search?q=lakeledeng.dodocat.com
Result:
The result is similar to the first query. There are no suspicious redirects found.