Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=thefashion.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://thefashion.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://thefashion.ru/ | 200 OK Content-Length: 70081 Content-Type: text/html | suspicious |
Suspicious code found <!-- ßíäåêñ.Äèðåêò --> <script type="text/javascript"> //<![CDATA[ yandex_partner_id = 85484; yandex_site_bg_color = 'FFFFFF'; //ôîí ñàéòà, çàìåíèòå öâåò ïåðåìåííîé åñëè ñàéò èìååò òåìíûé ôîí yandex_ad_format = 'direct'; yandex_font_size = 1.1; //Ðàçìåð øðèôòà â áëîêå. Ïî æåëàíèþ ìîæíî óâåëè÷èòü èëè óìåíüøèòü yandex_direct_type = 'flat'; //Âèä áëîêà ïîä ñòàòüåé ëó÷øå âûáðàòü ïëîñêèé (flat) èëè ãîðèçîíòàëüíûé (horizontal) yandex_direct_limit = 2; //Ê yandex_direct_text_color = '000000'; //Öâåò òåêñòà îáúÿâëåíèé yandex_direct_hover_color = 'FF0000'; //Öâåò çàãîëîâêà îáúÿâëåíèé ïðè íàâåäåíèè êóðñîðà yandex_direct_favicon = true; //âêëþ÷àåì îòîáðàæåíèÿ ôàâèêîíîâ îáúÿâëåíèé yandex_no_sitelinks = true; //îòêëþ÷àåì áûñòðûå ññûëêè document.write('<sc'+'ript type="text/javascript" src="http://an.yandex.ru/system/context.js"></sc'+'ript>'); //]]> </script> | ||
http://thefashion.ru/engine/classes/min/index.php?charset=windows-1251&g=general&11 | 200 OK Content-Length: 192599 Content-Type: application/x-javascript | clean |
http://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js | 200 OK Content-Length: 17380 Content-Type: text/javascript | clean |
http://thefashion.ru/engine/editor/scripts/webfont.js | 200 OK Content-Length: 3019 Content-Type: application/x-javascript | clean |
http://thefashion.ru/templates/Gossip/js/carousel.js | 200 OK Content-Length: 881 Content-Type: application/javascript | clean |
http://thefashion.ru/rss.xml | 200 OK Content-Length: 11299 Content-Type: application/xml | clean |
http://thefashion.ru/uploads/posts/2014-06/1402312692_632582.jpg | 200 OK Content-Length: 59720 Content-Type: image/jpeg | clean |
http://thefashion.ru/test404page.js | 404 Not Found Content-Length: 282 Content-Type: text/html | clean |
http://thefashion.ru/uploads/posts/2014-06/1402296858_63.jpg | 200 OK Content-Length: 147219 Content-Type: image/jpeg | clean |
http://thefashion.ru/uploads/posts/2014-06/1402176586_63.jpg | 200 OK Content-Length: 18988 Content-Type: image/jpeg | clean |
http://thefashion.ru/uploads/posts/2014-06/1402054399_51.jpg | 200 OK Content-Length: 35928 Content-Type: image/jpeg | clean |
http://thefashion.ru/index.php?do=lostpassword | 200 OK Content-Length: 25848 Content-Type: text/html | suspicious |
Suspicious code found <div id="loading-layer" style="display:none">Çàãðóçêà. Ïîæàëóéñòà, ïîäîæäèòå...</div> <script type="text/javascript"> <!-- var dle_root = '/'; var dle_admin = ''; var dle_login_hash = ''; var dle_group = 5; var dle_skin = 'Gossip'; var dle_wysiwyg = '0'; var quick_wysiwyg = '1'; var dle_act_lang = ["Äà", "Íåò", "Ââîä", "Îòìåíà", "Ñîõðàíèòü", "Óäàëèòü"]; var menu_short = 'Áûñòðîå ðåäàêòèðîâàíèå'; var dle_big_text = 'Âûäåëåí ñëèøêîì áîëüøîé ó÷àñòîê òåêñòà.'; var dle_orfo_title = 'Óêàæèòå êîììåíòàðèé äëÿ àäìèíèñòðàöèè ê íàéäåííîé îøèáêå íà ñòðàíèöå'; var dle_p_send = 'Îòïðàâèòü'; var dle_p_send_ok = 'Óâåäîìëåíèå óñïåøíî îòïðàâëåíî'; var dle_save_ok = 'Èçìåíåíèÿ óñïåøíî ñîõðàíåíû. Îáíîâèòü ñòðàíèöó?'; var dle_del_news = 'Óäàëèòü ñòàòüþ'; var allow_dle_delete_news = false; //--> </script> | ||
http://thefashion.ru/index.php?do=register | 200 OK Content-Length: 27005 Content-Type: text/html | suspicious |
