Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://cs-progamer.ru/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: cs-progamer.ru Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Sun, 28 Sep 2014 10:20:47 GMT Location: http://tinyurl.com/cev9eda Server: nginx/1.4.4 Content-Length: 0 Content-Type: text/html; charset=CP1251 Set-Cookie: session_id=688d843596062406e58b1008952c7b77; path=/; httponly X-Powered-By: PHP/5.3.27 | malicious |
Scanned pages/files
Request | Server response | Status |
http://cs-progamer.ru/ | 200 OK Content-Length: 40543 Content-Type: text/html | clean |
http://cs-progamer.ru/jscripts/ips_ipsclass.js | 200 OK Content-Length: 6808 Content-Type: application/x-javascript | clean |
http://cs-progamer.ru/jscripts/ipb_global.js | 200 OK Content-Length: 17244 Content-Type: application/x-javascript | clean |
http://cs-progamer.ru/jscripts/ips_menu.js | 200 OK Content-Length: 6205 Content-Type: application/x-javascript | clean |
http://cs-progamer.ru/style_images/lifeslush1283451535/folder_js_skin/ips_menu_html.js | 200 OK Content-Length: 8292 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var css_mainwrap = 'popupmenu'; var css_menusep = 'popupmenu-item'; var css_menusep_last = 'popupmenu-item-last'; var img_item = "<img src='" + ipb_var_image_url + "/menu_item.gif' border='0' alt='V' style='vertical-align:middle' />"; var img_action = "<img src='" + ipb_var_image_url + "/menu_item2.gif' border='0' alt='V' />"; function make_image( img ) { return "<img src Antivirus reports:
| ||
http://cs-progamer.ru/cache/lang_cache/ru/lang_javascript.js | 200 OK Content-Length: 2568 Content-Type: application/x-javascript | clean |
http://cs-progamer.ru/jscripts/ips_xmlhttprequest.js | 200 OK Content-Length: 3619 Content-Type: application/x-javascript | clean |
http://cs-progamer.ru/jscripts/ipb_global_xmlenhanced.js | 200 OK Content-Length: 5981 Content-Type: application/x-javascript | clean |
http://cs-progamer.ru/jscripts/dom-drag.js | 200 OK Content-Length: 4105 Content-Type: application/x-javascript | clean |
http://cs-progamer.ru/jscripts/ipb_forum.js | 200 OK Content-Length: 11601 Content-Type: application/x-javascript | clean |
http://cs-progamer.ru/jscripts/ibs_live_stats.js | 200 OK Content-Length: 6738 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var _data = new Array(); function lbls_init() { var sd = new Date(lbls_start); var dn = new Date(); var nm = Math.floor((dn.getTime()-sd.getTime())/1000); _data['sec'] = nm%60; nm = Math.floor(nm/60); _data['min'] = nm%60; nm = Math.floor(nm/60); _data['hour'] = nm%24; nm = Math.floor(nm/24); if (nm >= 365) { _data['day'] = nm-365*Math.floor(nm/365); } else { _data['day'] = nm; } nm = Math.floo Antivirus reports:
| ||
http://cs-progamer.ru/index.php?s=cd6b8b321ce224693530439a581646a7&act=Login&CODE=00 | 200 OK Content-Length: 10673 Content-Type: text/html | clean |
http://cs-progamer.ru/index.php?s=cd6b8b321ce224693530439a581646a7&act=Reg&CODE=00 | 200 OK Content-Length: 9847 Content-Type: text/html | clean |
http://cs-progamer.ru/index.php?s=cd6b8b321ce224693530439a581646a7& | 200 OK Content-Length: 40543 Content-Type: text/html | clean |
http://cs-progamer.ru/index.php?s=cd6b8b321ce224693530439a581646a7&act=Members | 200 OK Content-Length: 74722 Content-Type: text/html | clean |
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=cs-progamer.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://cs-progamer.ru/
Result: cs-progamer.ru is not infected or malware details are not published yet.
Result: cs-progamer.ru is not infected or malware details are not published yet.