Malware Scanner report for thefashion.ru

Malicious/Suspicious/Total urls checked: 0/5/15

5 pages have suspicious code. See details below

Blacklists: Found

The website is marked by Yandex as suspicious.

The website "thefashion.ru" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 0/0/0

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=thefashion.ru

Result: This site is not currently listed as suspicious.

Query: http://yandex.com/infected?l10n=en&url=http://thefashion.ru/

Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

Request	Server response	Status
http://thefashion.ru/	200 OK Content-Length: 70081 Content-Type: text/html	suspicious
Suspicious code found <!-- ßíäåêñ.Äèðåêò --> <script type="text/javascript"> //<![CDATA[ yandex_partner_id = 85484; yandex_site_bg_color = 'FFFFFF'; //ôîí ñàéòà, çàìåíèòå öâåò ïåðåìåííîé åñëè ñàéò èìååò òåìíûé ôîí yandex_ad_format = 'direct'; yandex_font_size = 1.1; //Ðàçìåð øðèôòà â áëîêå. Ïî æåëàíèþ ìîæíî óâåëè÷èòü èëè óìåíüøèòü yandex_direct_type = 'flat'; //Âèä áëîêà ïîä ñòàòüåé ëó÷øå âûáðàòü ïëîñêèé (flat) èëè ãîðèçîíòàëüíûé (horizontal) yandex_direct_limit = 2; //Ê ... 235 bytes are skipped ..._color = '000000'; //Öâåò äîìåíà ðåêëàìîäàòåëÿ yandex_direct_text_color = '000000'; //Öâåò òåêñòà îáúÿâëåíèé yandex_direct_hover_color = 'FF0000'; //Öâåò çàãîëîâêà îáúÿâëåíèé ïðè íàâåäåíèè êóðñîðà yandex_direct_favicon = true; //âêëþ÷àåì îòîáðàæåíèÿ ôàâèêîíîâ îáúÿâëåíèé yandex_no_sitelinks = true; //îòêëþ÷àåì áûñòðûå ññûëêè document.write('<sc'+'ript type="text/javascript" src="http://an.yandex.ru/system/context.js"></sc'+'ript>'); //]]> </script>
http://thefashion.ru/engine/classes/min/index.php?charset=windows-1251&g=general&11	200 OK Content-Length: 192599 Content-Type: application/x-javascript	clean
http://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js	200 OK Content-Length: 17380 Content-Type: text/javascript	clean
http://thefashion.ru/engine/editor/scripts/webfont.js	200 OK Content-Length: 3019 Content-Type: application/x-javascript	clean
http://thefashion.ru/templates/Gossip/js/carousel.js	200 OK Content-Length: 881 Content-Type: application/javascript	clean
http://thefashion.ru/rss.xml	200 OK Content-Length: 11299 Content-Type: application/xml	clean
http://thefashion.ru/uploads/posts/2014-06/1402312692_632582.jpg	200 OK Content-Length: 59720 Content-Type: image/jpeg	clean
http://thefashion.ru/test404page.js	404 Not Found Content-Length: 282 Content-Type: text/html	clean
http://thefashion.ru/uploads/posts/2014-06/1402296858_63.jpg	200 OK Content-Length: 147219 Content-Type: image/jpeg	clean
http://thefashion.ru/uploads/posts/2014-06/1402176586_63.jpg	200 OK Content-Length: 18988 Content-Type: image/jpeg	clean
http://thefashion.ru/uploads/posts/2014-06/1402054399_51.jpg	200 OK Content-Length: 35928 Content-Type: image/jpeg	clean
http://thefashion.ru/index.php?do=lostpassword	200 OK Content-Length: 25848 Content-Type: text/html	suspicious
Suspicious code found <div id="loading-layer" style="display:none">Çàãðóçêà. Ïîæàëóéñòà, ïîäîæäèòå...</div> <script type="text/javascript"> <!-- var dle_root = '/'; var dle_admin = ''; var dle_login_hash = ''; var dle_group = 5; var dle_skin = 'Gossip'; var dle_wysiwyg = '0'; var quick_wysiwyg = '1'; var dle_act_lang = ["Äà", "Íåò", "Ââîä", "Îòìåíà", "Ñîõðàíèòü", "Óäàëèòü"]; var menu_short = 'Áûñòðîå ðåäàêòèðîâàíèå'; ... 626 bytes are skipped ...àæèòå òåêñò âàøåé æàëîáû äëÿ àäìèíèñòðàöèè:'; var dle_big_text = 'Âûäåëåí ñëèøêîì áîëüøîé ó÷àñòîê òåêñòà.'; var dle_orfo_title = 'Óêàæèòå êîììåíòàðèé äëÿ àäìèíèñòðàöèè ê íàéäåííîé îøèáêå íà ñòðàíèöå'; var dle_p_send = 'Îòïðàâèòü'; var dle_p_send_ok = 'Óâåäîìëåíèå óñïåøíî îòïðàâëåíî'; var dle_save_ok = 'Èçìåíåíèÿ óñïåøíî ñîõðàíåíû. Îáíîâèòü ñòðàíèöó?'; var dle_del_news = 'Óäàëèòü ñòàòüþ'; var allow_dle_delete_news = false; //--> </script>
http://thefashion.ru/index.php?do=register	200 OK Content-Length: 27005 Content-Type: text/html	suspicious
