Scanned pages/files
Request | Server response | Status |
http://mdou1-iv.kng.lokos.net/ | 200 OK Content-Length: 15086 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<a href="index.php" title="große Schrift" onclick="bigFontSize(); return false;"><img src="/templates/1sr_170_1/images/font_size_big.png" alt="große Schrift" /></a>'); document.write('<a href="index.php" title="Schrift zurücksetzen" onclick="resetFontSize(); return false;"><img src="/templates/1sr_170_1/images/font_size_normal.png" alt="Schrift zurücksetzen" /></a>'); document.write('<a href="index.php" title="kleine Schrift" onclick="smallFontSize(); return false;"><img src="/templates/1sr_170_1/images/font_size_small.png" alt="kleine Schrift" /></a></p>'); Antivirus reports:
| ||
http://mdou1-iv.kng.lokos.net/media/system/js/mootools-core.js | 200 OK Content-Length: 96362 Content-Type: application/javascript | clean |
http://mdou1-iv.kng.lokos.net/media/system/js/core.js | 200 OK Content-Length: 4784 Content-Type: application/javascript | clean |
http://mdou1-iv.kng.lokos.net/media/system/js/caption.js | 200 OK Content-Length: 729 Content-Type: application/javascript | clean |
http://mdou1-iv.kng.lokos.net/media/system/js/mootools-more.js | 200 OK Content-Length: 238331 Content-Type: application/javascript | clean |
http://mdou1-iv.kng.lokos.net/templates/1sr_170_1/js/stylechanger.js | 200 OK Content-Length: 1479 Content-Type: application/javascript | clean |
http://mdou1-iv.kng.lokos.net/templates/1sr_170_1/js/jquery-1.6.2.min.js | 200 OK Content-Length: 91556 Content-Type: application/javascript | clean |
http://mdou1-iv.kng.lokos.net/templates/1sr_170_1/js/hoverIntent.js | 200 OK Content-Length: 3174 Content-Type: application/javascript | clean |
http://mdou1-iv.kng.lokos.net/templates/1sr_170_1/js/superfish.js | 200 OK Content-Length: 3714 Content-Type: application/javascript | clean |
http://mdou1-iv.kng.lokos.net/index.php?option=com_content&view=category&layout=blog&id=17&Itemid=101 | 200 OK Content-Length: 15164 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<a href="index.php" title="große Schrift" onclick="bigFontSize(); return false;"><img src="/templates/1sr_170_1/images/font_size_big.png" alt="große Schrift" /></a>'); document.write('<a href="index.php" title="Schrift zurücksetzen" onclick="resetFontSize(); return false;"><img src="/templates/1sr_170_1/images/font_size_normal.png" alt="Schrift zurücksetzen" /></a>'); document.write('<a href="index.php" title="kleine Schrift" onclick="smallFontSize(); return false;"><img src="/templates/1sr_170_1/images/font_size_small.png" alt="kleine Schrift" /></a></p>'); Antivirus reports:
| ||
http://mdou1-iv.kng.lokos.net/index.php?option=com_content&view=article&id=20&Itemid=133 | 200 OK Content-Length: 28775 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<a href="index.php" title="große Schrift" onclick="bigFontSize(); return false;"><img src="/templates/1sr_170_1/images/font_size_big.png" alt="große Schrift" /></a>'); document.write('<a href="index.php" title="Schrift zurücksetzen" onclick="resetFontSize(); return false;"><img src="/templates/1sr_170_1/images/font_size_normal.png" alt="Schrift zurücksetzen" /></a>'); document.write('<a href="index.php" title="kleine Schrift" onclick="smallFontSize(); return false;"><img src="/templates/1sr_170_1/images/font_size_small.png" alt="kleine Schrift" /></a></p>'); Antivirus reports:
| ||
