Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=archikam.ru
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://archikam.ru/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://archikam.ru/ | 200 OK Content-Length: 20969 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.utm-plus.ru ...[24594 bytes skipped]... íîøåñòâà Íîâîóðàëüñêà</a> (<a href="http://www.child-library.ru" target="_blank">ñòàðûé ñàéò</a>); <a href="http://www.culture-ural.ru" target="_blank">Êóëüòóðà Íîâîóðàëüñêà</a>, <a href="http://www.ref-history.ru" target="_blank">Èñòîðèÿ Ðîññèéñêîé èìïåðèè</a>, <a href="http://www.eurosfera.ru/" target="_blank">ÇÀÎ ôèðìà ÅÂÐÎÑÔÅÐÀ — âîçäóõîâîäû, etc.</a>, <a href="http://www.utm-plus.ru" target="_blank">Êîìïàíèÿ Óðàë Òåõíîìàø - Ïëþñ — îáîðóäîâàíèå äëÿ ïòèöåâîäñòâà</a>, <a href="http://www.novouralsk-history.ru" target="_blank">Èñòîðèÿ ãîðîäà Íîâîóðàëüñêà</a>.</td> </tr> </table> </TD> </TR> </TABLE> </BODY> <script type="text/javascript"> var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); ...[316 bytes skipped]... | ||
http://static.dudamobile.com/DM_redirect.js | 200 OK Content-Length: 724 Content-Type: text/javascript | clean |
https://apis.google.com/js/plusone.js | 200 OK Content-Length: 11798 Content-Type: application/javascript | clean |
http://tools.spylog.ru/counter_cv.js | 200 OK Content-Length: 5066 Content-Type: application/x-javascript | clean |
http://archikam.ru/index.htm | 200 OK Content-Length: 20969 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: www.utm-plus.ru ...[24594 bytes skipped]... íîøåñòâà Íîâîóðàëüñêà</a> (<a href="http://www.child-library.ru" target="_blank">ñòàðûé ñàéò</a>); <a href="http://www.culture-ural.ru" target="_blank">Êóëüòóðà Íîâîóðàëüñêà</a>, <a href="http://www.ref-history.ru" target="_blank">Èñòîðèÿ Ðîññèéñêîé èìïåðèè</a>, <a href="http://www.eurosfera.ru/" target="_blank">ÇÀÎ ôèðìà ÅÂÐÎÑÔÅÐÀ — âîçäóõîâîäû, etc.</a>, <a href="http://www.utm-plus.ru" target="_blank">Êîìïàíèÿ Óðàë Òåõíîìàø - Ïëþñ — îáîðóäîâàíèå äëÿ ïòèöåâîäñòâà</a>, <a href="http://www.novouralsk-history.ru" target="_blank">Èñòîðèÿ ãîðîäà Íîâîóðàëüñêà</a>.</td> </tr> </table> </TD> </TR> </TABLE> </BODY> <script type="text/javascript"> var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); ...[316 bytes skipped]... | ||
http://archikam.ru/contacts.htm | 200 OK Content-Length: 13182 Content-Type: text/html | clean |
http://archikam.ru/mapsite.htm | 200 OK Content-Length: 11892 Content-Type: text/html | clean |
http://pagead2.googlesyndication.com/pagead/show_ads.js | 200 OK Content-Length: 21491 Content-Type: text/javascript | clean |
http://archikam.ru/decostone.htm | 200 OK Content-Length: 20152 Content-Type: text/html | clean |
http://archikam.ru/scripts/decostones.js | 200 OK Content-Length: 10476 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) <!-- function ShowDecoston30 () { var src; src='30.htm'; window.open(src,'decostone-30','toolbar=0,location=0,status=0,menubar=0,scrollbars=0,resizable=0,width=1200,height=737'); } function ShowDecoston31 () { var src; src='31.htm'; window.open(src,'decostone-31','toolbar=0,location=0,status=0,menubar=0,scrollbars=0,resizable=0,width=1200,height=737'); } function ShowDecoston32 () { Antivirus reports:
| ||
http://archikam.ru/decostone-wherebuy.htm | 200 OK Content-Length: 14845 Content-Type: text/html | clean |
http://archikam.ru/decostone-gallery.htm | 200 OK Content-Length: 19229 Content-Type: text/html | clean |
http://archikam.ru/decostone-instructions.htm | 200 OK Content-Length: 17374 Content-Type: text/html | clean |
http://archikam.ru/decostone-faq.htm | 200 OK Content-Length: 60982 Content-Type: text/html | clean |
http://archikam.ru/test404page.js | 404 Not Found Content-Length: 351 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: archikam.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 Jun 2014 14:40:07 GMT
Server: DataPalm/3.5
Content-Type: text/html
GET / HTTP/1.1
Host: archikam.ru
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 Jun 2014 14:40:07 GMT
Server: DataPalm/3.5
Content-Type: text/html
Second query (visit from search engine):
GET / HTTP/1.1
Host: archikam.ru
Referer: http://www.google.com/search?q=archikam.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: archikam.ru
Referer: http://www.google.com/search?q=archikam.ru
Result:
The result is similar to the first query. There are no suspicious redirects found.