Suspicious code found <div id="loading-layer" style="display:none">Çàãðóçêà. Ïîæàëóéñòà, ïîäîæäèòå...</div> <script type="text/javascript"> <!-- var dle_root = '/'; var dle_admin = ''; var dle_login_hash = ''; var dle_group = 5; var dle_skin = 'Gossip'; var dle_wysiwyg = '0'; var quick_wysiwyg = '1'; var dle_act_lang = ["Äà", "Íåò", "Ââîä", "Îòìåíà", "Ñîõðàíèòü", "Óäàëèòü"]; var menu_short = 'Áûñòðîå ðåäàêòèðîâàíèå'; ... 626 bytes are skipped ...àæèòå òåêñò âàøåé æàëîáû äëÿ àäìèíèñòðàöèè:'; var dle_big_text = 'Âûäåëåí ñëèøêîì áîëüøîé ó÷àñòîê òåêñòà.'; var dle_orfo_title = 'Óêàæèòå êîììåíòàðèé äëÿ àäìèíèñòðàöèè ê íàéäåííîé îøèáêå íà ñòðàíèöå'; var dle_p_send = 'Îòïðàâèòü'; var dle_p_send_ok = 'Óâåäîìëåíèå óñïåøíî îòïðàâëåíî'; var dle_save_ok = 'Èçìåíåíèÿ óñïåøíî ñîõðàíåíû. Îáíîâèòü ñòðàíèöó?'; var dle_del_news = 'Óäàëèòü ñòàòüþ'; var allow_dle_delete_news = false; //--> </script>
http://thefashion.ru/news/	200 OK Content-Length: 35662 Content-Type: text/html	suspicious
Suspicious code found <div id="loading-layer" style="display:none">Çàãðóçêà. Ïîæàëóéñòà, ïîäîæäèòå...</div> <script type="text/javascript"> <!-- var dle_root = '/'; var dle_admin = ''; var dle_login_hash = ''; var dle_group = 5; var dle_skin = 'Gossip'; var dle_wysiwyg = '0'; var quick_wysiwyg = '1'; var dle_act_lang = ["Äà", "Íåò", "Ââîä", "Îòìåíà", "Ñîõðàíèòü", "Óäàëèòü"]; var menu_short = 'Áûñòðîå ðåäàêòèðîâàíèå'; ... 626 bytes are skipped ...àæèòå òåêñò âàøåé æàëîáû äëÿ àäìèíèñòðàöèè:'; var dle_big_text = 'Âûäåëåí ñëèøêîì áîëüøîé ó÷àñòîê òåêñòà.'; var dle_orfo_title = 'Óêàæèòå êîììåíòàðèé äëÿ àäìèíèñòðàöèè ê íàéäåííîé îøèáêå íà ñòðàíèöå'; var dle_p_send = 'Îòïðàâèòü'; var dle_p_send_ok = 'Óâåäîìëåíèå óñïåøíî îòïðàâëåíî'; var dle_save_ok = 'Èçìåíåíèÿ óñïåøíî ñîõðàíåíû. Îáíîâèòü ñòðàíèöó?'; var dle_del_news = 'Óäàëèòü ñòàòüþ'; var allow_dle_delete_news = false; //--> </script>
http://thefashion.ru/collections/	200 OK Content-Length: 34559 Content-Type: text/html	suspicious
Suspicious code found <div id="loading-layer" style="display:none">Çàãðóçêà. Ïîæàëóéñòà, ïîäîæäèòå...</div> <script type="text/javascript"> <!-- var dle_root = '/'; var dle_admin = ''; var dle_login_hash = ''; var dle_group = 5; var dle_skin = 'Gossip'; var dle_wysiwyg = '0'; var quick_wysiwyg = '1'; var dle_act_lang = ["Äà", "Íåò", "Ââîä", "Îòìåíà", "Ñîõðàíèòü", "Óäàëèòü"]; var menu_short = 'Áûñòðîå ðåäàêòèðîâàíèå'; ... 626 bytes are skipped ...àæèòå òåêñò âàøåé æàëîáû äëÿ àäìèíèñòðàöèè:'; var dle_big_text = 'Âûäåëåí ñëèøêîì áîëüøîé ó÷àñòîê òåêñòà.'; var dle_orfo_title = 'Óêàæèòå êîììåíòàðèé äëÿ àäìèíèñòðàöèè ê íàéäåííîé îøèáêå íà ñòðàíèöå'; var dle_p_send = 'Îòïðàâèòü'; var dle_p_send_ok = 'Óâåäîìëåíèå óñïåøíî îòïðàâëåíî'; var dle_save_ok = 'Èçìåíåíèÿ óñïåøíî ñîõðàíåíû. Îáíîâèòü ñòðàíèöó?'; var dle_del_news = 'Óäàëèòü ñòàòüþ'; var allow_dle_delete_news = false; //--> </script>

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: thefashion.ru

Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 09 Jun 2014 12:39:06 GMT
Pragma: no-cache
Server: nginx/1.4.1
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=aj3jdnk9slu8u1o9jrdgcf3d20; path=/; domain=.thefashion.ru; HttpOnly
Set-Cookie: dle_user_id=deleted; expires=Sun, 09-Jun-2013 12:39:05 GMT; path=/; domain=.thefashion.ru; httponly
Set-Cookie: dle_password=deleted; expires=Sun, 09-Jun-2013 12:39:05 GMT; path=/; domain=.thefashion.ru; httponly
Set-Cookie: dle_hash=deleted; expires=Sun, 09-Jun-2013 12:39:05 GMT; path=/; domain=.thefashion.ru; httponly
X-Powered-By: PHP/5.2.11

Second query (visit from search engine):
GET / HTTP/1.1
Host: thefashion.ru
Referer: http://www.google.com/search?q=thefashion.ru

Result:
The result is similar to the first query. There are no suspicious redirects found.

Recently found suspicious websites

Malware Scanner report for thefashion.ru

Malware & Hack Repair

Website Hack Insurance

Safe Browsing / Blacklists

Scanned pages/files

Malicious Redirects

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools