Scanned pages/files
Request | Server response | Status |
http://sport.top.mn/ | 200 OK Content-Length: 37712 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-4190908-15']); _gaq.push(['_setDomainName', '.top.mn']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); }) }, function(){ $("#more-dropdown div").hide(); $(this).css({background: 'none'}); }); }); $(function(){ $("#more-dropdown2").hover(function(){ $("#more-dropdown2 div").show(); $(this).css({position: 'relative', background: '#CCCCCC'}); }, function(){ $("#more-dropdown2 div").hide(); $(this).css({background: 'none'}); }); }); Antivirus reports:
| ||
http://sport.top.mn/js/jquery-1.4.4.min.js | 200 OK Content-Length: 78601 Content-Type: appsication/x-javascript | clean |
http://sport.top.mn/js/jquery-ui.min.js | 200 OK Content-Length: 183557 Content-Type: appsication/x-javascript | clean |
http://sport.top.mn/plugins/dropmenu/ie5.js | 200 OK Content-Length: 2679 Content-Type: appsication/x-javascript | clean |
http://sport.top.mn/js/global.js | 200 OK Content-Length: 4853 Content-Type: appsication/x-javascript | clean |
http://sport.top.mn/js/default.js | 200 OK Content-Length: 13 Content-Type: appsication/x-javascript | clean |
http://sport.top.mn/js/easytabs.js | 200 OK Content-Length: 1275 Content-Type: appsication/x-javascript | clean |
http://sport.top.mn/sitetemplates/lastnews/site/lastTabs.jquery.js | 200 OK Content-Length: 2846 Content-Type: appsication/x-javascript | clean |
http://sport.top.mn/list/Ñ
өлбөмбөг | 200 OK Content-Length: 35825 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-4190908-15']); _gaq.push(['_setDomainName', '.top.mn']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); }) }, function(){ $("#more-dropdown div").hide(); $(this).css({background: 'none'}); }); }); $(function(){ $("#more-dropdown2").hover(function(){ $("#more-dropdown2 div").show(); $(this).css({position: 'relative', background: '#CCCCCC'}); }, function(){ $("#more-dropdown2 div").hide(); $(this).css({background: 'none'}); }); }); Antivirus reports:
| ||
http://sport.top.mn/js/list.js | 404 Not Found Content-Length: 208 Content-Type: text/html | clean |
http://sport.top.mn/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://sport.top.mn/list/ÑагÑанбөмбөг | 200 OK Content-Length: 36417 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-4190908-15']); _gaq.push(['_setDomainName', '.top.mn']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); }) }, function(){ $("#more-dropdown div").hide(); $(this).css({background: 'none'}); }); }); $(function(){ $("#more-dropdown2").hover(function(){ $("#more-dropdown2 div").show(); $(this).css({position: 'relative', background: '#CCCCCC'}); }, function(){ $("#more-dropdown2 div").hide(); $(this).css({background: 'none'}); }); }); Antivirus reports:
| ||
http://sport.top.mn/list/үндÑÑний-ÑпоÑÑ | 200 OK Content-Length: 39858 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-4190908-15']); _gaq.push(['_setDomainName', '.top.mn']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); }) }, function(){ $("#more-dropdown div").hide(); $(this).css({background: 'none'}); }); }); $(function(){ $("#more-dropdown2").hover(function(){ $("#more-dropdown2 div").show(); $(this).css({position: 'relative', background: '#CCCCCC'}); }, function(){ $("#more-dropdown2 div").hide(); $(this).css({background: 'none'}); }); }); Antivirus reports:
| ||
http://sport.top.mn/list/моÑоÑ-ÑпоÑÑ | 200 OK Content-Length: 47017 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-4190908-15']); _gaq.push(['_setDomainName', '.top.mn']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); }) }, function(){ $("#more-dropdown div").hide(); $(this).css({background: 'none'}); }); }); $(function(){ $("#more-dropdown2").hover(function(){ $("#more-dropdown2 div").show(); $(this).css({position: 'relative', background: '#CCCCCC'}); }, function(){ $("#more-dropdown2 div").hide(); $(this).css({background: 'none'}); }); }); Antivirus reports:
| ||
http://sport.top.mn/list/бөÑ
ийн-ÑÓ©Ñөл | 200 OK Content-Length: 36601 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-4190908-15']); _gaq.push(['_setDomainName', '.top.mn']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); }) }, function(){ $("#more-dropdown div").hide(); $(this).css({background: 'none'}); }); }); $(function(){ $("#more-dropdown2").hover(function(){ $("#more-dropdown2 div").show(); $(this).css({position: 'relative', background: '#CCCCCC'}); }, function(){ $("#more-dropdown2 div").hide(); $(this).css({background: 'none'}); }); }); Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: sport.top.mn
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 11 May 2014 21:10:52 GMT
Pragma: no-cache
Server: Apache/2.2.15
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=bj0b48ql10vil1j09fce2ntb64; path=/
X-Powered-By: PHP/5.3.3
GET / HTTP/1.1
Host: sport.top.mn
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 11 May 2014 21:10:52 GMT
Pragma: no-cache
Server: Apache/2.2.15
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=bj0b48ql10vil1j09fce2ntb64; path=/
X-Powered-By: PHP/5.3.3
Second query (visit from search engine):
GET / HTTP/1.1
Host: sport.top.mn
Referer: http://www.google.com/search?q=sport.top.mn
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: sport.top.mn
Referer: http://www.google.com/search?q=sport.top.mn
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=sport.top.mn
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://sport.top.mn/
Result: sport.top.mn is not infected or malware details are not published yet.
Result: sport.top.mn is not infected or malware details are not published yet.