http://mdou1-iv.kng.lokos.net/index.php?option=com_content&view=category&id=8&Itemid=102 | 200 OK Content-Length: 15114 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<a href="index.php" title="große Schrift" onclick="bigFontSize(); return false;"><img src="/templates/1sr_170_1/images/font_size_big.png" alt="große Schrift" /></a>'); document.write('<a href="index.php" title="Schrift zurücksetzen" onclick="resetFontSize(); return false;"><img src="/templates/1sr_170_1/images/font_size_normal.png" alt="Schrift zurücksetzen" /></a>'); document.write('<a href="index.php" title="kleine Schrift" onclick="smallFontSize(); return false;"><img src="/templates/1sr_170_1/images/font_size_small.png" alt="kleine Schrift" /></a></p>'); Antivirus reports:
| ||
http://mdou1-iv.kng.lokos.net/index.php?option=com_content&view=article&id=6&Itemid=125 | 200 OK Content-Length: 12215 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<a href="index.php" title="große Schrift" onclick="bigFontSize(); return false;"><img src="/templates/1sr_170_1/images/font_size_big.png" alt="große Schrift" /></a>'); document.write('<a href="index.php" title="Schrift zurücksetzen" onclick="resetFontSize(); return false;"><img src="/templates/1sr_170_1/images/font_size_normal.png" alt="Schrift zurücksetzen" /></a>'); document.write('<a href="index.php" title="kleine Schrift" onclick="smallFontSize(); return false;"><img src="/templates/1sr_170_1/images/font_size_small.png" alt="kleine Schrift" /></a></p>'); Antivirus reports:
| ||
http://mdou1-iv.kng.lokos.net/index.php?option=com_content&view=article&id=4&Itemid=126 | 200 OK Content-Length: 12215 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<a href="index.php" title="große Schrift" onclick="bigFontSize(); return false;"><img src="/templates/1sr_170_1/images/font_size_big.png" alt="große Schrift" /></a>'); document.write('<a href="index.php" title="Schrift zurücksetzen" onclick="resetFontSize(); return false;"><img src="/templates/1sr_170_1/images/font_size_normal.png" alt="Schrift zurücksetzen" /></a>'); document.write('<a href="index.php" title="kleine Schrift" onclick="smallFontSize(); return false;"><img src="/templates/1sr_170_1/images/font_size_small.png" alt="kleine Schrift" /></a></p>'); Antivirus reports:
| ||
http://mdou1-iv.kng.lokos.net/index.php?option=com_content&view=category&layout=blog&id=9&Itemid=103 | 200 OK Content-Length: 12869 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<a href="index.php" title="große Schrift" onclick="bigFontSize(); return false;"><img src="/templates/1sr_170_1/images/font_size_big.png" alt="große Schrift" /></a>'); document.write('<a href="index.php" title="Schrift zurücksetzen" onclick="resetFontSize(); return false;"><img src="/templates/1sr_170_1/images/font_size_normal.png" alt="Schrift zurücksetzen" /></a>'); document.write('<a href="index.php" title="kleine Schrift" onclick="smallFontSize(); return false;"><img src="/templates/1sr_170_1/images/font_size_small.png" alt="kleine Schrift" /></a></p>'); Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: mdou1-iv.kng.lokos.net
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Wed, 20 Aug 2014 18:05:16 GMT
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 6dad45b6e8bc83d8bc5a10055b798ab1=ervagq18q8frk4nmchsrra1pb6; path=/
GET / HTTP/1.1
Host: mdou1-iv.kng.lokos.net
Result:
HTTP/1.1 200 OK
Cache-Control: no-cache
Connection: close
Date: Wed, 20 Aug 2014 18:05:16 GMT
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 6dad45b6e8bc83d8bc5a10055b798ab1=ervagq18q8frk4nmchsrra1pb6; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: mdou1-iv.kng.lokos.net
Referer: http://www.google.com/search?q=mdou1-iv.kng.lokos.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: mdou1-iv.kng.lokos.net
Referer: http://www.google.com/search?q=mdou1-iv.kng.lokos.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=mdou1-iv.kng.lokos.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://mdou1-iv.kng.lokos.net/
Result: mdou1-iv.kng.lokos.net is not infected or malware details are not published yet.
Result: mdou1-iv.kng.lokos.net is not infected or malware details are not published yet.