Suspicious code found <div id="loading-layer" style="display:none">Çàãðóçêà. Ïîæàëóéñòà, ïîäîæäèòå...</div> <script type="text/javascript"> <!-- var dle_root = '/'; var dle_admin = ''; var dle_login_hash = ''; var dle_group = 5; var dle_skin = 'Gossip'; var dle_wysiwyg = '0'; var quick_wysiwyg = '1'; var dle_act_lang = ["Äà", "Íåò", "Ââîä", "Îòìåíà", "Ñîõðàíèòü", "Óäàëèòü"]; var menu_short = 'Áûñòðîå ðåäàêòèðîâàíèå'; var dle_big_text = 'Âûäåëåí ñëèøêîì áîëüøîé ó÷àñòîê òåêñòà.'; var dle_orfo_title = 'Óêàæèòå êîììåíòàðèé äëÿ àäìèíèñòðàöèè ê íàéäåííîé îøèáêå íà ñòðàíèöå'; var dle_p_send = 'Îòïðàâèòü'; var dle_p_send_ok = 'Óâåäîìëåíèå óñïåøíî îòïðàâëåíî'; var dle_save_ok = 'Èçìåíåíèÿ óñïåøíî ñîõðàíåíû. Îáíîâèòü ñòðàíèöó?'; var dle_del_news = 'Óäàëèòü ñòàòüþ'; var allow_dle_delete_news = false; //--> </script> | ||
http://thefashion.ru/news/ | 200 OK Content-Length: 35662 Content-Type: text/html | suspicious |
Suspicious code found <div id="loading-layer" style="display:none">Çàãðóçêà. Ïîæàëóéñòà, ïîäîæäèòå...</div> <script type="text/javascript"> <!-- var dle_root = '/'; var dle_admin = ''; var dle_login_hash = ''; var dle_group = 5; var dle_skin = 'Gossip'; var dle_wysiwyg = '0'; var quick_wysiwyg = '1'; var dle_act_lang = ["Äà", "Íåò", "Ââîä", "Îòìåíà", "Ñîõðàíèòü", "Óäàëèòü"]; var menu_short = 'Áûñòðîå ðåäàêòèðîâàíèå'; var dle_big_text = 'Âûäåëåí ñëèøêîì áîëüøîé ó÷àñòîê òåêñòà.'; var dle_orfo_title = 'Óêàæèòå êîììåíòàðèé äëÿ àäìèíèñòðàöèè ê íàéäåííîé îøèáêå íà ñòðàíèöå'; var dle_p_send = 'Îòïðàâèòü'; var dle_p_send_ok = 'Óâåäîìëåíèå óñïåøíî îòïðàâëåíî'; var dle_save_ok = 'Èçìåíåíèÿ óñïåøíî ñîõðàíåíû. Îáíîâèòü ñòðàíèöó?'; var dle_del_news = 'Óäàëèòü ñòàòüþ'; var allow_dle_delete_news = false; //--> </script> | ||
http://thefashion.ru/collections/ | 200 OK Content-Length: 34559 Content-Type: text/html | suspicious |
Suspicious code found <div id="loading-layer" style="display:none">Çàãðóçêà. Ïîæàëóéñòà, ïîäîæäèòå...</div> <script type="text/javascript"> <!-- var dle_root = '/'; var dle_admin = ''; var dle_login_hash = ''; var dle_group = 5; var dle_skin = 'Gossip'; var dle_wysiwyg = '0'; var quick_wysiwyg = '1'; var dle_act_lang = ["Äà", "Íåò", "Ââîä", "Îòìåíà", "Ñîõðàíèòü", "Óäàëèòü"]; var menu_short = 'Áûñòðîå ðåäàêòèðîâàíèå'; var dle_big_text = 'Âûäåëåí ñëèøêîì áîëüøîé ó÷àñòîê òåêñòà.'; var dle_orfo_title = 'Óêàæèòå êîììåíòàðèé äëÿ àäìèíèñòðàöèè ê íàéäåííîé îøèáêå íà ñòðàíèöå'; var dle_p_send = 'Îòïðàâèòü'; var dle_p_send_ok = 'Óâåäîìëåíèå óñïåøíî îòïðàâëåíî'; var dle_save_ok = 'Èçìåíåíèÿ óñïåøíî ñîõðàíåíû. Îáíîâèòü ñòðàíèöó?'; var dle_del_news = 'Óäàëèòü ñòàòüþ'; var allow_dle_delete_news = false; //--> </script> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: thefashion.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 09 Jun 2014 12:39:06 GMT
Pragma: no-cache
Server: nginx/1.4.1
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=aj3jdnk9slu8u1o9jrdgcf3d20; path=/; domain=.thefashion.ru; HttpOnly
Set-Cookie: dle_user_id=deleted; expires=Sun, 09-Jun-2013 12:39:05 GMT; path=/; domain=.thefashion.ru; httponly
Set-Cookie: dle_password=deleted; expires=Sun, 09-Jun-2013 12:39:05 GMT; path=/; domain=.thefashion.ru; httponly
Set-Cookie: dle_hash=deleted; expires=Sun, 09-Jun-2013 12:39:05 GMT; path=/; domain=.thefashion.ru; httponly
X-Powered-By: PHP/5.2.11
GET / HTTP/1.1
Host: thefashion.ru
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 09 Jun 2014 12:39:06 GMT
Pragma: no-cache
Server: nginx/1.4.1
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=aj3jdnk9slu8u1o9jrdgcf3d20; path=/; domain=.thefashion.ru; HttpOnly
Set-Cookie: dle_user_id=deleted; expires=Sun, 09-Jun-2013 12:39:05 GMT; path=/; domain=.thefashion.ru; httponly
Set-Cookie: dle_password=deleted; expires=Sun, 09-Jun-2013 12:39:05 GMT; path=/; domain=.thefashion.ru; httponly
Set-Cookie: dle_hash=deleted; expires=Sun, 09-Jun-2013 12:39:05 GMT; path=/; domain=.thefashion.ru; httponly
X-Powered-By: PHP/5.2.11
Second query (visit from search engine):
GET / HTTP/1.1
Host: thefashion.ru
Referer: http://www.google.com/search?q=thefashion.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: thefashion.ru
Referer: http://www.google.com/search?q=thefashion.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.